static WebItemManager()
 {
     allowedItems = (ConfigurationManager.AppSettings["web.items"] ?? string.Empty)
         .Split(new[] { ',', ';', ' ' }, StringSplitOptions.RemoveEmptyEntries)
         .ToList();
     Instance = new WebItemManager();
 }
Exemple #2
0
        public void SetProductAdministrator(Guid productid, Guid userid, bool administrator)
        {
            if (productid == Guid.Empty)
            {
                productid = ASC.Core.Users.Constants.GroupAdmin.ID;
            }
            if (administrator)
            {
                if (UserManager.IsUserInGroup(userid, ASC.Core.Users.Constants.GroupVisitor.ID))
                {
                    throw new SecurityException("Collaborator can not be an administrator");
                }

                if (productid == WebItemManager.PeopleProductID)
                {
                    foreach (var ace in GetPeopleModuleActions(userid))
                    {
                        AuthorizationManager.AddAce(ace);
                    }
                }

                UserManager.AddUserIntoGroup(userid, productid);
            }
            else
            {
                if (productid == ASC.Core.Users.Constants.GroupAdmin.ID)
                {
                    var groups = new List <Guid> {
                        WebItemManager.MailProductID
                    };
                    groups.AddRange(WebItemManager.GetItemsAll().OfType <IProduct>().Select(p => p.ID));

                    foreach (var id in groups)
                    {
                        UserManager.RemoveUserFromGroup(userid, id);
                    }
                }

                if (productid == ASC.Core.Users.Constants.GroupAdmin.ID || productid == WebItemManager.PeopleProductID)
                {
                    foreach (var ace in GetPeopleModuleActions(userid))
                    {
                        AuthorizationManager.RemoveAce(ace);
                    }
                }

                UserManager.RemoveUserFromGroup(userid, productid);
            }

            WebItemSecurityCache.Publish(TenantManager.GetCurrentTenant().TenantId);
        }
Exemple #3
0
        public WebItemSecurityInfo GetSecurityInfo(string id)
        {
            var info = GetSecurity(id).ToList();
            var module = WebItemManager.GetParentItemID(new Guid(id)) != Guid.Empty;
            return new WebItemSecurityInfo
            {
                WebItemId = id,

                Enabled = !info.Any() || (!module && info.Any(i => i.Item2)) || (module && info.All(i => i.Item2)),

                Users = info
                               .Select(i => UserManager.GetUsers(i.Item1))
                               .Where(u => u.ID != ASC.Core.Users.Constants.LostUser.ID),

                Groups = info
                               .Select(i => UserManager.GetGroupInfo(i.Item1))
                               .Where(g => g.ID != ASC.Core.Users.Constants.LostGroupInfo.ID && g.CategoryID != ASC.Core.Users.Constants.SysGroupCategoryId)
            };
        }
Exemple #4
0
            public static WebItemSecurityObject Create(string id, WebItemManager webItemManager)
            {
                if (string.IsNullOrEmpty(id))
                {
                    throw new ArgumentNullException("id");
                }

                var itemId = Guid.Empty;
                if (32 <= id.Length)
                {
                    itemId = new Guid(id);
                }
                else
                {
                    var w = webItemManager
                        .GetItemsAll()
                        .FirstOrDefault(i => id.Equals(i.GetSysName(), StringComparison.InvariantCultureIgnoreCase));
                    if (w != null) itemId = w.ID;
                }
                return new WebItemSecurityObject(itemId, webItemManager);
            }
Exemple #5
0
        public IEnumerable<UserInfo> GetProductAdministrators(Guid productid)
        {
            var groups = new List<Guid>();
            if (productid == Guid.Empty)
            {
                groups.Add(ASC.Core.Users.Constants.GroupAdmin.ID);
                groups.AddRange(WebItemManager.GetItemsAll().OfType<IProduct>().Select(p => p.ID));
                groups.Add(WebItemManager.MailProductID);
            }
            else
            {
                groups.Add(productid);
            }

