//--- Methods ---
public virtual GrantBE Copy()
{
GrantBE grant = new GrantBE();
grant.Id = Id;
grant.PageId = PageId;
grant.UserId = UserId;
grant.GroupId = GroupId;
grant.ExpirationDate = ExpirationDate;
grant.TimeStamp = TimeStamp;
grant.CreatorUserId = CreatorUserId;
grant.RoleId = RoleId;
grant.Role = Role.Copy();
grant.Type = Type;
return(grant);
}
public static XDoc GetGrantXml(GrantBE grant) {
XDoc doc = new XDoc("grant");
//Permissions for the user from user role
doc.Add(PermissionsBL.GetRoleXml(grant.Role, null));
if(grant.Type == GrantType.USER) {
UserBE user = UserBL.GetUserById(grant.UserId);
if(user != null)
doc.Add(UserBL.GetUserXml(user, null, Utils.ShowPrivateUserInfo(user)));
} else if(grant.Type == GrantType.GROUP) {
GroupBE group = GroupBL.GetGroupById(grant.GroupId);
if(group != null)
doc.Add(GroupBL.GetGroupXml(group, null));
}
if(grant.ExpirationDate != DateTime.MaxValue)
doc.Start("date.expires").Value(grant.ExpirationDate).End();
doc.Start("date.modified").Value(grant.TimeStamp).End();
UserBE creatorUser = UserBL.GetUserById(grant.CreatorUserId);
if(creatorUser != null)
doc.Add(UserBL.GetUserXml(creatorUser, "modifiedby", Utils.ShowPrivateUserInfo(creatorUser)));
return doc;
}
private static GrantBE ReadGrantXml(XDoc grantXml, PageBE pg) {
GrantBE grant = new GrantBE();
if(grantXml["user/@id"].Contents != string.Empty) {
grant.UserId = DbUtils.Convert.To<uint>(grantXml["user/@id"].Contents, 0);
grant.Type = GrantType.USER;
}
if(grantXml["group/@id"].Contents != string.Empty) {
grant.GroupId = DbUtils.Convert.To<uint>(grantXml["group/@id"].Contents, 0);
grant.Type = GrantType.GROUP;
}
//Userid nor Groupid given or both given is invalid.
if((grant.UserId == 0 && grant.GroupId == 0) || (grant.UserId != 0 && grant.GroupId != 0)) {
throw new PermissionsUserOrGroupIDNotGivenInvalidArgumentException();
}
if(grantXml["permissions/role"].Contents == string.Empty)
throw new PermissionsRoleNotGivenInvalidArgumentException();
RoleBE r = GetRoleByName(grantXml["permissions/role"].Contents);
if(r == null)
throw new PermissionsUnrecognizedRoleInvalidArgumentRoleException();
grant.Role = r;
grant.RoleId = r.ID;
//Optional datetime expire field. If provided but unparsable, return null.
string expireString = grantXml["date.expires"].Contents;
if(expireString != string.Empty) {
DateTime expirationDate;
if(!DateTime.TryParse(expireString, out expirationDate)) {
throw new PermissionsExpiryParseInvalidArgumentException();
} else {
grant.ExpirationDate = expirationDate;
}
}
grant.PageId = (uint)pg.ID;
grant.CreatorUserId = DekiContext.Current.User.ID;
return grant;
}
private static void AddRequesterToAddedGrantList(IList<GrantBE> currentGrants, IList<GrantBE> proposedAddedGrants, PageBE page) {
UserBE currentUser = DekiContext.Current.User;
List<GrantBE> temp = new List<GrantBE>(currentGrants);
temp.AddRange(proposedAddedGrants);
bool grantForSelfExists = false;
foreach(GrantBE g in temp) {
if(g.Type == GrantType.USER && g.UserId == currentUser.ID) {
grantForSelfExists = true;
break;
}
}
if(!grantForSelfExists) {
GrantBE requesterGrant = new GrantBE();
requesterGrant.PageId = (uint)page.ID;
requesterGrant.UserId = currentUser.ID;
requesterGrant.Type = GrantType.USER;
//TODO (MaxM): BUG 7054. This is the last hardcoded role name.
