/// <summary>
/// Returns explicitly defined permissions for a user group for any number of nodes
/// </summary>
/// <param name="groupIds">
/// The group ids to lookup permissions for
/// </param>
/// <param name="entityIds"></param>
/// <returns></returns>
/// <remarks>
/// This method will not support passing in more than 2000 group IDs when also passing in entity IDs.
/// </remarks>
public EntityPermissionCollection GetPermissionsForEntities(int[] groupIds, params int[] entityIds)
{
var result = new EntityPermissionCollection();
if (entityIds.Length == 0)
{
foreach (IEnumerable <int> group in groupIds.InGroupsOf(Constants.Sql.MaxParameterCount))
{
Sql <ISqlContext> sql = Sql()
.SelectAll()
.From <UserGroup2NodeDto>()
.LeftJoin <UserGroup2NodePermissionDto>().On <UserGroup2NodeDto, UserGroup2NodePermissionDto>(
(left, right) => left.NodeId == right.NodeId && left.UserGroupId == right.UserGroupId)
.Where <UserGroup2NodeDto>(dto => group.Contains(dto.UserGroupId));
List <UserGroup2NodePermissionDto> permissions =
AmbientScope.Database.Fetch <UserGroup2NodePermissionDto>(sql);
foreach (EntityPermission permission in ConvertToPermissionList(permissions))
{
result.Add(permission);
}
}
}
else
{
foreach (IEnumerable <int> group in entityIds.InGroupsOf(Constants.Sql.MaxParameterCount -
groupIds.Length))
{
Sql <ISqlContext> sql = Sql()
.SelectAll()
.From <UserGroup2NodeDto>()
.LeftJoin <UserGroup2NodePermissionDto>().On <UserGroup2NodeDto, UserGroup2NodePermissionDto>(
(left, right) => left.NodeId == right.NodeId && left.UserGroupId == right.UserGroupId)
.Where <UserGroup2NodeDto>(dto =>
groupIds.Contains(dto.UserGroupId) && group.Contains(dto.NodeId));
List <UserGroup2NodePermissionDto> permissions =
AmbientScope.Database.Fetch <UserGroup2NodePermissionDto>(sql);
foreach (EntityPermission permission in ConvertToPermissionList(permissions))
{
result.Add(permission);
}
}
}
return(result);
}
/// <summary>
/// Returns explicitly defined permissions for a user group for any number of nodes
/// </summary>
/// <param name="groupIds">
/// The group ids to lookup permissions for
/// </param>
/// <param name="entityIds"></param>
/// <returns></returns>
/// <remarks>
/// This method will not support passing in more than 2000 group Ids
/// </remarks>
public EntityPermissionCollection GetPermissionsForEntities(int[] groupIds, params int[] entityIds)
{
var result = new EntityPermissionCollection();
foreach (var groupOfGroupIds in groupIds.InGroupsOf(2000))
{
//copy local
var localIds = groupOfGroupIds.ToArray();
if (entityIds.Length == 0)
{
var sql = Sql()
.SelectAll()
.From <UserGroup2NodePermissionDto>()
.Where <UserGroup2NodePermissionDto>(dto => localIds.Contains(dto.UserGroupId));
var permissions = AmbientScope.Database.Fetch <UserGroup2NodePermissionDto>(sql);
foreach (var permission in ConvertToPermissionList(permissions))
{
result.Add(permission);
}
}
else
{
//iterate in groups of 2000 since we don't want to exceed the max SQL param count
foreach (var groupOfEntityIds in entityIds.InGroupsOf(2000))
{
var ids = groupOfEntityIds;
var sql = Sql()
.SelectAll()
.From <UserGroup2NodePermissionDto>()
.Where <UserGroup2NodePermissionDto>(dto => localIds.Contains(dto.UserGroupId) && ids.Contains(dto.NodeId));
var permissions = AmbientScope.Database.Fetch <UserGroup2NodePermissionDto>(sql);
foreach (var permission in ConvertToPermissionList(permissions))
{
result.Add(permission);
}
}
}
}
return(result);
}
/// <summary>
/// Returns explicitly defined permissions for a user group for any number of nodes
/// </summary>
/// <param name="groupIds">
/// The group ids to lookup permissions for
/// </param>
/// <param name="entityIds"></param>
/// <returns></returns>
/// <remarks>
/// This method will not support passing in more than 2000 group IDs when also passing in entity IDs.