            var users = Enumerable.Empty<UserInfo>();
            foreach (var id in groups)
            {
                users = users.Union(UserManager.GetUsersByGroup(id));
            }
            return users.ToList();
        }
Exemple #6
0
 public WebItemSecurity(
     UserManager userManager,
     AuthContext authContext,
     PermissionContext permissionContext,
     AuthManager authentication,
     WebItemManager webItemManager,
     TenantManager tenantManager,
     AuthorizationManager authorizationManager,
     CoreBaseSettings coreBaseSettings,
     WebItemSecurityCache webItemSecurityCache,
     SettingsManager settingsManager)
 {
     UserManager          = userManager;
     AuthContext          = authContext;
     PermissionContext    = permissionContext;
     Authentication       = authentication;
     WebItemManager       = webItemManager;
     TenantManager        = tenantManager;
     AuthorizationManager = authorizationManager;
     CoreBaseSettings     = coreBaseSettings;
     WebItemSecurityCache = webItemSecurityCache;
     SettingsManager      = settingsManager;
 }
 static WebItemManager()
 {
     Instance = new WebItemManager();
 }
 public WebItemManagerSecurity(WebItemSecurity webItemSecurity, AuthContext authContext, WebItemManager webItemManager)
 {
     WebItemSecurity = webItemSecurity;
     AuthContext     = authContext;
     WebItemManager  = webItemManager;
 }
Exemple #9
0
 private WebItemSecurityObject(Guid itemId, WebItemManager webItemManager)
 {
     WebItemId      = itemId;
     WebItemManager = webItemManager;
 }
Exemple #10
0
        public bool IsAvailableForUser(Guid itemId, Guid @for)
        {
            var id     = itemId.ToString();
            var result = false;

            var tenant = TenantManager.GetCurrentTenant();
            var dic    = WebItemSecurityCache.GetOrInsert(tenant.TenantId);

            if (dic != null)
            {
                lock (dic)
                {
                    if (dic.ContainsKey(id + @for))
                    {
                        return(dic[id + @for]);
                    }
                }
            }

            // can read or administrator
            var securityObj = WebItemSecurityObject.Create(id, WebItemManager);

            if (CoreBaseSettings.Personal &&
                securityObj.WebItemId != WebItemManager.DocumentsProductID)
            {
                // only files visible in your-docs portal
                result = false;
            }
            else
            {
                var webitem = WebItemManager[securityObj.WebItemId];
                if (webitem != null)
                {
                    if ((webitem.ID == WebItemManager.CRMProductID ||
                         webitem.ID == WebItemManager.PeopleProductID ||
                         webitem.ID == WebItemManager.BirthdaysProductID ||
                         webitem.ID == WebItemManager.MailProductID) &&
                        UserManager.GetUsers(@for).IsVisitor(UserManager))
                    {
                        // hack: crm, people, birtthday and mail products not visible for collaborators
                        result = false;
                    }
                    else if ((webitem.ID == WebItemManager.CalendarProductID ||
                              webitem.ID == WebItemManager.TalkProductID) &&
                             UserManager.GetUsers(@for).IsOutsider(UserManager))
                    {
                        // hack: calendar and talk products not visible for outsider
                        result = false;
                    }
                    else if (webitem is IModule)
                    {
                        result = PermissionContext.PermissionResolver.Check(Authentication.GetAccountByID(tenant.TenantId, @for), securityObj, null, Read) &&
                                 IsAvailableForUser(WebItemManager.GetParentItemID(webitem.ID), @for);
                    }
                    else
                    {
                        var hasUsers = AuthorizationManager.GetAces(Guid.Empty, Read.ID, securityObj).Any(a => a.SubjectId != ASC.Core.Users.Constants.GroupEveryone.ID);
                        result = PermissionContext.PermissionResolver.Check(Authentication.GetAccountByID(tenant.TenantId, @for), securityObj, null, Read) ||
                                 (hasUsers && IsProductAdministrator(securityObj.WebItemId, @for));
                    }
                }
                else
                {
                    result = false;
                }
            }

            dic = WebItemSecurityCache.Get(tenant.TenantId);
            if (dic != null)
            {
                lock (dic)
                {
                    dic[id + @for] = result;
                }
            }
            return(result);
        }
Exemple #11
0
 public static List <IWebItem> SortItems(this IEnumerable <IWebItem> items, WebItemSettings settings)
 {
     return(items.OrderBy(i => WebItemManager.GetSortOrder(i, settings)).ToList());
 }