public void Update(EditContentPermissionViewModel model, IList <ContentItem> contentItems, bool writeToActivityStream)
{
foreach (var contentItem in contentItems)
{
var snapshot = this.activityStreamService.TakeSnapshot(contentItem);
var contentPermissionPart = contentItem.As <ContentItemPermissionPart>();
if (contentPermissionPart.Record.Items == null)
{
contentPermissionPart.Record.Items = new List <ContentItemPermissionDetailRecord>();
}
var allPermissionRecords = contentPermissionPart.Record.Items;
bool isAdmin = this.orchardServices.Authorizer.Authorize(Permissions.AdvancedOperatorPermission);
int userId = this.orchardServices.WorkContext.CurrentUser.Id;
var currentUserPermissions = isAdmin ? allPermissionRecords.ToList() : this.GetUserPermissionRecordsForItem(contentItem, userId).ToList();
var targets = model.Targets.Where(c => c.Checked).ToList();
bool hasAssignee = allPermissionRecords.Any(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee);
// if item has assignee and there are some permissions for the item, but none of them belongs to the user, then the user doesn't have access to the item
if (allPermissionRecords.Count > 0 && hasAssignee)
{
if (!isAdmin && currentUserPermissions.Count(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee ||
c.AccessType == ContentItemPermissionAccessTypes.SharedForEdit) == 0)
{
throw new Security.OrchardSecurityException(T("You don't have permission to change access to the contentItem"));
}
// only assignee can change the assignee
if (!isAdmin && currentUserPermissions.Count(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee) == 0 &&
model.AccessType == ContentItemPermissionAccessTypes.Assignee)
{
throw new Security.OrchardSecurityException(T("You don't have permission to change access to the contentItem"));
}
}
else
{
// if there is no permission for current user, then he/she must have a EditShare permission
if (model.Targets.Count(c => c.UserId == userId) == 0 &&
!allPermissionRecords.Any(c => c.User != null && c.User.Id == userId))
{
ContentItemPermissionDetailRecord newPermission = new ContentItemPermissionDetailRecord
{
AccessType = ContentItemPermissionAccessTypes.SharedForEdit,
ContentItemPermissionPartRecord = contentPermissionPart.Record,
User = new Users.Models.UserPartRecord {
Id = userId
}
};
contentPermissionPart.Record.Items.Add(newPermission);
this.Create(newPermission, contentItem, false);
}
}
foreach (var item in targets)
{
int?[] temp = new int?[] { item.BusinessUnitId, item.TeamId, item.UserId };
if (temp.Count(c => c.HasValue) != 1)
{
throw new Security.OrchardSecurityException(T("You don't have permission to change access to the contentItem"));
}
// try to find a permission with the same user, team and business values, if there is such permission, we
// must not create a new permission and we just have to change the AccessType of the exsiting one
var existingPermission = allPermissionRecords.FirstOrDefault(d =>
((item.TeamId == null && d.Team == null) || (item.TeamId.HasValue && d.Team != null && item.TeamId.Value == d.Team.Id)) &&
((item.BusinessUnitId == null && d.BusinessUnit == null) || (item.BusinessUnitId.HasValue && d.BusinessUnit != null && item.BusinessUnitId.Value == d.BusinessUnit.Id)) &&
((item.UserId == null && d.User == null) || (item.UserId.HasValue && d.User != null && item.UserId.Value == d.User.Id))
);
if (existingPermission != null)
{
existingPermission.AccessType = model.AccessType;
// we should remove the permission from currentUserPermissions in order to prevent it to be deleted
currentUserPermissions.Remove(existingPermission);
continue;
}
// setting the parent doesn't have been done.
