public ActionResult QualifyLead(EntityReference entityReference, bool createAccount, bool createContact, bool createOpportunity)
{
var portal = PortalCrmConfigurationManager.CreatePortalContext();
var context = portal.ServiceContext;
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
if (!crmEntityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Entity_Permissions_Have_Not_Been_Defined_Message")));
}
var lead = context.RetrieveSingle(entityReference.LogicalName,
FetchAttribute.None,
new Condition("leadid", ConditionOperator.Equal, entityReference.Id));
if (!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Write, lead) ||
!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Create, "contact") ||
!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Create, "account") ||
!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Create, "opportunity"))
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("DoNot_Have_Appropriate_Permissions")));
}
var adapter = new CoreDataAdapter(portal, context);
adapter.QualifyLead(entityReference, createAccount, createContact, createOpportunity, null, null);
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
public ActionResult GetNotes(EntityReference regarding, List <Order> orders, int page, int pageSize = DefaultPageSize)
{
string portalName = null;
var portalContext = PortalCrmConfigurationManager.CreatePortalContext();
var languageCodeSetting = portalContext.ServiceContext.GetSiteSettingValueByName(portalContext.Website, "Language Code");
if (!string.IsNullOrWhiteSpace(languageCodeSetting))
{
int languageCode;
if (int.TryParse(languageCodeSetting, out languageCode))
{
portalName = languageCode.ToString(CultureInfo.InvariantCulture);
}
}
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies(requestContext: Request.RequestContext, portalName: portalName);
var dataAdapter = new AnnotationDataAdapter(dataAdapterDependencies);
var entityMetadata = portalContext.ServiceContext.GetEntityMetadata(regarding.LogicalName, EntityFilters.All);
var result = dataAdapter.GetAnnotations(regarding, orders, page, pageSize, entityMetadata: entityMetadata);
var totalRecordCount = result.TotalCount;
var entityPermissionProvider = new CrmEntityPermissionProvider();
var crmLcid = HttpContext.GetCrmLcid();
var records = result.Select(r => new NoteRecord(r, dataAdapterDependencies, entityPermissionProvider, entityMetadata, true, crmLcid));
var data = new PaginatedGridData(records, totalRecordCount, page, pageSize);
return(new JsonResult {
Data = data, MaxJsonLength = int.MaxValue
});
}
private IQueryable <Entity> GetLookupRecords(string fetchXml, OrganizationServiceContext context)
{
var fetch = Fetch.Parse(fetchXml);
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
crmEntityPermissionProvider.TryApplyRecordLevelFiltersToFetch(context, CrmEntityPermissionRight.Read, fetch);
crmEntityPermissionProvider.TryApplyRecordLevelFiltersToFetch(context, CrmEntityPermissionRight.Append, fetch);
// Apply Content Access Level filtering
var contentAccessLevelProvider = new ContentAccessLevelProvider();
contentAccessLevelProvider.TryApplyRecordLevelFiltersToFetch(CrmEntityPermissionRight.Read, fetch);
// Apply Product filtering
var productAccessProvider = new ProductAccessProvider();
productAccessProvider.TryApplyRecordLevelFiltersToFetch(CrmEntityPermissionRight.Read, fetch);
var response = (RetrieveMultipleResponse)context.Execute(fetch.ToRetrieveMultipleRequest());
var data = response.EntityCollection;
if (data == null || data.Entities == null)
{
return(null);
}
return(data.Entities.AsQueryable());
}
public override void Render(Context context, TextWriter result)
{
IPortalLiquidContext portalLiquidContext;
if (!context.TryGetPortalLiquidContext(out portalLiquidContext))
{
return;
}
using (TextWriter xml = new StringWriter())
{
base.Render(context, xml);
var fetch = Fetch.Parse(xml.ToString());
var right = GetRight(context);
CrmEntityPermissionProvider.EntityPermissionRightResult permissionResult = new CrmEntityPermissionProvider()
.TryApplyRecordLevelFiltersToFetch(portalLiquidContext.PortalViewContext.CreateServiceContext(), right, fetch);
// Apply Content Access Level filtering
var contentAccessLevelProvider = new ContentAccessLevelProvider();
contentAccessLevelProvider.TryApplyRecordLevelFiltersToFetch(right, fetch);
// Apply Product filtering
var productAccessProvider = new ProductAccessProvider();
productAccessProvider.TryApplyRecordLevelFiltersToFetch(CrmEntityPermissionRight.Read, fetch);
context.Scopes.Last()[_variableName] = new FetchXmlQueryDrop(portalLiquidContext, fetch, permissionResult);
}
}
/// <summary>
/// Get the data for the chart by executing the <see cref="Query"/>. If <see cref="EntityPermissionsEnabled"/> then the <see cref="CrmEntityPermissionProvider"/> is used to apply filters and links to the <see cref="Query"/> to provide record level security filtering.
