public static void SetSecurity(string id, bool enabled, params Guid[] subjects)
        {
            var securityObj = WebItemSecurityObject.Create(id);

            // remove old aces
            CoreContext.AuthorizationManager.RemoveAllAces(securityObj);

            // set new aces
            if (subjects == null || subjects.Length == 0 || subjects.Contains(ASC.Core.Users.Constants.GroupEveryone.ID))
            {
                subjects = new[] { ASC.Core.Users.Constants.GroupEveryone.ID };
            }
            foreach (var s in subjects)
            {
                var a = new AzRecord(s, Read.ID, enabled ? AceType.Allow : AceType.Deny, securityObj);
                CoreContext.AuthorizationManager.AddAce(a);
            }
        }
 public void RemoveAce(AzRecord r)
 {
     service.RemoveAce(TenantManager.GetCurrentTenant().TenantId, r);
 }
        public static void SetSecurity(string id, bool enabled, params Guid[] subjects)
        {
            var securityObj = WebItemSecurityObject.Create(id);

            // remove old aces
            CoreContext.AuthorizationManager.RemoveAllAces(securityObj);
            var allowToAll = new AzRecord(ASC.Core.Users.Constants.GroupEveryone.ID, Read.ID, AceType.Allow, securityObj);
            CoreContext.AuthorizationManager.RemoveAce(allowToAll);

            // set new aces
            if (subjects == null || subjects.Length == 0 || subjects.Contains(ASC.Core.Users.Constants.GroupEveryone.ID))
            {
                if (!enabled && subjects != null && subjects.Length == 0)
                {
                    // users from list with no users equals allow to all users
                    enabled = true;
                }
                subjects = new[] { ASC.Core.Users.Constants.GroupEveryone.ID };
            }
            foreach (var s in subjects)
            {
                var a = new AzRecord(s, Read.ID, enabled ? AceType.Allow : AceType.Deny, securityObj);
                CoreContext.AuthorizationManager.AddAce(a);
            }

            ClearCache();
        }
 public void AddAce(AzRecord r)
 {
     service.SaveAce(CoreContext.TenantManager.GetCurrentTenant().TenantId, r);
 }
 public void RemoveAce(AzRecord r)
 {
     service.RemoveAce(CoreContext.TenantManager.GetCurrentTenant().TenantId, r);
 }
        public static void SetSecurity(string id, bool enabled, params Guid[] subjects)
        {
            if(SettingsManager.Instance.LoadSettings<TenantAccessSettings>(TenantProvider.CurrentTenantID).Anyone)
                throw new SecurityException("Security settings are disabled for an open portal");
            
            var securityObj = WebItemSecurityObject.Create(id);

            // remove old aces
            CoreContext.AuthorizationManager.RemoveAllAces(securityObj);
            var allowToAll = new AzRecord(ASC.Core.Users.Constants.GroupEveryone.ID, Read.ID, AceType.Allow, securityObj);
            CoreContext.AuthorizationManager.RemoveAce(allowToAll);

            // set new aces
            if (subjects == null || subjects.Length == 0 || subjects.Contains(ASC.Core.Users.Constants.GroupEveryone.ID))
            {
                if (!enabled && subjects != null && subjects.Length == 0)
                {
                    // users from list with no users equals allow to all users
                    enabled = true;
                }
                subjects = new[] { ASC.Core.Users.Constants.GroupEveryone.ID };
            }
            foreach (var s in subjects)
            {
                var a = new AzRecord(s, Read.ID, enabled ? AceType.Allow : AceType.Deny, securityObj);
                CoreContext.AuthorizationManager.AddAce(a);
            }

            ClearCache();
        }
 /// <summary>
 /// Creates a certain rule by specified parameters
 /// </summary>
 /// <param name="userID"></param>
 /// <param name="ip"></param>
 /// <param name="rule"></param>
 private void CrealeRule(Guid userID, string ip, AceType rule)
 {
     IPAddress ipAddress;
     if (IPAddress.TryParse(ip, out ipAddress))
     {
         var az = new AzRecord(userID, TcpIpFilterActions.TcpIpFilterAction.ID, rule,
                               new TcpIpFilterSecurityObject(ipAddress));
         CoreContext.AuthorizationManager.AddAce(az);
     }
 }