ContentItemPermissionDetailRecord newPermission = new ContentItemPermissionDetailRecord {
AccessType = model.AccessType, ContentItemPermissionPartRecord = contentPermissionPart.Record
};
if (item.BusinessUnitId.HasValue)
{
var businessUnitRecord = this.basicDataService.GetBusinessUnits().Select(c => c.As <BusinessUnitPart>()).FirstOrDefault(c => c.Id == item.BusinessUnitId.Value);
if (businessUnitRecord != null)
{
newPermission.BusinessUnit = new BusinessUnitPartRecord {
Id = item.BusinessUnitId.Value, Name = businessUnitRecord.Name
};
}
}
if (item.TeamId.HasValue)
{
var teamRecord = this.basicDataService.GetTeams().Select(c => c.As <TeamPart>()).FirstOrDefault(c => c.Id == item.TeamId.Value);
if (teamRecord != null)
{
newPermission.Team = new TeamPartRecord {
Id = item.TeamId.Value, Name = teamRecord.Name
};
}
}
if (item.UserId.HasValue)
{
var userRecord = this.userRepository.Table.FirstOrDefault(c => c.Id == item.UserId.Value);
if (userRecord != null)
{
newPermission.User = new Users.Models.UserPartRecord {
Id = item.UserId.Value, UserName = userRecord.UserName, Email = userRecord.Email
};
}
}
contentPermissionPart.Record.Items.Add(newPermission);
this.Create(newPermission, contentItem, true);
}
if (model.AccessType == ContentItemPermissionAccessTypes.Assignee)
{
if (model.RemoveOldPermission)
{
// remove previous assignee and sharedForEdit permissions
foreach (var permission in currentUserPermissions.Where(c => c.AccessType != ContentItemPermissionAccessTypes.SharedForView))
{
contentPermissionPart.Record.Items.Remove(permission);
this.permissionDetailRecordRepository.Delete(permission);
}
}
else
{
foreach (var permission in currentUserPermissions.Where(c => c.AccessType == ContentItemPermissionAccessTypes.Assignee))
{
permission.AccessType = ContentItemPermissionAccessTypes.SharedForEdit;
}
}
}
contentPermissionPart.Record.HasOwner = contentPermissionPart
.Record
.Items
.Count(d =>
d.AccessType == ContentItemPermissionAccessTypes.Assignee &&
(d.User != null || d.Team != null || d.BusinessUnit != null)) > 0;
this.permissionDetailRecordRepository.Flush();
if (writeToActivityStream)
{
this.activityStreamService.WriteChangesToStreamActivity(contentItem, snapshot, StreamWriters.ContentItemPermissionStreamWriter);
}
}
}
public override IEnumerable <LocalizedString> Execute(WorkflowContext workflowContext, ActivityContext activityContext)
{
TicketPart ticketPart = workflowContext.Content.As <TicketPart>();
if (!workflowContext.Tokens.ContainsKey("Permission"))
{
this.Logger.Debug("There is no Permission among the tokens");
return(new[] { T("Failed") });
}
ContentItemPermissionDetailRecord permission = (ContentItemPermissionDetailRecord)workflowContext.Tokens["Permission"];
if (permission == null)
{
this.Logger.Debug("There is no Permission among the tokens");
return(new[] { T("Failed") });
}
if (ticketPart == null)
{
this.Logger.Debug("ContentItem mismatch: Expexting TicketPart");
return(new[] { T("Failed") });
}
// setup tokenizer
Dictionary <string, object> temp = new Dictionary <string, object>();
temp.Add(ActivityTokenProvider.PermissionDetailKey, permission);
var titlePart = ticketPart.As <TitlePart>();
if (titlePart != null)
{
temp.Add(ActivityTokenProvider.TitkeKey, titlePart);
}
CRMCommentPart commentPart = workflowContext.Content.As <CRMCommentPart>();
if (commentPart != null)
{
temp.Add(ActivityTokenProvider.CRMCommentKey, commentPart);
}
string emailTemplateIdString = activityContext.GetState <string>(EmailTemplateActivityForm.EmailTemplateIdFieldName);
int emailTemplateId;
if (!int.TryParse(emailTemplateIdString, out emailTemplateId))
