/// <summary> /// Loads the anonymous user session data. /// </summary> public static void LoadAnonymousSessionData() { ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(0); // 0 is the the Anonymous userID. // add user forums rights to the session object AddForumsActionRights(forumActionRights); }
/// <summary> /// Retrieves an entitycollection with all the forum-actionright-role combinations currently defined for the role specified for the given forum /// </summary> /// <param name="roleID">The role which forum action rights should be retrieved.</param> /// <param name="forumID">The forum ID.</param> /// <returns>filled entity collection /// </returns> public static ForumRoleForumActionRightCollection GetForumActionRightRolesFoForumRole(int roleID, int forumID) { ForumRoleForumActionRightCollection toReturn = new ForumRoleForumActionRightCollection(); toReturn.GetMulti((ForumRoleForumActionRightFields.RoleID == roleID).And(ForumRoleForumActionRightFields.ForumID == forumID)); return(toReturn); }
/// <summary> /// Loads the user and his rights and audits to the session object. /// </summary> /// <param name="user">The user to be added to the session.</param> public static void LoadUserSessionData(UserEntity user) { // Adds the user object to session AddUserObject(user); ActionRightCollection systemActionRights = SecurityGuiHelper.GetSystemActionRightsForUser(user.UserID); // add user system rights to the session object AddSystemActionRights(systemActionRights); AuditActionCollection auditActions = SecurityGuiHelper.GetAuditActionsForUser(user.UserID); // add user audit actions to the session object AddAuditActions(auditActions); ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(user.UserID); // add user forums rights to the session object AddForumsActionRights(forumActionRights); // set the last visit date. if ((user.UserID > 0) && (user.LastVisitedDate.HasValue)) { SessionAdapter.AddLastVisitDate(user.LastVisitedDate.Value, true); } else { SessionAdapter.AddLastVisitDate(DateTime.Now, true); } }
/// <summary> /// Adds the forums action rights collection to the session. /// If the object already exists, it is overwritten with the new value. /// The user can be in various Roles. Each role has 0 or more actionrights assigned to it for each forum. An action right which can be applied to /// a forum can be for example 'access forum'. These relations are stored in TF_ForumRoleForumActionRight. The user's session object /// keeps a list of forum - actionrights tuples so the system can quickly check if the user has a given action right assigned to it for a given forum. /// It does that by storing for each actionrightID a list of forumIDs the user has that actionrightID applied to it. /// To check if a user then for example has the access forum right for a given forum is easy: if the /// user has the access forum right assigned to it via a role, is the forum in the list of forums? if not, the user doesn't have the right for the /// forum, otherwise s/he has the right. /// This routine reads forum - actionrights combinations and stores them in the dictionary /// forumsActionRightsInSession, which is stored in the user's Session object under 'forumsActionRights' /// which keeps per ActionRightID a list of ForumIDs. /// Since in general the number of Action Rights will be less than the number of forums, we decided to group forum IDs per each action right. /// An example: A "Power User" Role, has "Access Forum" Action right for the followoing Forums: 1,3,4 and 8, then in the collection of the /// action right 'Access forum', the ForumIDs 1, 3, 4, and 8 are placed. /// </summary> /// <param name="forumsActionRights">The action rights.</param> private static void AddForumsActionRights(ForumRoleForumActionRightCollection forumsActionRights) { // create a dictionary that will be stored in the session Dictionary <int, List <int> > forumsActionRightsInSession = new Dictionary <int, List <int> >(); // For each forumActionRight returned from the database, which contains a forum-actionright combination, we store it in the structure // for forum-actionrights, if it's not already present. We only store ActionRightIDs and ForumIDs, as the forum code uses these ids to check if a user // has a given action right for a given forum, which are also numbers, and storing entities wouldn't make much sense in this case, as it would only // increase memory usage. foreach (ForumRoleForumActionRightEntity forumActionRight in forumsActionRights) { List <int> forumIDs; // check if the dictionary already contains a KeyValuePair with the specified ActionRightID key if (!forumsActionRightsInSession.TryGetValue(forumActionRight.ActionRightID, out forumIDs)) { // if not then add a a KeyValuePair to the dictionary with the specified ActionRightID key forumIDs = new List <int>(); forumsActionRightsInSession.Add(forumActionRight.ActionRightID, forumIDs); } // Check if the List of forum IDs associated with the specified Action Right ID already contains the forumID if (!forumIDs.Contains(forumActionRight.ForumID)) { // the list does not contain the forumID -> Add the forumID to the List of forum IDs. forumIDs.Add(forumActionRight.ForumID); } } //Adds a new item to the session-state collection. //If the name parameter refers to an existing session state item, the existing item is overwritten with the specified value. HttpContext.Current.Session.Add("forumsActionRights", forumsActionRightsInSession); }
