/// <summary>
/// Turns the on is inherited.
/// </summary>
public void TurnOnIsInherited()
{
using (IDataReader fileReader = DBDirectory.GetById(this.OwnerDirectoryId))
{
if (fileReader.Read())
{
int ParentDirectoryId = (int)fileReader["ParentDirectoryId"];
using (IDataReader aclReader = DBAccessControlList.GetAcl(ParentDirectoryId))
{
while (aclReader.Read())
{
this.Add(AccessControlEntry.InternalCreate((int)aclReader["AceId"],
true,
(string)SqlHelper.DBNull2Null(aclReader["role"]),
(int)SqlHelper.DBNull2Null(aclReader["principalId"], 0),
(string)SqlHelper.DBNull2Null(aclReader["action"]),
(bool)(((byte)SqlHelper.DBNull2Null(aclReader["allow"])) == 1),
false));
}
}
}
}
_isInherited = true;
SetChanged();
}
/// <summary>
/// Gets the ACL.
/// </summary>
/// <param name="DirectoryId">The directory id.</param>
/// <returns></returns>
public static AccessControlList GetACL(int DirectoryId)
{
using (IDataReader reader = DBAccessControlList.GetAcl(DirectoryId))
{
AccessControlList retVal = new AccessControlList(reader);
return(retVal);
}
}
/// <summary>
/// Sets the ACL.
/// </summary>
/// <param name="control">The control.</param>
/// <param name="acl">The acl.</param>
/// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
public static void SetACL(IIbnControl control, AccessControlList acl)
{
if (control == null)
{
throw new ArgumentNullException("control");
}
if (acl == null)
{
throw new ArgumentNullException("acl");
}
if (acl.OwnerDirectoryId == 0)
{
throw new ArgumentException("You can not use a dettached ACL.", "acl");
}
using (DBTransaction tran = DBHelper2.DBHelper.BeginTransaction())
{
// Step 2. Update Inherited ACEs
if (acl.IsInheritedChanged)
{
if (acl.IsInherited)
{
DBAccessControlList.TurnOnIsInherited(acl.Id);
}
else
{
DBAccessControlList.TurnOffIsInherited(acl.Id, false);
}
}
// Step 3. Update Common ACEs
if (acl.IsChanged)
{
DBAccessControlList.Clear(acl.Id);
foreach (AccessControlEntry ace in acl)
{
if (!ace.IsIherited)
{
DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, ace.Action, ace.Allow, false);
if (ace.Allow)
{
foreach (string BaseAction in control.GetBaseActions(ace.Action))
{
DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
}
}
else
{
foreach (string BaseAction in control.GetDerivedActions(ace.Action))
{
DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
}
}
}
}
}
// Step 4. Update child ACL
DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);
tran.Commit();
}
}