/// </remarks>
public EntityPermissionCollection GetPermissionsForEntities(int[] groupIds, params int[] entityIds)
{
var result = new EntityPermissionCollection();
if (entityIds.Length == 0)
{
foreach (var group in groupIds.InGroupsOf(Constants.Sql.MaxParameterCount))
{
var sql = Sql()
.SelectAll()
.From <UserGroup2NodePermissionDto>()
.Where <UserGroup2NodePermissionDto>(dto => group.Contains(dto.UserGroupId));
var permissions = AmbientScope.Database.Fetch <UserGroup2NodePermissionDto>(sql);
foreach (var permission in ConvertToPermissionList(permissions))
{
result.Add(permission);
}
}
}
else
{
foreach (var group in entityIds.InGroupsOf(Constants.Sql.MaxParameterCount - groupIds.Length))
{
var sql = Sql()
.SelectAll()
.From <UserGroup2NodePermissionDto>()
.Where <UserGroup2NodePermissionDto>(dto => groupIds.Contains(dto.UserGroupId) && group.Contains(dto.NodeId));
var permissions = AmbientScope.Database.Fetch <UserGroup2NodePermissionDto>(sql);
foreach (var permission in ConvertToPermissionList(permissions))
{
result.Add(permission);
}
}
}
return(result);
}
private static EntityPermissionCollection ConvertToPermissionList(IEnumerable <UserGroup2NodePermissionDto> result)
{
var permissions = new EntityPermissionCollection();
var nodePermissions = result.GroupBy(x => x.NodeId);
foreach (var np in nodePermissions)
{
var userGroupPermissions = np.GroupBy(x => x.UserGroupId);
foreach (var permission in userGroupPermissions)
{
var perms = permission.Select(x => x.Permission).Distinct().ToArray();
permissions.Add(new EntityPermission(permission.Key, np.Key, perms));
}
}
return(permissions);
}
/// <summary>
/// Gets explicit and default permissions (if requested) permissions for the group for specified entities
/// </summary>
/// <param name="groups"></param>
/// <param name="fallbackToDefaultPermissions">If true will include the group's default permissions if no permissions are explicitly assigned</param>
/// <param name="nodeIds">Array of entity Ids, if empty will return permissions for the group for all entities</param>
public EntityPermissionCollection GetPermissions(IReadOnlyUserGroup[] groups, bool fallbackToDefaultPermissions, params int[] nodeIds)
{
if (groups == null)
{
throw new ArgumentNullException(nameof(groups));
}
var groupIds = groups.Select(x => x.Id).ToArray();
var explicitPermissions = GetPermissions(groupIds, nodeIds);
var result = new EntityPermissionCollection(explicitPermissions);
// If requested, and no permissions are assigned to a particular node, then we will fill in those permissions with the group's defaults
if (fallbackToDefaultPermissions)
{
//if no node ids are passed in, then we need to determine the node ids for the explicit permissions set
nodeIds = nodeIds.Length == 0
? explicitPermissions.Select(x => x.EntityId).Distinct().ToArray()
: nodeIds;
//if there are still no nodeids we can just exit
if (nodeIds.Length == 0)
{
return(result);
}
foreach (var group in groups)
{
foreach (var nodeId in nodeIds)
{
// TODO: We could/should change the EntityPermissionsCollection into a KeyedCollection and they key could be
// a struct of the nodeid + groupid so then we don't actually allocate this class just to check if it's not
// going to be included in the result!
var defaultPermission = new EntityPermission(group.Id, nodeId, group.Permissions.ToArray(), isDefaultPermissions: true);
//Since this is a hashset, this will not add anything that already exists by group/node combination
result.Add(defaultPermission);
}
}
}
return(result);
}
private static EntityPermissionCollection ConvertToPermissionList(
IEnumerable <UserGroup2NodePermissionDto> result)
{
var permissions = new EntityPermissionCollection();
IEnumerable <IGrouping <int, UserGroup2NodePermissionDto> > nodePermissions = result.GroupBy(x => x.NodeId);
foreach (IGrouping <int, UserGroup2NodePermissionDto> np in nodePermissions)
{
IEnumerable <IGrouping <int, UserGroup2NodePermissionDto> > userGroupPermissions =
np.GroupBy(x => x.UserGroupId);
foreach (IGrouping <int, UserGroup2NodePermissionDto> permission in userGroupPermissions)
{
var perms = permission.Select(x => x.Permission).Distinct().ToArray();
// perms can contain null if there are no permissions assigned, but the node is chosen in the UI.
permissions.Add(new EntityPermission(permission.Key, np.Key, perms.WhereNotNull().ToArray()));
}
}
return(permissions);
}
