public IActionResult List()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.扩展管理.广告管理.列表);
if (!IsPermission(funcId))
{
return(ToPermission(funcId));
}
string startTime = GetQueryString("datemin");
string endTime = GetQueryString("datemax");
string state = GetQueryString("state");
string keyword = GetQueryString("keyword");
ViewData["DateMin"] = startTime;
ViewData["DateMax"] = endTime;
ViewData["State"] = state;
ViewData["Keyword"] = keyword;
int total = 100;
List <Extend_Advertisement> lists = new List <Extend_Advertisement>();
string strKeyword = string.Format("{0}{1}", startTime, keyword);
if (string.IsNullOrWhiteSpace(strKeyword))
{
lists = AdvertisementService.GetAdvertisementTop(SystemID, CompanyID, total);
}
else
{
lists = AdvertisementService.SearchAdvertisement(SystemID, CompanyID, startTime, endTime, state, keyword, total);
}
ViewData["Count"] = AdvertisementService.CountAdvertisement(SystemID, CompanyID);
return(View(lists));
}
catch (Exception ex)
{
return(ToError(ex.Message));
}
}
public IActionResult List()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.管理员管理.角色管理.列表);
if (!IsPermission(funcId))
{
return(ToPermission(funcId));
}
string startTime = GetQueryString("datemin");
string endTime = GetQueryString("datemax");
string keyword = GetQueryString("keyword");
ViewBag.datemin = startTime;
ViewBag.datemax = endTime;
ViewBag.keyword = keyword;
int pageId = 1;
int pageSize = 100;
if (string.IsNullOrWhiteSpace(keyword) && string.IsNullOrWhiteSpace(startTime))
{
int totalNum = 0;
var list = RoleService.GetRolePagingPro(SystemID, CompanyID, pageId, pageSize, out totalNum);
ViewBag.Count = totalNum;
return(View(list));
}
else
{
var list = RoleService.SearchRolePro(SystemID, CompanyID, startTime, endTime, keyword);
ViewBag.Count = list.Count();
return(View(list));
}
}
catch (Exception ex)
{
return(ToError(ex.Message));
}
}
public IActionResult List()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.会员管理.等级管理.列表);
if (!IsPermission(funcId))
{
return(ToPermission(funcId));
}
string startTime = GetQueryString("datemin");
string endTime = GetQueryString("datemax");
string keyword = GetQueryString("keyword");
ViewBag.datemin = startTime;
ViewBag.datemax = endTime;
ViewBag.keyword = keyword;
int pageId = 1;
int pageSize = 100;
int rowCount = 0;
List <Ld_Member_Rank> lists = new List <Ld_Member_Rank>();
string strKeyword = string.Format("", startTime, keyword);
if (string.IsNullOrWhiteSpace(strKeyword))
{
lists = RankService.GetRankPagingPro(SystemID, CompanyID, pageId, pageSize, out rowCount);
}
else
{
lists = RankService.SearchRankPro(SystemID, CompanyID, startTime, endTime, keyword);
}
int totalNum = rowCount > 0 ? rowCount : lists == null ? 0 : lists.Count();
ViewBag.Count = totalNum;
return(View(lists));
}
catch (Exception ex)
{
return(ToError(ex.Message));
}
}
public JsonResult DeleteBatch(string[] arrId)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.公司管理.员工管理.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
if (arrId.Length == 0)
{
return(Error("请选择删除ID!"));
}
List <object> lists = new List <object>();
foreach (var item in arrId)
{
string staffId = item;
if (staffId != StaffID)
{
try
{
bool result = StaffService.DeleteStaffPro(SystemID, CompanyID, staffId);
lists.Add(new { staff_id = staffId, result, message = "ok" });
}
catch (Exception ex)
{
lists.Add(new { staff_id = staffId, result = false, message = ex.Message });
}
}
}
return(Success("成功!", lists));
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public JsonResult DeleteBatch(string[] arrId)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.公司管理.网点管理.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
if (arrId.Length == 0)
{
return(Error("请选择删除ID!"));
}
List <object> lists = new List <object>();
foreach (var item in arrId)
{
string storeId = item;
try
{
var entity = StoreService.GetStorePro(SystemID, CompanyID, storeId);
bool result = StoreService.DeleteStorePro(SystemID, CompanyID, storeId);
TableOperationManager.Delete(entity, result);
lists.Add(new { store_id = storeId, result, message = "ok" });
}
catch (Exception ex)
{
lists.Add(new { store_id = storeId, result = false, message = ex.Message });
}
}
return(Success("成功!", lists));
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public IActionResult List()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.系统管理.系统日志.列表);
if (!IsPermission(funcId))
{
return(ToPermission(funcId));
}
string startTime = GetQueryString("datemin");
string endTime = GetQueryString("datemax");
string clientId = GetQueryString("clientId");
string keyword = GetQueryString("keyword");
ViewBag.DateMin = startTime;
ViewBag.DateMax = endTime;
