public Rock.CMS.DTO.Auth ApiGet(string id, string apiKey) { using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope()) { Rock.CMS.UserService userService = new Rock.CMS.UserService(); Rock.CMS.User user = userService.Queryable().Where(u => u.ApiKey == apiKey).FirstOrDefault(); if (user != null) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id)); if (Auth.Authorized("View", user)) { return(Auth.DataTransferObject); } else { throw new WebFaultException <string>("Not Authorized to View this Auth", System.Net.HttpStatusCode.Forbidden); } } else { throw new WebFaultException <string>("Invalid API Key", System.Net.HttpStatusCode.Forbidden); } } }
public void UpdateAuth(string id, Rock.CMS.DTO.Auth Auth) { var currentUser = Rock.CMS.UserService.GetCurrentUser(); if (currentUser == null) { throw new WebFaultException <string>("Must be logged in", System.Net.HttpStatusCode.Forbidden); } using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope()) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth existingAuth = AuthService.Get(int.Parse(id)); if (existingAuth.Authorized("Edit", currentUser)) { uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth); if (existingAuth.IsValid) { AuthService.Save(existingAuth, currentUser.PersonId); } else { throw new WebFaultException <string>(existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest); } } else { throw new WebFaultException <string>("Not Authorized to Edit this Auth", System.Net.HttpStatusCode.Forbidden); } } }
public void ApiDeleteAuth(string id, string apiKey) { using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope()) { Rock.CMS.UserService userService = new Rock.CMS.UserService(); Rock.CMS.User user = userService.Queryable().Where(u => u.ApiKey == apiKey).FirstOrDefault(); if (user != null) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id)); if (Auth.Authorized("Edit", user)) { AuthService.Delete(Auth, user.PersonId); AuthService.Save(Auth, user.PersonId); } else { throw new WebFaultException <string>("Not Authorized to Edit this Auth", System.Net.HttpStatusCode.Forbidden); } } else { throw new WebFaultException <string>("Invalid API Key", System.Net.HttpStatusCode.Forbidden); } } }
public void DeleteAuth(string id) { var currentUser = Rock.CMS.UserService.GetCurrentUser(); if (currentUser == null) { throw new WebFaultException <string>("Must be logged in", System.Net.HttpStatusCode.Forbidden); } using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope()) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id)); if (Auth.Authorized("Edit", currentUser)) { AuthService.Delete(Auth, currentUser.PersonId); AuthService.Save(Auth, currentUser.PersonId); } else { throw new WebFaultException <string>("Not Authorized to Edit this Auth", System.Net.HttpStatusCode.Forbidden); } } }
public void ApiCreateAuth(string apiKey, Rock.CMS.DTO.Auth Auth) { using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope()) { Rock.CMS.UserService userService = new Rock.CMS.UserService(); Rock.CMS.User user = userService.Queryable().Where(u => u.ApiKey == apiKey).FirstOrDefault(); if (user != null) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth existingAuth = new Rock.CMS.Auth(); AuthService.Add(existingAuth, user.PersonId); uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth); if (existingAuth.IsValid) { AuthService.Save(existingAuth, user.PersonId); } else { throw new WebFaultException <string>(existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest); } } else { throw new WebFaultException <string>("Invalid API Key", System.Net.HttpStatusCode.Forbidden); } } }
protected void lbAddUser_Click(object sender, EventArgs e) { List <Rock.Security.AuthRule> existingAuths = Rock.Security.Authorization.AuthRules(iSecured.AuthEntity, iSecured.Id, CurrentAction); int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1; bool actionUpdated = false; foreach (ListItem li in cbUsers.Items) { if (li.Selected) { bool alreadyExists = false; int personId = Int32.Parse(li.Value); foreach (Rock.Security.AuthRule auth in existingAuths) { if (auth.PersonId.HasValue && auth.PersonId.Value == personId) { alreadyExists = true; break; } } if (!alreadyExists) { Rock.CMS.Auth auth = new Rock.CMS.Auth(); auth.EntityType = iSecured.AuthEntity; auth.EntityId = iSecured.Id; auth.Action = CurrentAction; auth.AllowOrDeny = "A"; auth.SpecialRole = Rock.CMS.SpecialRole.None; auth.PersonId = personId; auth.Order = ++maxOrder; authService.Add(auth, CurrentPersonId); authService.Save(auth, CurrentPersonId); actionUpdated = true; } } } if (actionUpdated) { Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, CurrentAction); } pnlAddUser.Visible = false; phList.Visible = true; BindGrid(); }
