Exemple #1
0
        // list all resources shared to me
        public List <CResourceEntity> ListShareResources()
        {
            List <CResourceEntity> resources  = new List <CResourceEntity>();
            COrganizeEntity        organize   = new COrganizeEntity(ConnString).Load(this.Usr_Organize);
            CResourceEntity        archiveRes = organize.GetArchiveFolder();

            if (Usr_Type == (int)USERTYPE.SYSTEMADMIN || Usr_Type == (int)USERTYPE.ORGANIZEADMIN)
            {
                return(resources);
            }

            List <CACLEntity> acls = GetAllACLs();

            foreach (CACLEntity acl in acls)
            {
                if (acl.Acl_Operation != (int)ACLOPERATION.READ && acl.Acl_Operation != (int)ACLOPERATION.WRITE)
                {
                    continue;
                }

                if (acl.Acl_Resource == organize.Org_Resource)
                {
                    continue;
                }

                CResourceEntity res = new CResourceEntity(ConnString).Load(acl.Acl_Resource);
                if (res.Res_Type != (int)RESOURCETYPE.FILERESOURCE && res.Res_Type != (int)RESOURCETYPE.FOLDERRESOURCE)
                {
                    continue;
                }

                bool existed = false;
                foreach (CResourceEntity r in resources)
                {
                    if (r.Res_Id == res.Res_Id)
                    {
                        existed = true;
                        break;
                    }
                }

                if (!existed && !res.IsChild(archiveRes.Res_Id) && !res.IsChild(Usr_Resource))
                {
                    resources.Add(res);
                }
            }

            return(resources);
        }
Exemple #2
0
        public void Permit(int userId, ACLROLETYPE roleType, int resourceId, ACLOPERATION operation)
        {
            // user have to have write privilege on resource
            CACLEntity acl = new CACLEntity();

            acl.Acl_Resource  = resourceId;
            acl.Acl_Operation = (int)ACLOPERATION.WRITE;
            if (!CheckPrivilege(acl))
            {
                throw new Exception("没有写权限");
            }

            List <CACLEntity> userAcls = new List <CACLEntity>();

            if (roleType == ACLROLETYPE.USERROLE)
            {
                CUserEntity user = new CUserEntity(ConnString).Load(userId);
                userAcls = user.GetUserACLs();
            }
            else if (roleType == ACLROLETYPE.GROUPROLE)
            {
                CGroupEntity group = new CGroupEntity(ConnString).Load(userId);
                userAcls = group.GetGroupACLs();
            }

            // check if this acl conflicts with others
            CResourceEntity resource = new CResourceEntity(ConnString).Load(resourceId);

            foreach (CACLEntity userAcl in userAcls)
            {
                if (resource.IsChild(userAcl.Acl_Resource) && userAcl.Acl_Operation == (int)operation)
                {
                    throw new Exception("与其他权限冲突");
                }
            }

            // create acl
            CACLEntity acl1 = new CACLEntity(ConnString);

            acl1.Acl_Resource   = resourceId;
            acl1.Acl_Role       = userId;
            acl1.Acl_RType      = (int)roleType;
            acl1.Acl_Operation  = (int)operation;
            acl1.Acl_Creator    = this.Usr_Id;
            acl1.Acl_CreateTime = DateTime.Now;
            acl1.Insert();

            // remove all child privileges
            foreach (CACLEntity ua in userAcls)
            {
                resource = new CResourceEntity(ConnString).Load(ua.Acl_Resource);
                if (resource.IsChild(resourceId) && ua.Acl_Operation == (int)operation)
                {
                    ua.Delete();
                }
            }
        }
Exemple #3
0
        // List all Descendants of root that current user can read
        public List <CResourceEntity> ListDescendants(int root)
        {
            CACLEntity acl1 = new CACLEntity(ConnString);

            acl1.Acl_Resource  = root;
            acl1.Acl_Operation = (int)ACLOPERATION.READ;

            CResourceEntity parent = new CResourceEntity(ConnString).Load(root);

            if (CheckPrivilege(acl1))
            {
                return(parent.ListChildResources());
            }

            List <CResourceEntity> resources = new List <CResourceEntity>();
            List <CACLEntity>      acls      = GetAllACLs();

            foreach (CACLEntity acl in acls)
            {
                if (acl.Acl_Operation != (int)ACLOPERATION.READ && acl.Acl_Operation != (int)ACLOPERATION.WRITE)
                {
                    continue;
                }

                CResourceEntity res = new CResourceEntity(ConnString).Load(acl.Acl_Resource);
                if (res.Res_Type != (int)RESOURCETYPE.FILERESOURCE && res.Res_Type != (int)RESOURCETYPE.FOLDERRESOURCE)
                {
                    continue;
                }

                bool existed = false;
                foreach (CResourceEntity r in resources)
                {
                    if (r.Res_Id == res.Res_Id)
                    {
                        existed = true;
                        break;
                    }
                }

                if (!existed && res.IsChild(parent.Res_Id))
                {
                    resources.Add(res);
                }
            }

            return(resources);
        }