ViewBag.ClientID = clientId;
ViewBag.Keyword = keyword;
int totalNum = 0;
List <Ld_Log_LoginRecord> lists = new List <Ld_Log_LoginRecord>();
if (string.IsNullOrWhiteSpace(keyword) && string.IsNullOrWhiteSpace(startTime))
{
lists = LoginRecordService.GetLoginRecordPaging(SystemID, CompanyID, 1, 100, out totalNum);
}
else
{
lists = LoginRecordService.SearchLoginRecord(SystemID, CompanyID, startTime, endTime, clientId, keyword);
totalNum = lists.Count();
}
ViewBag.Count = totalNum;
return(View(lists));
}
catch (Exception ex)
{
return(ToError(ex.Message));
}
}
public JsonResult Delete(string staffId)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.公司管理.员工管理.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = StaffService.DeleteStaffPro(SystemID, CompanyID, staffId);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public JsonResult UpdateState(string classId, bool state)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.栏目管理.栏目分类.审核);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = ClassService.UpdateClassState(SystemID, CompanyID, classId, state);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public JsonResult Delete(long id)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.扩展管理.搜索管理.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = SearchKeywordService.DeleteSearchKeyword(id);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public JsonResult UpdateDelete(string memberId, bool delete)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.会员管理.会员资料.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = AccountService.UpdateAccountDeletePro(SystemID, CompanyID, memberId, delete);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public IActionResult DeleteAll()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.系统管理.系统日志.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
bool result = LoginRecordService.DeleteLoginRecordAll(SystemID, CompanyID);
if (result)
{
return(Success("成功!"));
}
else
{
return(Error("失败!"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public IActionResult List()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.公司管理.部门管理.列表);
if (!IsPermission(funcId))
{
return(ToPermission(funcId));
}
string startTime = GetQueryString("datemin");
string endTime = GetQueryString("datemax");
string keyword = GetQueryString("keyword");
ViewBag.datemin = startTime;
ViewBag.datemax = endTime;
ViewBag.keyword = keyword;
string departmentId = "0";
string state = "";
List <Institution_Department> lists = new List <Institution_Department>();
if (string.IsNullOrWhiteSpace(keyword) && string.IsNullOrWhiteSpace(startTime))
{
lists = DepartmentService.GetDepartmentByNodePathPro(SystemID, CompanyID, departmentId, state);
}
else
{
lists = DepartmentService.SearchDepartmentPro(SystemID, CompanyID, startTime, endTime, keyword);
}
int totalNum = lists == null ? 0 : lists.Count();
ViewBag.Count = totalNum;
return(View(lists));
}
catch (Exception ex)
{
return(ToError(ex.Message));
}
}
public JsonResult Delete(string categoryId)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.公告管理.类别管理.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = NoticeCategoryService.DeleteNoticeCategory(SystemID, CompanyID, categoryId);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public JsonResult Delete(string webHost)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.接口管理.接口设置.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = AccessCorsHostService.DeleteAccessCorsHostPro(SystemID, webHost);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public JsonResult Delete(string articeId)
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.内容管理.回收站.除);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
var result = ArticeService.DeleteArtice(SystemID, CompanyID, articeId);
if (result)
{
return(Success("ok"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
/// <summary>
/// Edits wallet access right
/// </summary>
/// <param name="id">ID of edited wallet access right</param>
/// <param name="permission">New permission for wallet access right</param>
/// <param name="userId">ID of new user for wallet access right</param>
/// <returns></returns>
public async Task EditWalletAccessRight(Guid id, PermissionEnum permission, Guid userId)
{
var walletAccessRight = await this.GetWalletAccessRightById(id);
walletAccessRight.UserProfile = await this.GetUserProfileById(userId);
walletAccessRight.Permission = permission;
this.Validate(walletAccessRight);
await this._wallets.AddOrUpdateAsync(walletAccessRight);
}
/// <summary>
/// Initializes a new instance of the <see cref="OBWriteInternationalScheduledConsentResponse5Data" /> class.