/// </summary>
/// <param name="serviceContext">The <see cref="OrganizationServiceContext"/> to be used to make the service call to retrieve the data.</param>
/// <returns>A collection of <see cref="Entity"/> records.</returns>
private IEnumerable <Entity> RetrieveData(OrganizationServiceContext serviceContext)
{
if (this.Query == null)
{
return(Enumerable.Empty <Entity>());
}
if (this.EntityPermissionsEnabled)
{
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
var result = crmEntityPermissionProvider.TryApplyRecordLevelFiltersToFetch(serviceContext, CrmEntityPermissionRight.Read, this.Query);
this.EntityPermissionDenied = !result.GlobalPermissionGranted && !result.PermissionGranted;
if (this.EntityPermissionDenied)
{
return(Enumerable.Empty <Entity>());
}
}
this.Query.NoLock = true;
var response = (RetrieveMultipleResponse)serviceContext.Execute(this.Query.ToRetrieveMultipleRequest());
var data = response.EntityCollection.Entities;
return(data);
}
public void DisableActionsBasedOnPermissions(OrganizationServiceContext context, string entityName, Guid entityId)
{
var entityMetadata = MetadataHelper.GetEntityMetadata(context, entityName);
var primaryKeyName = entityMetadata.PrimaryIdAttribute;
EnableActions = false;
if (!EnableEntityPermissions)
{
return;
}
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
var entity = context.CreateQuery(entityName).FirstOrDefault(e => e.GetAttributeValue <Guid>(primaryKeyName) == entityId);
if (entity == null)
{
EnableActions = false;
return;
}
DisableLinks(context, entityName, TopFormActionLinks, crmEntityPermissionProvider, entity);
DisableLinks(context, entityName, BottomFormActionLinks, crmEntityPermissionProvider, entity);
}
public ActionResult LoseOpportunity(EntityReference entityReference)
{
var portal = PortalCrmConfigurationManager.CreatePortalContext();
var serviceContext = portal.ServiceContext;
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Entity_Permissions_Have_Not_Been_Defined_Message")));
}
var entity = serviceContext.CreateQuery(entityReference.LogicalName).First(e => e.GetAttributeValue <Guid>("opportunityid") == entityReference.Id);
var test = entityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Write, entity);
if (!test)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("DoNot_Have_Appropriate_Permissions")));
}
var adapter = new CoreDataAdapter(portal, serviceContext);
adapter.LoseOpportunity(entityReference);
serviceContext.TryRemoveFromCache(entity);
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
public ActionResult CloseCase(EntityReference entityReference, string resolutionSubject, string resolutionDescription)
{
var portal = PortalCrmConfigurationManager.CreatePortalContext();
var context = portal.ServiceContext;
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Entity_Permissions_Have_Not_Been_Defined_Message")));
}
var entity = context.RetrieveSingle(entityReference.LogicalName,
FetchAttribute.None,
new Condition("incidentid", ConditionOperator.Equal, entityReference.Id));
var test = entityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Write, entity);
if (!test)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("DoNot_Have_Appropriate_Permissions")));
}
var adapter = new CoreDataAdapter(portal, context);
adapter.CloseIncident(entityReference, resolutionSubject, resolutionDescription);
if (FeatureCheckHelper.IsFeatureEnabled(FeatureNames.TelemetryFeatureUsage))
{
PortalFeatureTrace.TraceInstance.LogFeatureUsage(FeatureTraceCategory.Case, this.HttpContext, "close_incident", 1, entity.ToEntityReference(), "edit");
}
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
public ActionResult ConvertOrderToInvoice(EntityReference entityReference)
{
var portal = PortalCrmConfigurationManager.CreatePortalContext();
var context = portal.ServiceContext;
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
if (!crmEntityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Entity_Permissions_Have_Not_Been_Defined_Message")));
}
var salesorder = context.CreateQuery(entityReference.LogicalName).First(e => e.GetAttributeValue <Guid>("salesorderid") == entityReference.Id);