protected void rGrid_Delete(object sender, RowEventArgs e) { Rock.CMS.Auth auth = authService.Get(( int )rGrid.DataKeys[e.RowIndex]["id"]); if (auth != null) { authService.Delete(auth, CurrentPersonId); authService.Save(auth, CurrentPersonId); Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, CurrentAction); } BindGrid(); }
protected void rblAllowDeny_SelectedIndexChanged(object sender, EventArgs e) { RadioButtonList rblAllowDeny = ( RadioButtonList )sender; GridViewRow selectedRow = rblAllowDeny.NamingContainer as GridViewRow; if (selectedRow != null) { int id = ( int )rGrid.DataKeys[selectedRow.RowIndex]["id"]; Rock.CMS.Auth auth = authService.Get(id); if (auth != null) { auth.AllowOrDeny = rblAllowDeny.SelectedValue; authService.Save(auth, CurrentPersonId); Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, CurrentAction); } } BindGrid(); }
public Rock.CMS.DTO.Auth Get(string id) { var currentUser = Rock.CMS.UserService.GetCurrentUser(); if (currentUser == null) { throw new WebFaultException <string>("Must be logged in", System.Net.HttpStatusCode.Forbidden); } using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope()) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id)); if (Auth.Authorized("View", currentUser)) { return(Auth.DataTransferObject); } else { throw new WebFaultException <string>("Not Authorized to View this Auth", System.Net.HttpStatusCode.Forbidden); } } }
public void ApiCreateAuth( string apiKey, Rock.CMS.DTO.Auth Auth ) { using ( Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope() ) { Rock.CMS.UserService userService = new Rock.CMS.UserService(); Rock.CMS.User user = userService.Queryable().Where( u => u.ApiKey == apiKey ).FirstOrDefault(); if (user != null) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth existingAuth = new Rock.CMS.Auth(); AuthService.Add( existingAuth, user.PersonId ); uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth); if (existingAuth.IsValid) AuthService.Save( existingAuth, user.PersonId ); else throw new WebFaultException<string>( existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest ); } else throw new WebFaultException<string>( "Invalid API Key", System.Net.HttpStatusCode.Forbidden ); } }
protected void lbAddRole_Click( object sender, EventArgs e ) { List<Rock.Security.AuthRule> existingAuths = Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, CurrentAction ); int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1; foreach ( ListItem li in cblRoleActionList.Items ) { if (li.Selected) { bool actionUpdated = false; bool alreadyExists = false; Rock.CMS.SpecialRole specialRole = Rock.CMS.SpecialRole.None; int? groupId = Int32.Parse(ddlRoles.SelectedValue); switch(groupId) { case -1: specialRole = Rock.CMS.SpecialRole.AllUsers; break; case -2: specialRole = Rock.CMS.SpecialRole.AllAuthenticatedUsers; break; case -3: specialRole = Rock.CMS.SpecialRole.AllUnAuthenticatedUsers; break; default: specialRole = Rock.CMS.SpecialRole.None; break; } if (groupId < 0) groupId = null; foreach ( Rock.Security.AuthRule rule in Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, li.Text ) ) { if ( rule.SpecialRole == specialRole && rule.GroupId == groupId ) { alreadyExists = true; break; } } if ( !alreadyExists ) { Rock.CMS.Auth auth = new Rock.CMS.Auth(); auth.EntityType = iSecured.AuthEntity; auth.EntityId = iSecured.Id; auth.Action = li.Text; auth.AllowOrDeny = "A"; auth.SpecialRole = specialRole; auth.GroupId = groupId; auth.Order = ++maxOrder; authService.Add( auth, CurrentPersonId ); authService.Save( auth, CurrentPersonId ); actionUpdated = true; } if ( actionUpdated ) Rock.Security.Authorization.ReloadAction( iSecured.AuthEntity, iSecured.Id, li.Text ); } } pnlAddRole.Visible = false; phList.Visible = true; BindGrid(); }