{
this.Logger.Debug("There is no email Template for new Tickets");
return(new[] { T("Failed") });
}
var ticketEmailTemplate = this.emailTemplateRepository.Table.First(c => c.Id == emailTemplateId);
if (ticketEmailTemplate == null)
{
this.Logger.Debug("There is no email Template for new Tickets");
return(new[] { T("Failed") });
}
var queued = activityContext.GetState <bool>("Queued");
var priority = activityContext.GetState <int>("Priority");
var recipients = this.GetRecipients(permission);
foreach (var recipient in recipients.Where(c => !string.IsNullOrEmpty(c.Email)))
{
temp.Add(ActivityTokenProvider.UserKey, recipient);
string body = this.tokenizer.Replace(ticketEmailTemplate.Body, temp);
string subject = this.tokenizer.Replace(ticketEmailTemplate.Subject, temp);
this.SendEmail(subject, body, recipient.Email, queued, priority);
}
return(new[] { T("Done") });
}
private void SetPermissions(WorkflowContext workflowContext, ActivityContext activityContext, ContentItem ticket, TicketPart ticketPart)
{
// Permission
var contentPermissionPart = ticket.As <ContentItemPermissionPart>();
contentPermissionPart.Record.Ticket = ticketPart.Record;
// EditableBy
string editableBy = activityContext.GetState <string>("EditableBy");
List <UserPartRecord> users = new List <UserPartRecord>();
if (!string.IsNullOrEmpty(editableBy))
{
var usernames = editableBy.Split(',').Select(c => c.Trim().ToLower()).ToArray();
users = this.userRepository.Table.Where(c => usernames.Contains(c.UserName)).ToList();
// remove redundants
users = users.GroupBy(c => c.Id).Select(c => c.First()).ToList();
foreach (var user in users)
{
var permissionRecord = new ContentItemPermissionDetailRecord
{
AccessType = ContentItemPermissionAccessTypes.SharedForEdit,
User = new UserPartRecord {
Id = user.Id
},
ContentItemPermissionPartRecord = contentPermissionPart.Record
};
this.contentOwnershipHelper.Create(permissionRecord, ticket, false);
}
}
// businessUnit
string groupId = activityContext.GetState <string>("GroupId");
if (!string.IsNullOrEmpty(groupId))
{
var targetContentItemPermissionViewModel = Converter.DecodeGroupId(groupId);
if (targetContentItemPermissionViewModel.BusinessUnitId.HasValue)
{
var permissionRecord = new ContentItemPermissionDetailRecord
{
AccessType = ContentItemPermissionAccessTypes.Assignee,
BusinessUnit = new BusinessUnitPartRecord {
Id = targetContentItemPermissionViewModel.BusinessUnitId.Value
},
ContentItemPermissionPartRecord = contentPermissionPart.Record
};
this.contentOwnershipHelper.Create(permissionRecord, ticket, false);
contentPermissionPart.Record.HasOwner = true;
}
else if (targetContentItemPermissionViewModel.TeamId.HasValue)
{
var permissionRecord = new ContentItemPermissionDetailRecord
{
AccessType = ContentItemPermissionAccessTypes.Assignee,
Team = new TeamPartRecord {
Id = targetContentItemPermissionViewModel.TeamId.Value
},
ContentItemPermissionPartRecord = contentPermissionPart.Record
};
this.contentOwnershipHelper.Create(permissionRecord, ticket, false);
contentPermissionPart.Record.HasOwner = true;
}
}
else
{
// user
int?userId = GetValueFromActivityContext(activityContext, CreateTicketActivityForm.SelectedUserId);
if (userId != null && !users.Any(c => c.Id == userId.Value))
{
var permissionRecord = new ContentItemPermissionDetailRecord
{
AccessType = ContentItemPermissionAccessTypes.Assignee,
User = new UserPartRecord {
Id = userId.Value
},
ContentItemPermissionPartRecord = contentPermissionPart.Record
};
contentPermissionPart.Record.HasOwner = true;
this.contentOwnershipHelper.Create(permissionRecord, ticket, false);
}
}
}
