public RestrictedActionAttribute(
     PermissionResourceTypeEnum resourceType,
     PermissionActionEnum action,
     bool childAction = false)
 {
     _permissionSettingIdentity = PermissionSettingIdentity.Of(action, resourceType);
     _childAction = childAction;
 }
 public bool ValidatePermission(IPublishedContent content)
 {
     if (content.DocumentTypeAlias == GroupsCreatePage)
     {
         var hasPermission = _permissionsService.Check(PermissionSettingIdentity.Of(PermissionActionEnum.Create, PermissionResourceType));
         return(hasPermission);
     }
     return(true);
 }
        public bool CanPerform(GroupModel group, Enum action, Enum administrationAction)
        {
            var currentMember = _intranetMemberService.GetCurrentMember();
            var ownerId       = group.CreatorId;
            var isOwner       = ownerId == currentMember.Id;

            var act    = isOwner ? action : administrationAction;
            var result = _permissionsService.Check(currentMember, PermissionSettingIdentity.Of(act, PermissionResourceType));

            return(result);
        }
Exemple #4
0
        private static PermissionUpdateModel CreatePermission(
            IntranetMemberGroup group,
            Resource resource,
            PermissionActionEnum action,
            bool allowed = true, bool enabled = true)
        {
            var identity = PermissionSettingIdentity.Of(action, resource);
            var settings = PermissionSettingValues.Of(allowed, enabled);

            return(PermissionUpdateModel.Of(group, settings, identity));
        }
        public RestrictedActionAttribute(int resourceType, int action, bool childAction = false)
        {
            var permissionActionTypeProvider   = DependencyResolver.Current.GetService <IPermissionActionTypeProvider>();
            var permissionResourceTypeProvider = DependencyResolver.Current.GetService <IPermissionResourceTypeProvider>();

            _permissionSettingIdentity = PermissionSettingIdentity.Of(
                permissionActionTypeProvider[action],
                permissionResourceTypeProvider[resourceType]);

            _childAction = childAction;
        }
Exemple #6
0
        protected virtual bool CanPerform(IIntranetActivity activity, PermissionActionEnum action, PermissionActionEnum administrationAction)
        {
            var currentMember = _intranetMemberService.GetCurrentMember();
            var ownerId       = ((IHaveOwner)activity).OwnerId;
            var isOwner       = ownerId == currentMember.Id;

            var act    = isOwner ? action : administrationAction;
            var result = _permissionsService.Check(currentMember, PermissionSettingIdentity.Of(act, PermissionActivityType));

            return(result);
        }
        public static IEnumerable <PermissionSettingSchema> BuildTree(Enum resource, ITree <Enum> actionTree)
        {
            var treeWithParents = actionTree
                                  .WithAttachedParents()
                                  .Flatten();

            var settings = treeWithParents.Select(hierarchicalItem =>
                                                  PermissionSettingSchema.Of(
                                                      PermissionSettingIdentity.Of(hierarchicalItem.current, resource),
                                                      hierarchicalItem.parent));

            return(settings);
        }
        public virtual GroupPermissionsViewModel Save(PermissionUpdateViewModel update)
        {
            var settingIdentity = PermissionSettingIdentity.Of(
                _actionTypeProvider[update.ActionId],
                _resourceTypeProvider[update.ResourceTypeId]);
            var settingValue = PermissionSettingValues.Of(update.Allowed, update.Enabled);
            var targetGroup  = _intranetMemberGroupProvider[update.IntranetMemberGroupId];

            var mappedUpdate = PermissionUpdateModel.Of(targetGroup, settingValue, settingIdentity);

            _permissionsService.Save(mappedUpdate);

            return(Get(update.IntranetMemberGroupId));
        }
Exemple #9
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (Skip(filterContext))
            {
                return;
            }

            var permissionsService = HttpContext.Current.GetService <IPermissionsService>();
            var isUserHasAccess    = permissionsService.Check(PermissionSettingIdentity.Of(_action, _permissionResourceType));

            if (!isUserHasAccess)
            {
                var context = filterContext.Controller.ControllerContext.HttpContext;
                Deny(context);
            }
        }
Exemple #10
0
        public virtual ActionResult OwnerEdit(Guid ownerId, string ownerIdPropertyName, PermissionResourceTypeEnum activityType, IActivityCreateLinks links)
        {
            var model = new IntranetActivityOwnerEditModel
            {
                Owner = _intranetMemberService.Get(ownerId).Map <MemberViewModel>(),
                OwnerIdPropertyName = ownerIdPropertyName,
                Links = links
            };

            model.CanEditOwner = _permissionsService.Check(activityType, PermissionActionEnum.EditOwner);

            if (model.CanEditOwner)
            {
                model.Members = GetUsersWithAccess(PermissionSettingIdentity.Of(PermissionActionEnum.Create, activityType));
            }

            return(PartialView(OwnerEditViewPath, model));
        }
Exemple #11
0
 public ContentRestrictedActionApiAttribute(PermissionResourceTypeEnum resourceType, PermissionActionEnum action)
 {
     _permissionSettingIdentity = PermissionSettingIdentity.Of(action, resourceType);
 }