if (!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Write, salesorder) ||
!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Create, "invoice"))
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("DoNot_Have_Appropriate_Permissions")));
}
var adapter = new CoreDataAdapter(portal, context);
adapter.ConvertSalesOrderToInvoice(entityReference);
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
/// <summary>
/// Constructor
/// </summary>
public SubgridViewLayout(ViewConfiguration configuration, EntityReference source, Relationship relationship, string viewEntityLogicalName,
EntityView view = null, string portalName = null,
int languageCode = 0, bool addSelectColumn = false, bool addActionsColumn = false, string selectColumnHeaderText = "")
: base(configuration, view, portalName, languageCode, addSelectColumn, addActionsColumn, selectColumnHeaderText)
{
if (source == null)
{
throw new ArgumentNullException("source");
}
if (relationship == null)
{
throw new ArgumentNullException("relationship");
}
if (string.IsNullOrWhiteSpace(viewEntityLogicalName))
{
throw new ArgumentNullException("viewEntityLogicalName");
}
Source = source;
Relationship = relationship;
if ((configuration.EnableEntityPermissions && AdxstudioCrmConfigurationManager.GetCrmSection().ContentMap.Enabled) &&
configuration.AssociateActionLink.Enabled)
{
var serviceContext = PortalCrmConfigurationManager.CreateServiceContext(configuration.PortalName);
var crmEntityPermissionProvider = new CrmEntityPermissionProvider(configuration.PortalName);
configuration.AssociateActionLink.Enabled =
crmEntityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.AppendTo,
Retrieve(serviceContext, source)) &&
crmEntityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Append, viewEntityLogicalName);
}
}
public PortalCommentCreateResult(CrmEntityPermissionProvider provider, OrganizationServiceContext context, EntityReference regarding = null)
{
// To create and append a note to regarding object we need to test the following rights
CanCreate = provider.TryAssert(context, CrmEntityPermissionRight.Create, entityName, regarding);
CanAppend = provider.TryAssert(context, CrmEntityPermissionRight.Append, entityName, regarding);
CanAppendTo = provider.TryAssert(context, CrmEntityPermissionRight.AppendTo, regarding);
PermissionsExist = provider.PermissionsExist;
PermissionGranted = CanCreate && CanAppend && CanAppendTo;
}
public ISharePointResult AddFiles(EntityReference regarding, IList <HttpPostedFileBase> files, bool overwrite = true, string folderPath = null)
{
var context = _dependencies.GetServiceContextForWrite();
var entityPermissionProvider = new CrmEntityPermissionProvider();
var result = new SharePointResult(regarding, entityPermissionProvider, context);
if (files == null || !files.Any())
{
return(result);
}
var entityMetadata = context.GetEntityMetadata(regarding.LogicalName);
var entity = context.CreateQuery(regarding.LogicalName).First(e => e.GetAttributeValue <Guid>(entityMetadata.PrimaryIdAttribute) == regarding.Id);
// assert permission to create the sharepointdocumentlocation entity
if (!result.PermissionsExist || !result.CanCreate || !result.CanAppend || !result.CanAppendTo)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Create or Append document locations or AppendTo the regarding entity.");
return(result);
}
var spConnection = new SharePointConnection(SharePointConnectionStringName);
var spSite = context.GetSharePointSiteFromUrl(spConnection.Url);
var location = GetDocumentLocation(context, entity, entityMetadata, spSite);
// assert permission to write the sharepointdocumentlocation entity
if (!result.CanWrite)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Write document locations.");
return(result);
}
var factory = new ClientFactory();
using (var client = factory.CreateClientContext(spConnection))
{
// retrieve the SharePoint list and folder names for the document location
string listUrl, folderUrl;
context.GetDocumentLocationListAndFolder(location, out listUrl, out folderUrl);