/// <summary> /// Reads all actionrights for the current selected forum and shows these settings in the form /// </summary> private void ReflectCurrentActionRights() { ForumRoleForumActionRightCollection actionRights = SecurityGuiHelper.GetForumActionRightRolesFoForumRole(_roleID, _forumID); foreach (ForumRoleForumActionRightEntity currentEntity in actionRights) { cblForumRights.Items.FindByValue(currentEntity.ActionRightID.ToString()).Selected = true; } }
/// <summary> /// Deletes the given role from the system. /// </summary> /// <param name="roleID">ID of role to delete</param> /// <returns>true if succeeded, false otherwise</returns> public static bool DeleteRole(int roleID) { RoleEntity toDelete = SecurityGuiHelper.GetRole(roleID); if (toDelete == null) { // not found return(false); } Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteRole"); try { // remove the role - forum - action right entities ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection(); trans.Add(forumRoleActionRights); forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.RoleID == roleID); // Remove role-audit action entities RoleAuditActionCollection roleAuditActions = new RoleAuditActionCollection(); trans.Add(roleAuditActions); roleAuditActions.DeleteMulti(RoleAuditActionFields.RoleID == roleID); // remove Role - systemright entities RoleSystemActionRightCollection roleSystemRights = new RoleSystemActionRightCollection(); trans.Add(roleSystemRights); roleSystemRights.DeleteMulti(RoleSystemActionRightFields.RoleID == roleID); // remove Role - user entities RoleUserCollection roleUsers = new RoleUserCollection(); trans.Add(roleUsers); roleUsers.DeleteMulti(RoleUserFields.RoleID == roleID); // delete the actual role trans.Add(toDelete); toDelete.Delete(); trans.Commit(); return(true); } catch { // error occured, rollback trans.Rollback(); throw; } finally { trans.Dispose(); } }
/// <summary> /// Gets the Forum action rights for user. /// </summary> /// <param name="userID">The user ID.</param> /// <returns>fetched collection</returns> public static ForumRoleForumActionRightCollection GetForumsActionRightsForUser(int userID) { ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection(); // the subquery in the filter requires joins as the filter's subquery has to filter on fields in related entities: // WHERE RoleID IN (SELECT RoleID FROM Role INNER JOIN RoleUser ... WHERE RoleUser.UserID=userID) RelationCollection relations = new RelationCollection(); relations.Add(RoleEntity.Relations.RoleUserEntityUsingRoleID); PredicateExpression filter = new PredicateExpression(); filter.Add(new FieldCompareSetPredicate(ForumRoleForumActionRightFields.RoleID, RoleFields.RoleID, SetOperator.In, (RoleUserFields.UserID == userID), relations)); forumRoleActionRights.GetMulti(filter); return(forumRoleActionRights); }
/// <summary> /// Saves the given set of actionrights as the set of forum action rights for the given forum / role combination. /// It first removes all current action rights for that combination. /// </summary> /// <param name="actionRightIDs">List of actionrights to set of this role</param> /// <param name="roleID">Role to use</param> /// <param name="forumID">Forum to use</param> /// <returns>true if succeeded, false otherwise</returns> public static bool SaveForumActionRightsForForumRole(List <int> actionRightIDs, int roleID, int forumID) { ForumRoleForumActionRightCollection forumRightsPerRole = new ForumRoleForumActionRightCollection(); Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "SaveForumActionRights"); // add this collection to the transaction so all actions executed through this collection will be inside the transaction trans.Add(forumRightsPerRole); try { // first remove the existing rows for the role forumRightsPerRole.DeleteMulti((ForumRoleForumActionRightFields.RoleID == roleID).And(ForumRoleForumActionRightFields.ForumID == forumID)); // THEN add new ones foreach (int actionRightID in actionRightIDs) { ForumRoleForumActionRightEntity newForumRightPerRole = new ForumRoleForumActionRightEntity(); newForumRightPerRole.ActionRightID = actionRightID; newForumRightPerRole.ForumID = forumID; newForumRightPerRole.RoleID = roleID; forumRightsPerRole.Add(newForumRightPerRole); } // save the new entities forumRightsPerRole.SaveMulti(); // all done, commit transaction trans.Commit(); return(true); } catch { // failed, rollback transaction trans.Rollback(); throw; } finally { trans.Dispose(); } }