/// </summary>
/// <param name="consentId">OB: Unique identification as assigned by the ASPSP to uniquely identify the consent resource. (required).</param>
/// <param name="creationDateTime">Date and time at which the resource was created.All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00 (required).</param>
/// <param name="status">Specifies the status of consent resource in code form. (required).</param>
/// <param name="statusUpdateDateTime">Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00 (required).</param>
/// <param name="permission">Specifies the Open Banking service request types. (required).</param>
/// <param name="readRefundAccount">Specifies to share the refund account details with PISP.</param>
/// <param name="cutOffDateTime">Specified cut-off date and time for the payment consent.All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00.</param>
/// <param name="expectedExecutionDateTime">Expected execution date and time for the payment resource.All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00.</param>
/// <param name="expectedSettlementDateTime">Expected settlement date and time for the payment resource.All dates in the JSON payloads are represented in ISO 8601 date-time format. All date-time fields in responses must include the timezone. An example is below: 2017-04-05T10:43:07+00:00.</param>
/// <param name="charges">charges.</param>
/// <param name="exchangeRateInformation">exchangeRateInformation.</param>
/// <param name="initiation">initiation (required).</param>
/// <param name="authorisation">authorisation.</param>
/// <param name="sCASupportData">sCASupportData.</param>
public OBWriteInternationalScheduledConsentResponse5Data(string consentId = default(string), DateTimeOffset creationDateTime = default(DateTimeOffset), StatusEnum status = default(StatusEnum), DateTimeOffset statusUpdateDateTime = default(DateTimeOffset), PermissionEnum permission = default(PermissionEnum), ReadRefundAccountEnum?readRefundAccount = default(ReadRefundAccountEnum?), DateTimeOffset cutOffDateTime = default(DateTimeOffset), DateTimeOffset expectedExecutionDateTime = default(DateTimeOffset), DateTimeOffset expectedSettlementDateTime = default(DateTimeOffset), List <OBWriteDomesticConsentResponse4DataCharges> charges = default(List <OBWriteDomesticConsentResponse4DataCharges>), OBWriteInternationalConsentResponse5DataExchangeRateInformation exchangeRateInformation = default(OBWriteInternationalConsentResponse5DataExchangeRateInformation), OBWriteInternationalScheduled3DataInitiation initiation = default(OBWriteInternationalScheduled3DataInitiation), OBWriteDomesticConsent4DataAuthorisation authorisation = default(OBWriteDomesticConsent4DataAuthorisation), OBWriteDomesticConsent4DataSCASupportData sCASupportData = default(OBWriteDomesticConsent4DataSCASupportData))
{
// to ensure "consentId" is required (not null)
this.ConsentId = consentId ?? throw new ArgumentNullException("consentId is a required property for OBWriteInternationalScheduledConsentResponse5Data and cannot be null");
this.CreationDateTime = creationDateTime;
this.Status = status;
this.StatusUpdateDateTime = statusUpdateDateTime;
this.Permission = permission;
// to ensure "initiation" is required (not null)
this.Initiation = initiation ?? throw new ArgumentNullException("initiation is a required property for OBWriteInternationalScheduledConsentResponse5Data and cannot be null");
this.ReadRefundAccount = readRefundAccount;
this.CutOffDateTime = cutOffDateTime;
this.ExpectedExecutionDateTime = expectedExecutionDateTime;
this.ExpectedSettlementDateTime = expectedSettlementDateTime;
this.Charges = charges;
this.ExchangeRateInformation = exchangeRateInformation;
this.Authorisation = authorisation;
this.SCASupportData = sCASupportData;
}
public static bool HasPermission(this ClaimsPrincipal user, PermissionEnum permission)
{
return(user.HasClaim(ClaimTypes.Role, EnumUtils.GetEnumDescription(permission)));
}
public JsonResult Update()
{
try
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.系统管理.系统设置.编辑);
if (!IsPermission(funcId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
string title = GetFormValue("title");
string keyword = GetFormValue("keyword");
string description = GetFormValue("description");
string homeUrl = GetFormValue("homeUrl");