var folder = client.AddOrGetExistingFolder(listUrl, folderUrl + folderPath);
foreach (var postedFile in files)
{
using (var file = postedFile.InputStream)
{
// upload a file to the folder
client.SaveFile(file, folder, Path.GetFileName(postedFile.FileName), overwrite);
}
}
}
return(result);
}
public AnnotationDeleteResult(IAnnotation note, CrmEntityPermissionProvider provider, OrganizationServiceContext context, EntityMetadata entityMetadata = null)
{
Annotation = note;
if (note.Entity == null)
{
return;
}
PermissionsExist = provider.PermissionsExist;
PermissionGranted = provider.TryAssert(context, CrmEntityPermissionRight.Delete, note.Entity, entityMetadata, regarding: note.Regarding);
}
/// <summary>
/// Indicates whether entity permissions permit the user to add notes to the target entity.
/// </summary>
protected virtual bool TryAssertAddNote(Guid regardingId)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("Start Assert Add Note Privilege on: {0} {1}", Metadata.TargetEntityName, regardingId));
if (!Metadata.FormView.EnableEntityPermissions)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. Entity Permissions have not been enabled.");
return(false);
}
var regarding = new EntityReference(Metadata.TargetEntityName, regardingId);
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies();
var serviceContext = dataAdapterDependencies.GetServiceContext();
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. Entity Permissions have not been defined. Your request could not be completed.");
return(false);
}
var entityType = IsTimeline ? "adx_portalcomment" : "annotation";
var entityMetadata = serviceContext.GetEntityMetadata(regarding.LogicalName, EntityFilters.All);
var primaryKeyName = entityMetadata.PrimaryIdAttribute;
var entity =
serviceContext.CreateQuery(regarding.LogicalName)
.First(e => e.GetAttributeValue <Guid>(primaryKeyName) == regarding.Id);
var canAppendTo = entityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.AppendTo, entity, entityMetadata);
var canCreate = entityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Create, entityType, regarding);
var canAppend = entityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Append, entityType, regarding);
if (canCreate & canAppend & canAppendTo)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("Add Note Permission Granted: {0} {1}", EntityNamePrivacy.GetEntityName(Metadata.TargetEntityName), regardingId));
return(true);
}
if (!canCreate)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Create notes.");
}
else if (!canAppendTo)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("Permission Denied. You do not have the appropriate Entity Permissions to Append To {0}.", EntityNamePrivacy.GetEntityName(entity.LogicalName)));
}
else
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Append notes.");
}
return(false);
}
public ISharePointResult AddFolder(EntityReference regarding, string name, string folderPath = null)
{
var context = _dependencies.GetServiceContextForWrite();
var entityPermissionProvider = new CrmEntityPermissionProvider();
var result = new SharePointResult(regarding, entityPermissionProvider, context);
if (string.IsNullOrWhiteSpace(name))
{
return(result);
}
// Throw exception if the name begins or ends with a dot, contains consecutive dots,
// or any of the following invalid characters ~ " # % & * : < > ? / \ { | }
if (Regex.IsMatch(name, @"(\.{2,})|([\~\""\#\%\&\*\:\<\>\?\/\\\{\|\}])|(^\.)|(\.$)"))
{
throw new Exception("The folder name contains invalid characters. Please use a different name. Valid folder names can't begin or end with a period, can't contain consecutive periods, and can't contain any of the following characters: ~ # % & * : < > ? / \\ { | }.");
}
var entityMetadata = context.GetEntityMetadata(regarding.LogicalName);
var entity = context.CreateQuery(regarding.LogicalName).First(e => e.GetAttributeValue <Guid>(entityMetadata.PrimaryIdAttribute) == regarding.Id);
// assert permission to create the sharepointdocumentlocation entity