/// <summary> /// Deletes the given forum from the system, including <b>all</b> threads in this forum and messages in those threads. /// </summary> /// <param name="forumID">Forum ID.</param> /// <returns>True if succeeded, false otherwise</returns> public static bool DeleteForum(int forumID) { // first all threads in this forum have to be removed, then this forum should be removed. Do this in one transaction. Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteForum"); try { PredicateExpression forumFilter = new PredicateExpression(); forumFilter.Add((ForumFields.ForumID == forumID)); // remove all threads in this forum ThreadManager.DeleteAllThreadsInForum(forumID, trans); // remove all ForumRoleForumActionRight entities for this forum ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection(); trans.Add(forumRoleActionRights); forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.ForumID == forumID); // remove the forum entity. do this by executing a direct delete statement on the database ForumCollection forums = new ForumCollection(); trans.Add(forums); forums.DeleteMulti(forumFilter); trans.Commit(); return(true); } catch { // exception occured, rollback trans.Rollback(); throw; } finally { trans.Dispose(); } }
/// <summary> /// Deletes the given forum from the system, including <b>all</b> threads in this forum and messages in those threads. /// </summary> /// <param name="forumID">Forum ID.</param> /// <returns>True if succeeded, false otherwise</returns> public static bool DeleteForum(int forumID) { // first all threads in this forum have to be removed, then this forum should be removed. Do this in one transaction. Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteForum"); try { PredicateExpression forumFilter = new PredicateExpression(); forumFilter.Add((ForumFields.ForumID == forumID)); // remove all threads in this forum ThreadManager.DeleteAllThreadsInForum(forumID, trans); // remove all ForumRoleForumActionRight entities for this forum ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection(); trans.Add(forumRoleActionRights); forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.ForumID == forumID); // remove the forum entity. do this by executing a direct delete statement on the database ForumCollection forums = new ForumCollection(); trans.Add(forums); forums.DeleteMulti(forumFilter); trans.Commit(); return true; } catch { // exception occured, rollback trans.Rollback(); throw; } finally { trans.Dispose(); } }
/// <summary> /// Saves the given set of actionrights as the set of forum action rights for the given forum / role combination. /// It first removes all current action rights for that combination. /// </summary> /// <param name="actionRightIDs">List of actionrights to set of this role</param> /// <param name="roleID">Role to use</param> /// <param name="forumID">Forum to use</param> /// <returns>true if succeeded, false otherwise</returns> public static bool SaveForumActionRightsForForumRole(List<int> actionRightIDs, int roleID, int forumID) { ForumRoleForumActionRightCollection forumRightsPerRole = new ForumRoleForumActionRightCollection(); Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "SaveForumActionRights"); // add this collection to the transaction so all actions executed through this collection will be inside the transaction trans.Add(forumRightsPerRole); try { // first remove the existing rows for the role forumRightsPerRole.DeleteMulti((ForumRoleForumActionRightFields.RoleID == roleID).And(ForumRoleForumActionRightFields.ForumID == forumID)); // THEN add new ones foreach(int actionRightID in actionRightIDs) { ForumRoleForumActionRightEntity newForumRightPerRole = new ForumRoleForumActionRightEntity(); newForumRightPerRole.ActionRightID = actionRightID; newForumRightPerRole.ForumID = forumID; newForumRightPerRole.RoleID = roleID; forumRightsPerRole.Add(newForumRightPerRole); } // save the new entities forumRightsPerRole.SaveMulti(); // all done, commit transaction trans.Commit(); return true; } catch { // failed, rollback transaction trans.Rollback(); throw; } finally { trans.Dispose(); } }
/// <summary> /// Deletes the given role from the system. /// </summary> /// <param name="roleID">ID of role to delete</param> /// <returns>true if succeeded, false otherwise</returns> public static bool DeleteRole(int roleID) { RoleEntity toDelete = SecurityGuiHelper.GetRole(roleID); if(toDelete == null) { // not found return false; } Transaction trans = new Transaction(IsolationLevel.ReadCommitted, "DeleteRole"); try { // remove the role - forum - action right entities ForumRoleForumActionRightCollection forumRoleActionRights = new ForumRoleForumActionRightCollection(); trans.Add(forumRoleActionRights); forumRoleActionRights.DeleteMulti(ForumRoleForumActionRightFields.RoleID == roleID); // Remove role-audit action entities RoleAuditActionCollection roleAuditActions = new RoleAuditActionCollection(); trans.Add(roleAuditActions); roleAuditActions.DeleteMulti(RoleAuditActionFields.RoleID == roleID); // remove Role - systemright entities RoleSystemActionRightCollection roleSystemRights = new RoleSystemActionRightCollection(); trans.Add(roleSystemRights); roleSystemRights.DeleteMulti(RoleSystemActionRightFields.RoleID == roleID); // remove Role - user entities RoleUserCollection roleUsers = new RoleUserCollection(); trans.Add(roleUsers); roleUsers.DeleteMulti(RoleUserFields.RoleID == roleID); // delete the actual role trans.Add(toDelete); toDelete.Delete(); trans.Commit(); return true; } catch { // error occured, rollback trans.Rollback(); throw; } finally { trans.Dispose(); } }