// returns null if the role is not found
RoleBE requesterRole = GetRoleByName(Role.CONTRIBUTOR);
if(requesterRole == null) {
throw new PermissionsRetrieveRoleInvalidArgumentException(Role.CONTRIBUTOR);
}
requesterGrant.RoleId = requesterRole.ID;
requesterGrant.Role = requesterRole;
proposedAddedGrants.Add(requesterGrant);
}
}
//--- Methods ---
public virtual GrantBE Copy() {
GrantBE grant = new GrantBE();
grant.Id = Id;
grant.PageId = PageId;
grant.UserId = UserId;
grant.GroupId = GroupId;
grant.ExpirationDate = ExpirationDate;
grant.TimeStamp = TimeStamp;
grant.CreatorUserId = CreatorUserId;
grant.RoleId = RoleId;
grant.Role = Role.Copy();
grant.Type = Type;
return grant;
}
public static PageBE CreateUserHomePage(UserBE user) {
if(user == null)
return null;
PageBE userHomePage = UserBL.GetHomePage(user);
if(userHomePage.ID == 0) {
try {
// get contents for new page
string homepageContent = DekiResources.NEWUSERPAGETEXT;
string homepageContentType = DekiMimeType.DEKI_TEXT;
//Content/new-user behavior for new homepages.
if(!string.IsNullOrEmpty(DekiContext.Current.Instance.ContentNewUser)) {
Title contentNewUserTitle = Title.FromPrefixedDbPath(DekiContext.Current.Instance.ContentNewUser, null);
PageBE contents = GetPageByTitle(contentNewUserTitle);
if(contents != null && contents.ID != 0) {
contents = PageBL.ResolveRedirects(contents);
}
//Found page pointed to by content/new-user
if(contents != null && contents.ID != 0) {
//Save the executed version of the template. Run this as the owner of the homepage
PermissionsBL.ImpersonationBegin(user);
ParserResult p = DekiXmlParser.Parse(contents, ParserMode.EDIT, -1, true);
homepageContentType = p.ContentType;
homepageContent = p.BodyText;
PermissionsBL.ImpersonationEnd();
} else {
_log.WarnFormat("Failed to set the contents of a user's homepage for user '{0}' from page '{1}'", user.Name, contentNewUserTitle);
}
}
//Need to impersonate an admin user if no context is set or performing anonymous user creation
if(DekiContext.Current.User == null || !PermissionsBL.IsUserAllowed(DekiContext.Current.User, Permissions.ADMIN)) {
PermissionsBL.ImpersonationBeginOfAdmin();
}
Save(userHomePage, null, homepageContent, homepageContentType, !string.IsNullOrEmpty(user.RealName) ? user.RealName : null, null);
//Set a grant for the new user on their homepage
if(!string.IsNullOrEmpty(DekiContext.Current.Instance.HomePageGrantRole)) {
RoleBE roleForGrant = PermissionsBL.GetRoleByName(DekiContext.Current.Instance.HomePageGrantRole);
if(roleForGrant != null) {
GrantBE userHomePageGrant = new GrantBE();
userHomePageGrant.Role = roleForGrant;
userHomePageGrant.RoleId = roleForGrant.ID;
userHomePageGrant.UserId = user.ID;
userHomePageGrant.Type = GrantType.USER;
userHomePageGrant.TimeStamp = DateTime.UtcNow;
userHomePageGrant.PageId = (uint)userHomePage.ID;
userHomePageGrant.CreatorUserId = DekiContext.Current.User.ID;
try {
PermissionsBL.ApplyDeltaPagePermissions(userHomePage, null, new List<GrantBE>(new GrantBE[] { userHomePageGrant }), new List<GrantBE>(), false);
} catch(Exception x) {
_log.WarnExceptionFormat(x, "Failed to apply a grant with role '{0}' to {1}'s homepage.", DekiContext.Current.Instance.HomePageGrantRole, user.Name);
}
}
}
} finally {
PermissionsBL.ImpersonationEnd();
}
}
return userHomePage;
}
private static void AddRequesterToAddedGrantList(IList<GrantBE> currentGrants, IList<GrantBE> proposedAddedGrants, PageBE page) {
UserBE currentUser = DekiContext.Current.User;
List<GrantBE> temp = new List<GrantBE>(currentGrants);
temp.AddRange(proposedAddedGrants);
bool grantForSelfExists = false;
foreach(GrantBE g in temp) {
if(g.Type == GrantType.USER && g.UserId == currentUser.ID) {
grantForSelfExists = true;
break;
}
}
if (!grantForSelfExists) {
GrantBE requesterGrant = new GrantBE();
requesterGrant.PageId = (uint) page.ID;
requesterGrant.UserId = currentUser.ID;
requesterGrant.Type = GrantType.USER;
//TODO (MaxM): BUG 7054. This is the last hardcoded role name.
// returns null if the role is not found
RoleBE requesterRole = PermissionsBL.GetRoleByName(Role.CONTRIBUTOR);
if(requesterRole == null)
throw new MissingFieldException(string.Format(DekiResources.CANNOT_RETRIEVE_REQUIRED_ROLE, Role.CONTRIBUTOR));
requesterGrant.RoleId = requesterRole.ID;
requesterGrant.Role = requesterRole;
proposedAddedGrants.Add(requesterGrant);
}
}
public uint Grants_Insert(GrantBE grant) {
Stopwatch sw = Stopwatch.StartNew();
var ret = _next.Grants_Insert(grant);
LogQuery(CATEGORY_GRANTS, "Grants_Insert", sw, "grant", grant);
return ret;
}