if (!result.PermissionsExist || !result.CanCreate || !result.CanAppend || !result.CanAppendTo)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Create or Append document locations or AppendTo the regarding entity.");
return(result);
}
var spConnection = new SharePointConnection(SharePointConnectionStringName);
var spSite = context.GetSharePointSiteFromUrl(spConnection.Url);
var location = GetDocumentLocation(context, entity, entityMetadata, spSite);
// assert permission to write the sharepointdocumentlocation entity
if (!result.CanWrite)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Write document locations.");
return(result);
}
var factory = new ClientFactory();
using (var client = factory.CreateClientContext(spConnection))
{
// retrieve the SharePoint list and folder names for the document location
string listUrl, folderUrl;
context.GetDocumentLocationListAndFolder(location, out listUrl, out folderUrl);
client.AddOrGetExistingFolder(listUrl, "{0}{1}/{2}".FormatWith(folderUrl, folderPath, name));
}
return(result);
}
private bool ValidateEntityPermission(OrganizationServiceContext serviceContext, CrmEntitySearchResult result)
{
if (!AdxstudioCrmConfigurationManager.GetCrmSection().ContentMap.Enabled)
{
return(false);
}
var permissionResult = new CrmEntityPermissionProvider(PortalName).TryAssert(serviceContext, result.Entity);
return(permissionResult.RulesExist && permissionResult.CanRead);
}
protected virtual bool TryAssertByCrmEntityPermissionProvider(OrganizationServiceContext context, Entity entity)
{
if (!AdxstudioCrmConfigurationManager.GetCrmSection().ContentMap.Enabled)
{
return(false);
}
var crmEntityPermissionProvider = new CrmEntityPermissionProvider(PortalName);
return(crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Read, entity));
}
public ActivityRecord(IActivity activity, DataAdapterDependencies dataAdapterDependencies,
CrmEntityPermissionProvider provider, EntityMetadata entityMetadata = null, bool readGranted = false, int?crmLcid = null)
: base(
activity.Entity, dataAdapterDependencies.GetServiceContext(), provider, entityMetadata, readGranted,
activity.Regarding, crmLcid: crmLcid)
{
if (activity == null)
{
throw new ArgumentNullException("activity");
}
SetPropertyValues(activity, dataAdapterDependencies);
}
private static Entity GetDocumentLocation(OrganizationServiceContext context, Entity entity, string folderName)
{
var spConnection = new SharePointConnection("SharePoint");
var spSite = context.GetSharePointSiteFromUrl(spConnection.Url);
var entityPermissionProvider = new CrmEntityPermissionProvider();
var result = new SharePointResult(entity.ToEntityReference(), entityPermissionProvider, context);
if (!result.PermissionsExist || !result.CanCreate || !result.CanAppend || !result.CanAppendTo)
{
return(null);
}
return(context.AddOrGetExistingDocumentLocationAndSave <Entity>(spSite, entity, folderName));
}
public ActionResult GetActivities(EntityReference regarding, List <Order> orders, int page, int pageSize = DefaultPageSize)
{
var portalContext = PortalCrmConfigurationManager.CreatePortalContext();
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies(requestContext: Request.RequestContext);
var dataAdapter = new ActivityDataAdapter(dataAdapterDependencies);
var entityMetadata = portalContext.ServiceContext.GetEntityMetadata(regarding.LogicalName, EntityFilters.All);
var result = dataAdapter.GetActivities(regarding, orders, page, pageSize, entityMetadata);
var entityPermissionProvider = new CrmEntityPermissionProvider();
var crmLcid = HttpContext.GetCrmLcid();
var records = result.Select(r => new ActivityRecord(r, dataAdapterDependencies, entityPermissionProvider, entityMetadata, true, crmLcid)).ToArray();
var data = new PaginatedGridData(records, result.TotalCount, page, pageSize);
return(new JsonResult {
Data = data, MaxJsonLength = int.MaxValue
});
}
public ActionResult Associate(AssociateRequest request)
{
string portalName = null;
var portalContext = PortalCrmConfigurationManager.CreatePortalContext();
var languageCodeSetting = portalContext.ServiceContext.GetSiteSettingValueByName(portalContext.Website, "Language Code");
if (!string.IsNullOrWhiteSpace(languageCodeSetting))
