public IGlymaPermission CreateGlymaPermission(GlymaPermissionLevel permissionLevel) { IGlymaPermission permissionObject = null; switch (permissionLevel) { case GlymaPermissionLevel.GlymaSecurityManager: permissionObject = new GlymaSecurityManager(Context); break; case GlymaPermissionLevel.GlymaProjectManager: permissionObject = new GlymaProjectManager(Context); break; case GlymaPermissionLevel.GlymaMapManager: permissionObject = new GlymaMapManager(Context); break; case GlymaPermissionLevel.GlymaMapAuthor: permissionObject = new GlymaMapAuthor(Context); break; case GlymaPermissionLevel.GlymaMapReader: permissionObject = new GlymaMapReader(Context); break; } return(permissionObject); }
private bool IsUserAuthorized(GlymaPermissionLevel permissionLevel) { bool hasAccess = false; try { IGlymaPermission highestPermissionLevel = this.GetHighestPermissionLevel(); if (GlymaPermissionLevelHelper.IsPermissionGreaterOrEqual(highestPermissionLevel.PermissionLevel, permissionLevel)) { hasAccess = true; } } catch (Exception) { hasAccess = false; } return(hasAccess); }
/// <summary> /// Gets the highest permission level that a user has /// </summary> /// <param name="webUrl"></param> /// <returns></returns> public GetPermissionLevelResponse GetUsersPermissionLevel(string webUrl) { GetPermissionLevelResponse result = new GetPermissionLevelResponse() { HasError = false }; GlymaPermissionLevel permissionLevel = GlymaPermissionLevel.None; GetIsUserGlymaSecurityManagerResponse isSecurityManager = GetIsUserGlymaSecurityManager(webUrl); if (!isSecurityManager.HasError) { if (isSecurityManager.Result) { permissionLevel = GlymaPermissionLevel.GlymaSecurityManager; result.Result = permissionLevel; } else { try { SecurityContextManager context = new SecurityContextManager(webUrl); IGlymaPermission permission = context.CurrentUser.GetHighestPermissionLevel(); permissionLevel = permission.PermissionLevel; result.Result = permissionLevel; } catch (Exception e) { result.HasError = true; result.ErrorMessage = e.Message; } } } else { result.HasError = true; result.ErrorMessage = isSecurityManager.ErrorMessage; } return(result); }
/// </summary> /// <param name="webUrl">The URL for the SP site</param> /// <param name="securableObject">An object that contains the Parent and Object ID's /// SecurableParentUid: The ID of the securable parent (Guid.Empty for projects), /// SecurableObjectUid: The ID of the securable object (root map UID or project UID if securing a project)</param> /// <param name="checkProjectsChildren">If this is true when checking the access to a Project if there are any root maps under that project the user /// has access to it returns true for the project as well (only true for when working out the filtered lists)</param> /// <returns>True if the user belongs to a group that has access to the securable object</returns> internal GetCurrentUserAccessToObjectResponse GetCurrentUserAccessToObject(GlymaSecurableObject securableObject, bool checkProjectsChildren = false) { GetCurrentUserAccessToObjectResponse result = new GetCurrentUserAccessToObjectResponse() { HasError = false, HasAccess = false, HighestPermissionLevel = GlymaPermissionLevel.None }; try { using (SPSite site = new SPSite(Context.WebUrl)) { using (SPWeb currentWeb = site.OpenWeb()) { IGlymaPermission highestPermissionLevel = this.GetHighestPermissionLevel(); if (highestPermissionLevel.PermissionLevel == GlymaPermissionLevel.None) { result.HasAccess = false; result.HighestPermissionLevel = GlymaPermissionLevel.None; return(result); //an error occured so assume there is no access to the object } else { if (highestPermissionLevel.PermissionLevel == GlymaPermissionLevel.GlymaSecurityManager) { //The Glyma Security Manager permission exists for this user, they can access anything result.HasAccess = true; result.HighestPermissionLevel = GlymaPermissionLevel.GlymaSecurityManager; return(result); } } GetAllSecurityGroupsResponse allSPSecurityGroups = Context.GetAllGlymaSecurityGroups(); if (!allSPSecurityGroups.HasError) { //GlymaGroupCollection groups = new GlymaGroupCollection(allSPSecurityGroups.Result); GlymaSecurityGroupCollection groups = new GlymaSecurityGroupCollection(Context, allSPSecurityGroups.Result); //gets a sorted list of groups highest to lowest permission level IList <GlymaSecurityGroup> usersGlymaGroups = groups.GetUsersGroups(currentWeb, CurrentSPUser); SecurableContext securableContext = Context.GetSecurableContext(); //check each glyma group the person has associated with them for access to the maps foreach (GlymaSecurityGroup glymaGroup in usersGlymaGroups) { GlymaSecurityAssociationContext securityAssociation = new GlymaSecurityAssociationContext(Context, glymaGroup, securableObject); bool response = securityAssociation.HasAssociation(checkProjectsChildren); if (response) { result.HasAccess = response; result.HighestPermissionLevel = groups.GetGroupsPermissionLevel(glymaGroup); return(result); } } } } } } catch (Exception e) { result.HasError = true; result.ErrorMessage = "Failed to read the users current access to the object. " + e.Message; } return(result); //if it gets all the way to here it's the default no access response }