string styleSrc = GetFormValue("styleSrc");
string uploadRoot = GetFormValue("uploadRoot");
string copyright = GetFormValue("copyright");
string icpNumber = GetFormValue("icpNumber");
string statisticsCode = GetFormValue("statisticsCode");
string loginIpAddressWhiteList = GetFormValue("loginIpAddressWhiteList");
string maxLoginFail = GetFormValue("maxLoginFail");
string isLoginIpAddress = GetFormValue("isLoginIpAddress");
string emailSendPattern = GetFormValue("emailSendPattern");
string emailHost = GetFormValue("emailHost");
string emailPort = GetFormValue("emailPort");
string emailName = GetFormValue("emailName");
string emailPassword = GetFormValue("emailPassword");
string emailAddress = GetFormValue("emailAddress");
bool isLogin = isLoginIpAddress.Split(",")[0].ToBool();
Ld_Sys_Config entity = new Ld_Sys_Config();
entity.SystemID = SystemID;
entity.CompanyID = CompanyID;
entity.Title = title;
entity.Keyword = keyword;
entity.Description = description;
entity.HomeUrl = homeUrl;
entity.StyleSrc = styleSrc;
entity.UploadRoot = uploadRoot;
entity.Copyright = copyright;
entity.IcpNumber = icpNumber;
entity.StatisticsCode = statisticsCode;
entity.LoginIpAddressWhiteList = loginIpAddressWhiteList;
entity.MaxLoginFail = maxLoginFail.ToInt();
entity.IsLoginIpAddress = isLogin;
entity.EmailSendPattern = emailSendPattern;
entity.EmailHost = emailHost;
entity.EmailPort = emailPort.ToInt();
entity.EmailName = emailName;
entity.EmailPassword = emailPassword;
entity.EmailAddress = emailAddress;
entity.CreateDate = DateTime.Now;
var m = ConfigService.GetConfigPro(SystemID, CompanyID);
if (m == null)
{
return(Error("公司编号不存在!"));
}
long operationId = 0;
TableOperationManager.Update(m, entity.ToJson(), out operationId);
bool result = ConfigService.UpdateConfigPro(entity);
TableOperationManager.SetState(operationId, result);
if (result)
{
return(Success("成功!"));
}
else
{
return(Error("失败!"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
public BlogAuthorizeAttribute(PermissionEnum permission)
: base()
{
Roles = permission.ToString();
}
public void GrantUserPermission(int userId, PermissionEnum permission)
{
var dbUser = BlogDb.Users.FirstOrDefault(a => a.UserId == userId);
if (dbUser == null)
{
return;
}
var dbPermission = BlogDb.Permissions.FirstOrDefault(a => a.Name == permission.ToString());
if (!dbUser.UserPermissions.Any(a => a.PermissionId == dbPermission.PermissionId))
{
BlogDb.UserPermissions.InsertOnSubmit(new UserPermission
{
PermissionId = dbPermission.PermissionId,
UserId = dbUser.UserId
});
BlogDb.SubmitChanges();
}
}
private Permission(BaseEntity entity)
{
this.entity = entity;
this.value = PermissionEnum.EmptyMask;
}
public PtmsAuthorize(PermissionEnum permission)
{
Roles = PermissionHelper.GetRolesString(permission);
}
public PermissionBasedRequirement(PermissionEnum permission)
{
Permission = permission;
}
public PermissionAuthorizeAttribute(PermissionEnum permission)
{
Policy = permission + "Policy";
}
public JsonResult Save(string staffId)
{
try
{
if (!IsSavePermission(staffId))
{
return(Error("您没有操作权限,请联系系统管理员!"));
}
string fStaffId = GetFormValue("fStaffId");
string fRoleId = GetFormValue("fRoleId");
string fRemark = GetFormValue("fRemark");
string fState = GetFormValue("fState");
if (string.IsNullOrWhiteSpace(fStaffId))
{
return(Error("员工工号不能为空!"));
}
if (string.IsNullOrWhiteSpace(fRoleId))
{
return(Error("角色编号不能为空!"));
}
string remark = Utility.Left(fRemark, 200);
bool state = fState.ToBool();
if (!string.IsNullOrEmpty(staffId))
{
var entity = OperatorService.GetOperatorPro(SystemID, CompanyID, staffId);
if (entity != null)
{
string funcId = PermissionEnum.CodeFormat((int)PermissionEnum.管理员管理.操作员管理.变更角色);
if (!IsPermission(funcId))
{
fRoleId = entity.RoleID;
}
}
}
var result = false;
if (string.IsNullOrEmpty(staffId))
{
result = OperatorService.SaveOperatorPro(SystemID, CompanyID, fStaffId, fRoleId, remark, state);
}
else
{
result = OperatorService.UpdateOperatorPro(SystemID, CompanyID, staffId, fRoleId, remark, state);
}
if (result)
{
return(Success("成功"));
}
else
{
return(Error("fail"));
}
}
catch (Exception ex)
{
return(Error(ex.Message));
}
}
/// <summary>
/// Creates new access budget right
/// </summary>
/// <param name="budgetId">ID of a budget</param>
/// <param name="assignedUserId">Assigned user's ID</param>