{
int languageCode;
if (int.TryParse(languageCodeSetting, out languageCode))
{
portalName = languageCode.ToString(CultureInfo.InvariantCulture);
}
}
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies(requestContext: Request.RequestContext, portalName: portalName);
var serviceContext = dataAdapterDependencies.GetServiceContext();
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Entity_Permissions_Have_Not_Been_Defined_Message")));
}
var relatedEntities = request.RelatedEntities
.Where(e => entityPermissionProvider.TryAssertAssociation(serviceContext, request.Target, request.Relationship, e))
.ToArray();
if (!relatedEntities.Any())
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Missing_Permissions_For_Operation_Exception")));
}
relatedEntities = FilterAlreadyAssociated(serviceContext, request.Relationship, request.Target, relatedEntities);
var filtered = new AssociateRequest
{
Target = request.Target,
Relationship = request.Relationship,
RelatedEntities = new EntityReferenceCollection(relatedEntities)
};
serviceContext.Execute(filtered);
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
public ActionResult Delete(EntityReference entityReference)
{
string portalName = null;
var portalContext = PortalCrmConfigurationManager.CreatePortalContext();
var languageCodeSetting = portalContext.ServiceContext.GetSiteSettingValueByName(portalContext.Website, "Language Code");
if (!string.IsNullOrWhiteSpace(languageCodeSetting))
{
int languageCode;
if (int.TryParse(languageCodeSetting, out languageCode))
{
portalName = languageCode.ToString(CultureInfo.InvariantCulture);
}
}
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies(requestContext: Request.RequestContext, portalName: portalName);
var serviceContext = dataAdapterDependencies.GetServiceContext();
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("Entity_Permissions_Have_Not_Been_Defined_Message")));
}
var entityMetadata = serviceContext.GetEntityMetadata(entityReference.LogicalName, EntityFilters.All);
var primaryKeyName = entityMetadata.PrimaryIdAttribute;
var entity =
serviceContext.CreateQuery(entityReference.LogicalName)
.First(e => e.GetAttributeValue <Guid>(primaryKeyName) == entityReference.Id);
var test = entityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Delete, entity);
if (test)
{
using (PerformanceProfiler.Instance.StartMarker(PerformanceMarkerName.EntityGridController, PerformanceMarkerArea.Crm, PerformanceMarkerTagName.Delete))
{
serviceContext.DeleteObject(entity);
serviceContext.SaveChanges();
}
}
else
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("No_Permissions_To_Delete_This_Record")));
}
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
private static bool AddPermissionFilterToFetch(Fetch fetch, OrganizationServiceContext serviceContext, CrmEntityPermissionRight right)
{
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
var result = crmEntityPermissionProvider.TryApplyRecordLevelFiltersToFetch(serviceContext, right, fetch);
// Apply Content Access Level filtering
var contentAccessLevelProvider = new ContentAccessLevelProvider();
contentAccessLevelProvider.TryApplyRecordLevelFiltersToFetch(right, fetch);
// Apply Product filtering
var productAccessProvider = new ProductAccessProvider();
productAccessProvider.TryApplyRecordLevelFiltersToFetch(right, fetch);
return(result.GlobalPermissionGranted && result.PermissionGranted);
}
private Fetch CreateFetch(OrganizationServiceContext context,
string entityName,
string latitudeFieldName,
string longitudeFieldName)
{
var fetchIn = new Fetch
{
Entity = new FetchEntity
{
Name = entityName,
Filters = new List <AdxFilter>
{
new AdxFilter
{
Type = LogicalOperator.And,
Conditions = new[]
{
new Condition(latitudeFieldName, ConditionOperator.NotNull),
new Condition(longitudeFieldName, ConditionOperator.NotNull)
}
}
}
}
};
var permissionChecker = new CrmEntityPermissionProvider();
var permissionCheckResult = permissionChecker.TryApplyRecordLevelFiltersToFetch(context, CrmEntityPermissionRight.Read, fetchIn);
if (!permissionCheckResult.GlobalPermissionGranted && !permissionCheckResult.PermissionGranted)
