public static bool IsAvailableForUser(Guid itemId, Guid @for) { var id = itemId.ToString(); var result = false; var key = GetCacheKey(); var dic = cache.Get <Dictionary <string, bool> >(key); if (dic == null) { cache.Insert(key, dic = new Dictionary <string, bool>(), DateTime.UtcNow.Add(TimeSpan.FromMinutes(1))); } else { lock (dic) { if (dic.ContainsKey(id + @for)) { return(dic[id + @for]); } } } // can read or administrator var securityObj = WebItemSecurityObject.Create(id); if (CoreContext.Configuration.Personal && securityObj.WebItemId != WebItemManager.DocumentsProductID) { // only files visible in your-docs portal result = false; } else { var webitem = WebItemManager.Instance[securityObj.WebItemId]; if (webitem != null) { if ((webitem.ID == WebItemManager.CRMProductID || webitem.ID == WebItemManager.PeopleProductID || webitem.ID == WebItemManager.BirthdaysProductID || webitem.ID == WebItemManager.MailProductID) && CoreContext.UserManager.GetUsers(@for).IsVisitor()) { // hack: crm, people, birtthday and mail products not visible for collaborators result = false; } else if ((webitem.ID == WebItemManager.CalendarProductID || webitem.ID == WebItemManager.TalkProductID) && CoreContext.UserManager.GetUsers(@for).IsOutsider()) { // hack: calendar and talk products not visible for outsider result = false; } else if (webitem is IModule) { result = SecurityContext.PermissionResolver.Check(CoreContext.Authentication.GetAccountByID(@for), securityObj, null, Read) && IsAvailableForUser(WebItemManager.Instance.GetParentItemID(webitem.ID), @for); } else { var hasUsers = CoreContext.AuthorizationManager.GetAces(Guid.Empty, Read.ID, securityObj).Any(a => a.SubjectId != ASC.Core.Users.Constants.GroupEveryone.ID); result = SecurityContext.PermissionResolver.Check(CoreContext.Authentication.GetAccountByID(@for), securityObj, null, Read) || (hasUsers && IsProductAdministrator(securityObj.WebItemId, @for)); } } else { result = false; } } dic = cache.Get <Dictionary <string, bool> >(key); if (dic != null) { lock (dic) { dic[id + @for] = result; } } return(result); }
public bool IsAvailableForUser(Guid itemId, Guid @for) { var id = itemId.ToString(); var result = false; var tenant = TenantManager.GetCurrentTenant(); var dic = WebItemSecurityCache.GetOrInsert(tenant.TenantId); if (dic != null) { lock (dic) { if (dic.ContainsKey(id + @for)) { return(dic[id + @for]); } } } // can read or administrator var securityObj = WebItemSecurityObject.Create(id, WebItemManager); if (CoreBaseSettings.Personal && securityObj.WebItemId != WebItemManager.DocumentsProductID) { // only files visible in your-docs portal result = false; } else { var webitem = WebItemManager[securityObj.WebItemId]; if (webitem != null) { if ((webitem.ID == WebItemManager.CRMProductID || webitem.ID == WebItemManager.PeopleProductID || webitem.ID == WebItemManager.BirthdaysProductID || webitem.ID == WebItemManager.MailProductID) && UserManager.GetUsers(@for).IsVisitor(UserManager)) { // hack: crm, people, birtthday and mail products not visible for collaborators result = false; } else if ((webitem.ID == WebItemManager.CalendarProductID || webitem.ID == WebItemManager.TalkProductID) && UserManager.GetUsers(@for).IsOutsider(UserManager)) { // hack: calendar and talk products not visible for outsider result = false; } else if (webitem is IModule) { result = PermissionContext.PermissionResolver.Check(Authentication.GetAccountByID(tenant.TenantId, @for), securityObj, null, Read) && IsAvailableForUser(WebItemManager.GetParentItemID(webitem.ID), @for); } else { var hasUsers = AuthorizationManager.GetAces(Guid.Empty, Read.ID, securityObj).Any(a => a.SubjectId != ASC.Core.Users.Constants.GroupEveryone.ID); result = PermissionContext.PermissionResolver.Check(Authentication.GetAccountByID(tenant.TenantId, @for), securityObj, null, Read) || (hasUsers && IsProductAdministrator(securityObj.WebItemId, @for)); } } else { result = false; } } dic = WebItemSecurityCache.Get(tenant.TenantId); if (dic != null) { lock (dic) { dic[id + @for] = result; } } return(result); }