protected void lbAddUser_Click( object sender, EventArgs e ) { List<Rock.Security.AuthRule> existingAuths = Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, CurrentAction ); int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1; bool actionUpdated = false; foreach ( ListItem li in cbUsers.Items ) { if ( li.Selected ) { bool alreadyExists = false; int personId = Int32.Parse( li.Value ); foreach ( Rock.Security.AuthRule auth in existingAuths ) if ( auth.PersonId.HasValue && auth.PersonId.Value == personId) { alreadyExists = true; break; } if ( !alreadyExists ) { Rock.CMS.Auth auth = new Rock.CMS.Auth(); auth.EntityType = iSecured.AuthEntity; auth.EntityId = iSecured.Id; auth.Action = CurrentAction; auth.AllowOrDeny = "A"; auth.SpecialRole = Rock.CMS.SpecialRole.None; auth.PersonId = personId; auth.Order = ++maxOrder; authService.Add( auth, CurrentPersonId ); authService.Save( auth, CurrentPersonId ); actionUpdated = true; } } } if ( actionUpdated ) Rock.Security.Authorization.ReloadAction( iSecured.AuthEntity, iSecured.Id, CurrentAction ); pnlAddUser.Visible = false; phList.Visible = true; BindGrid(); }
protected void lbAddRole_Click(object sender, EventArgs e) { List <Rock.Security.AuthRule> existingAuths = Rock.Security.Authorization.AuthRules(iSecured.AuthEntity, iSecured.Id, CurrentAction); int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1; foreach (ListItem li in cblRoleActionList.Items) { if (li.Selected) { bool actionUpdated = false; bool alreadyExists = false; Rock.CMS.SpecialRole specialRole = Rock.CMS.SpecialRole.None; int?groupId = Int32.Parse(ddlRoles.SelectedValue); switch (groupId) { case -1: specialRole = Rock.CMS.SpecialRole.AllUsers; break; case -2: specialRole = Rock.CMS.SpecialRole.AllAuthenticatedUsers; break; case -3: specialRole = Rock.CMS.SpecialRole.AllUnAuthenticatedUsers; break; default: specialRole = Rock.CMS.SpecialRole.None; break; } if (groupId < 0) { groupId = null; } foreach (Rock.Security.AuthRule rule in Rock.Security.Authorization.AuthRules(iSecured.AuthEntity, iSecured.Id, li.Text)) { if (rule.SpecialRole == specialRole && rule.GroupId == groupId) { alreadyExists = true; break; } } if (!alreadyExists) { Rock.CMS.Auth auth = new Rock.CMS.Auth(); auth.EntityType = iSecured.AuthEntity; auth.EntityId = iSecured.Id; auth.Action = li.Text; auth.AllowOrDeny = "A"; auth.SpecialRole = specialRole; auth.GroupId = groupId; auth.Order = ++maxOrder; authService.Add(auth, CurrentPersonId); authService.Save(auth, CurrentPersonId); actionUpdated = true; } if (actionUpdated) { Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, li.Text); } } } pnlAddRole.Visible = false; phList.Visible = true; BindGrid(); }
protected void lbAddRole_Click( object sender, EventArgs e ) { List<Rock.Security.AuthRule> existingAuths = Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, CurrentAction ); int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1; foreach ( ListItem li in cblRoleActionList.Items ) { if (li.Selected) { bool actionUpdated = false; bool alreadyExists = false; foreach ( Rock.Security.AuthRule rule in Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, li.Text ) ) { if ( rule.UserOrRole == "R" && rule.UserOrRoleName == ddlRoles.SelectedValue ) { alreadyExists = true; break; } } if ( !alreadyExists ) { Rock.CMS.Auth auth = new Rock.CMS.Auth(); auth.EntityType = iSecured.AuthEntity; auth.EntityId = iSecured.Id; auth.Action = li.Text; auth.AllowOrDeny = "A"; auth.UserOrRole = "R"; auth.UserOrRoleName = ddlRoles.SelectedValue; auth.Order = ++maxOrder; authService.Add( auth, CurrentPersonId ); authService.Save( auth, CurrentPersonId ); actionUpdated = true; } if ( actionUpdated ) Rock.Security.Authorization.ReloadAction( iSecured.AuthEntity, iSecured.Id, li.Text ); } } pnlAddRole.Visible = false; phList.Visible = true; BindGrid(); }
public void CreateAuth( Rock.CMS.DTO.Auth Auth ) { var currentUser = Rock.CMS.UserService.GetCurrentUser(); if ( currentUser == null ) throw new WebFaultException<string>("Must be logged in", System.Net.HttpStatusCode.Forbidden ); using ( Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope() ) { uow.objectContext.Configuration.ProxyCreationEnabled = false; Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService(); Rock.CMS.Auth existingAuth = new Rock.CMS.Auth(); AuthService.Add( existingAuth, currentUser.PersonId ); uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth); if (existingAuth.IsValid) AuthService.Save( existingAuth, currentUser.PersonId ); else throw new WebFaultException<string>( existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest ); } }