{
return(null);
}
var contentAccessLevelProvider = new ContentAccessLevelProvider();
contentAccessLevelProvider.TryApplyRecordLevelFiltersToFetch(CrmEntityPermissionRight.Read, fetchIn);
var productAccessProvider = new ProductAccessProvider();
productAccessProvider.TryApplyRecordLevelFiltersToFetch(CrmEntityPermissionRight.Read, fetchIn);
return(fetchIn);
}
public ActionResult Disassociate(DisassociateRequest request)
{
string portalName = null;
var portalContext = PortalCrmConfigurationManager.CreatePortalContext();
var languageCodeSetting = portalContext.ServiceContext.GetSiteSettingValueByName(portalContext.Website, "Language Code");
if (!string.IsNullOrWhiteSpace(languageCodeSetting))
{
int languageCode;
if (int.TryParse(languageCodeSetting, out languageCode))
{
portalName = languageCode.ToString(CultureInfo.InvariantCulture);
}
}
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies(requestContext: Request.RequestContext, portalName: portalName);
var serviceContext = dataAdapterDependencies.GetServiceContext();
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, "Entity Permissions have not been defined. Your request could not be completed."));
}
var relatedEntities =
request.RelatedEntities.Where(
related => entityPermissionProvider.TryAssertAssociation(serviceContext, request.Target, request.Relationship, related)).ToList();
if (relatedEntities.Any())
{
var filtered = new DisassociateRequest {
Target = request.Target, Relationship = request.Relationship, RelatedEntities = new EntityReferenceCollection(relatedEntities)
};
serviceContext.Execute(filtered);
}
else
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, "Permission Denied. You do not have the appropriate Entity Permissions to disassociate the records."));
}
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
public ActionResult Delete(EntityReference entityReference)
{
string portalName = null;
var portalContext = PortalCrmConfigurationManager.CreatePortalContext();
var languageCodeSetting = portalContext.ServiceContext.GetSiteSettingValueByName(portalContext.Website, "Language Code");
if (!string.IsNullOrWhiteSpace(languageCodeSetting))
{
int languageCode;
if (int.TryParse(languageCodeSetting, out languageCode))
{
portalName = languageCode.ToString(CultureInfo.InvariantCulture);
}
}
var dataAdapterDependencies = new PortalConfigurationDataAdapterDependencies(requestContext: Request.RequestContext, portalName: portalName);
var serviceContext = dataAdapterDependencies.GetServiceContext();
var entityPermissionProvider = new CrmEntityPermissionProvider();
if (!entityPermissionProvider.PermissionsExist)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, "Entity Permissions have not been defined. Your request could not be completed."));
}
var entityMetadata = serviceContext.GetEntityMetadata(entityReference.LogicalName, EntityFilters.All);
var primaryKeyName = entityMetadata.PrimaryIdAttribute;
var entity =
serviceContext.CreateQuery(entityReference.LogicalName)
.First(e => e.GetAttributeValue <Guid>(primaryKeyName) == entityReference.Id);
var test = entityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Delete, entity);
if (test)
{
serviceContext.DeleteObject(entity);
serviceContext.SaveChanges();
}
else
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, "Permission Denied. You do not have the appropriate Entity Permissions to delete this record."));
}
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
protected virtual bool TryAssertByCrmEntityPermissionProvider(OrganizationServiceContext context, Entity entity, EntityReference regarding)
{
if (!AdxstudioCrmConfigurationManager.GetCrmSection().ContentMap.Enabled)
{
return(false);
}
var crmEntityPermissionProvider = new CrmEntityPermissionProvider(PortalName);
if (string.Equals(entity.LogicalName, "annotation", StringComparison.InvariantCulture) &&
regarding != null &&
string.Equals(regarding.LogicalName, "adx_portalcomment", StringComparison.InvariantCulture))
{
// If can read portal comment, bypass assertion check on notes and assume read permission.