/// <param name="permission">Permission for right</param>
/// <returns>False if user has already accessright to this budget or when adding failed. True otherwise.</returns>
public async Task<bool> CreateBudgetAccessRight(Guid budgetId, Guid assignedUserId, PermissionEnum permission)
{
// create budget access right only if it isn't already present
bool budgetAccessRightExists = await _db.BudgetAccessRights.Where(b => b.Budget.Guid == budgetId && b.UserProfile.Guid == assignedUserId).CountAsync() > 0;
if (budgetAccessRightExists)
{
return false;
}
// find budget by its Id
var budget = await this.GetBudgetById(budgetId);
// finding creator by his ID
var assignedUser = this.GetAccessRightsCreator(assignedUserId);
var budgetAccessRight = new BudgetAccessRight
{
Budget = budget,
Permission = permission,
UserProfile = assignedUser
};
this.Validate(budgetAccessRight);
// creating new budget access right
return await this._db.AddOrUpdateAsync(budgetAccessRight);
}
public AuthoriseOrchardAttribute(PermissionEnum permissions)
{
_permissions = permissions;
}
public Permission(PermissionEnum pEnum) => Id = pEnum;
/// <summary>指定对控制器或操作方法的访问只限于满足授权要求的用户</summary>
/// <param name="Ignore">是否忽略验证</param>
public IsMatchAuthorizeAttribute(PermissionEnum permission)
{
Permission = permission;
}
/// <summary>
/// Edits budget access right
/// </summary>
/// <param name="budgetAccessRightId">ID of changed access right</param>
/// <param name="permission">New permission</param>
/// <param name="userProfileId">New ID of a user</param>
/// <returns></returns>
public async Task EditBudgetAccessRight(Guid budgetAccessRightId, PermissionEnum permission, Guid userProfileId)
{
var accessRightToEdit = await this.GetBudgetAccessRightById(budgetAccessRightId);
accessRightToEdit.Permission = permission;
accessRightToEdit.UserProfile = await this.GetUserProfileById(userProfileId);
this.Validate(accessRightToEdit);
await this._db.AddOrUpdateAsync(accessRightToEdit);
}
public async Task <bool> UserHasPermissionAsync(Guid userId, Guid orgId, PermissionEnum perm) => await _permRepo.UserHasPermissionAsync(userId, orgId, perm);
public bool HasPermission(PermissionEnum perm)
{
return(Permissions.Any(p => p.Id == (int)perm));
}
private bool CheckUserRolePermission(PermissionEnum permission)
{
return(_httpContextAccessor.HttpContext.CheckPermission(_permissionModul, permission));
}
private Permission(BaseEntity entity)
{
this.entity = entity;
this.value = PermissionEnum.EmptyMask;
}
/// <summary>
/// Be sure that the specified internal object matches the read permissions of the supplied user object
/// </summary>
/// <param name="uoId"></param>
/// <param name="acl"></param>
/// <param name="internalObjectNameToMatch"></param>
/// <returns></returns>
public static bool AssignMatchingReadAccess(
int uoId,
AccessControlList acl,
string internalObjectNameToMatch)
{
AccessControlList acl2;
UserObjectType uoType;
int uoId2;
if (!acl.IsShared)
{
return(false); // source object not shared
}
string objName = internalObjectNameToMatch;
if (!UserObject.ParseObjectTypeAndIdFromInternalName(objName, out uoType, out uoId2))
{
DebugLog.Message("Can't parse object name: " + objName);
return(false);
}
UserObject uo2 = UserObjectDao.ReadHeader(uoId2);
if (uo2 == null)
{
DebugLog.Message("Can't read object: " + internalObjectNameToMatch + ", " + uoId2);
return(false);
}
acl2 = AccessControlList.Deserialize(uo2);
if (acl.IsPublic)
{
if (acl2.IsPublic)
{
return(false);
}
}
// check if list of readers matches
bool modified = false;
foreach (AclItem item in acl.Items)
{
if (!item.ReadIsAllowed)
{
continue;
}
PermissionEnum permissions = acl2.GetUserPermissions(item.AssignedTo); // get permissions for corresponding user/group for obj2
if (!Permissions.ReadIsAllowed(permissions)) // add read if doesn't have
{
if (item.IsPublic)
{
acl2.AddPublicReadItem();
}
else
{
acl2.AddReadUserItem(item.AssignedTo);
}
modified = true;
}
}
if (modified) // update in db if modified
{
DebugLog.Message("AssignMatchingReadAccess: " + uoId + ", " + objName); // debug
acl2.Serialize(uo2);
UserObjectDao.UpdateHeader(uo2, false, false);
return(true);
}
else
{
return(false);
}
}
public AuthorizeAttribute(PermissionEnum item)
: base(typeof(AuthorizeActionFilter))
{
Arguments = new object[] { item };
}