return(TryAssertPortalCommentPermission(context, crmEntityPermissionProvider, CrmEntityPermissionRight.Read, regarding));
}
return(crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Read, entity, regarding: regarding));
}
/// <summary>
/// Evaluating whether user has create privilege or not
/// <param name="serviceContext">serviceContext</param>
/// <returns>True if user has create Privilege otherwise returns False</returns>
/// </summary>
protected bool EvaluateCreatePrivilege(OrganizationServiceContext serviceContext)
{
bool hasCreatePrivilege = false;
if (Metadata.LookupReferenceEntityFormId != null)
{
var entityForm = serviceContext.RetrieveSingle(
"adx_entityform",
new[] { "adx_entityname", "adx_mode" },
new[] {
new Condition("adx_entityformid", ConditionOperator.Equal, Metadata.LookupReferenceEntityFormId),
new Condition("statuscode", ConditionOperator.NotNull),
new Condition("statuscode", ConditionOperator.Equal, (int)Enums.EntityFormStatusCode.Active)
});
if (entityForm != null)
{
var entityLogicalName = entityForm.GetAttributeValue <string>("adx_entityname");
var mode = entityForm.GetAttributeValue <OptionSetValue>("adx_mode");
if ((mode.Value == (int)WebFormStepMode.Insert) && (Metadata.LookupTargets.Contains(entityLogicalName))) // Insert
{
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
hasCreatePrivilege = crmEntityPermissionProvider.TryAssert(serviceContext, CrmEntityPermissionRight.Create, entityLogicalName);
return(hasCreatePrivilege);
}
else
{
return(hasCreatePrivilege);
}
}
else
{
return(hasCreatePrivilege);
}
}
else
{
return(hasCreatePrivilege);
}
}
public ActionResult GenerateQuoteFromOpportunity(EntityReference entityReference)
{
var portal = PortalCrmConfigurationManager.CreatePortalContext();
var context = portal.ServiceContext;
var crmEntityPermissionProvider = new CrmEntityPermissionProvider();
var opportunity = context.CreateQuery(entityReference.LogicalName).First(e => e.GetAttributeValue <Guid>("opportunityid") == entityReference.Id);
if (!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Write, opportunity) ||
!crmEntityPermissionProvider.TryAssert(context, CrmEntityPermissionRight.Create, "quote"))
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, ResourceManager.GetString("DoNot_Have_Appropriate_Permissions")));
}
var adapter = new CoreDataAdapter(portal, context);
adapter.GenerateQuoteFromOpportunity(entityReference);
return(new HttpStatusCodeResult(HttpStatusCode.NoContent));
}
public ISharePointResult DeleteItem(EntityReference regarding, int id)
{
var context = _dependencies.GetServiceContextForWrite();
var entityPermissionProvider = new CrmEntityPermissionProvider();
var result = new SharePointResult(regarding, entityPermissionProvider, context);
// assert permission to delete the sharepointdocumentlocation entity
if (!result.PermissionsExist || !result.CanDelete)
{
ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Permission Denied. You do not have the appropriate Entity Permissions to Create or Append document locations or AppendTo the regarding entity.");
return(result);
}
var entityMetadata = context.GetEntityMetadata(regarding.LogicalName);
var entity = context.CreateQuery(regarding.LogicalName).First(e => e.GetAttributeValue <Guid>(entityMetadata.PrimaryIdAttribute) == regarding.Id);
var spConnection = new SharePointConnection(SharePointConnectionStringName);
var spSite = context.GetSharePointSiteFromUrl(spConnection.Url);
var location = GetDocumentLocation(context, entity, entityMetadata, spSite);
var factory = new ClientFactory();
using (var client = factory.CreateClientContext(spConnection))
{
// retrieve the SharePoint list and folder names for the document location
string listUrl, folderUrl;
context.GetDocumentLocationListAndFolder(location, out listUrl, out folderUrl);
var list = client.GetListByUrl(listUrl);
var item = list.GetItemById(id);
item.DeleteObject();
client.ExecuteQuery();
}
return(result);
}
