private static void Step2(HttpRequest request, Literal rolesexport)
        {
            rolesexport.Text += "Export preview<br><br>";
            var allright = CurrentRights.GetAllRightsMaster();
            var rols     = request.Form.Get("rol");

            if (rols != null)
            {
                foreach (var rol in rols.Split(','))
                {
                    rolesexport.Text += "<strong>" + rol + "</strong>  :<br> ";
                    var account = Sitecore.Security.Accounts.Role.FromName(rol);
                    if (account == null)
                    {
                        break;
                    }
                    foreach (var itemWithRights in allright)
                    {
                        var accessRules = itemWithRights.Security.GetAccessRules();
                        if (accessRules != null)
                        {
                            foreach (var rule in accessRules)
                            {
                                if (rule.Account == account)
                                {
                                    AccessRuleCollection ruleCollection = new AccessRuleCollection();
                                    ruleCollection.Add(rule);
                                    rolesexport.Text += itemWithRights.Paths.FullPath + " " + RightsHelper.RightToHtml(rule) + " " + rule.AccessRight.Name + " " + rule.SecurityPermission.ToString() + "<br>";
                                }
                            }
                        }
                    }
                    rolesexport.Text += "<br>\n";
                }
                rolesexport.Text += "<form method=\"post\" action=\"/sitecore modules/Shell/Security-Rights-Reporting/Download.aspx?rolesexport=1\" enctype=\"multipart/form-data\"><input type=\"hidden\" id=\"rol\" name=\"rol\" value=\"" + "" + HttpUtility.HtmlAttributeEncode(rols) + "\"><input type=\"submit\" value=\"Download\" name=\"submit\" ></form>";
            }
        }
Exemple #2
0
        public static void DisplayAccountRight(Literal userrights, Database db, string account, bool showdefaultrights)
        {
            if (account == "all")
            {
                userrights.Text += string.Format("<h2 id=\"{0}\">Item Rights set on all users and roles on {0} Database</h2>", db.Name);
            }
            else
            {
                userrights.Text += string.Format("<h2 id=\"{1}\">Item Rights set on account {0} on {1} Database</h2>", System.Web.HttpUtility.HtmlEncode(account), db.Name);
            }

            //We use a query instead of index search because, security field data is not in query, will be slower by large resultset.
            var itemList = CurrentRights.GetAllRights(db);

            if (itemList.Count.ToString() == Settings.GetSetting("Query.MaxItems"))
            {
                userrights.Text += "<p style=\"color:#FF3333;\">Alert Query limit is: " + itemList.Count + " looks like we don't have all data because this limit see Query.MaxItems in config </p>";
            }
            var count = 0;

            var    checkAccount = new CheckAccount();
            string outmessage;

            var defaultRights = Reporting.Shell.RightsData.RightsData.GetDefaultRights(db.Name, account, out outmessage);

            if (!string.IsNullOrEmpty(outmessage))
            {
                userrights.Text += "<p>" + outmessage + "</p>";
            }
            userrights.Text += "<table id=\"table-accountrights\">";
            foreach (var item in itemList)
            {
                var accessRules = item.Security.GetAccessRules();
                if (accessRules != null)
                {
                    if (account == "devexport")
                    {
                        userrights.Text += string.Format(",new[] {{\"{0}\",@\"{1}\"}}\n<br>", item.Paths.FullPath, item.Fields["__Security"].Value);
                        if (item.Paths.FullPath.StartsWith("[orphan]"))
                        {
                            userrights.Text += string.Format("orphan id={0} template={1}\n<br>", item.ID, item.TemplateID);
                        }
                    }
                    else
                    {
                        foreach (var rule in accessRules)
                        {
                            var defaultRight = defaultRights.FirstOrDefault(x => x.Path == item.Paths.FullPath && x.Account == rule.Account.Name && x.Right == rule.SecurityPermission.ToString() && x.Name == rule.AccessRight.Name && x.PropagationType == rule.PropagationType.ToString());
                            var style        = "";
                            var message      = "";
                            if (defaultRight != null)
                            {
                                defaultRight.Hit = true;
                                style            = " style=\"color:#008800;\" class=\"green\"";
                                message          = string.Format(", ({0})", defaultRight.Message);
                                if (!showdefaultrights)
                                {
                                    continue;
                                }
                            }
                            var accountExsist = true;
                            if (rule.Account.AccountType == AccountType.Role)
                            {
                                accountExsist = checkAccount.IsRolExsisting(rule.Account.Name);
                            }
                            else
                            {
                                accountExsist = checkAccount.IsUserExsisting(rule.Account.Name);
                            }
                            if (!accountExsist)
                            {
                                message += ", Account unknown";
                                style    = " style=\"color:#FFA500;\" class=\"orange\"";
                            }

                            if (rule.Account.Name == account)
                            {
                                userrights.Text += string.Format("<tr{3}><td>{0}</td><td>{1}</td><td>{6}</td><td>{7}</td><td>{2}{4}</td><td>{5}</td></tr>\n", item.Paths.FullPath, rule.AccessRight.Comment, rule.SecurityPermission, style, message, rule.PropagationType, rule.AccessRight.Name, RightsHelper.RightToHtml(rule));
                                count++;
                            }
                            else if (account == "all")
                            {
                                userrights.Text += string.Format("<tr{4}><td>{0}</td><td>{8} : {1}</td><td>{7}</td><td>{9}</td><td>{2}{5}</td><td>{3}</td><td>{6}</td></tr>\n", item.Paths.FullPath, rule.Account.Name, rule.AccessRight.Comment, rule.SecurityPermission, style, message, rule.PropagationType, rule.AccessRight.Name, rule.Account.AccountType.ToString(), RightsHelper.RightToHtml(rule));
                                count++;
                            }
                            else if (account == "alldevexport")
                            {
                                userrights.Text += string.Format(",new[] {{\"{0}\",\"{1}\",\"{2}\",\"{3}\"}}\n<br>", item.Paths.FullPath, rule.Account.Name.Replace("\\", "\\\\"), rule.SecurityPermission, rule.PropagationType);
                                count++;
                            }
                        }
                    }
                }
            }
            if (count == 0)
            {
                if (showdefaultrights)
                {
                    userrights.Text += "<tr><td>No rights found in this Database for the user or role.</td></tr>";
                }
                else
                {
                    userrights.Text += "<tr><td>No custom rights found in this Database.</td></tr>";
                }
            }
            userrights.Text += "</table>";

            var warningRights = defaultRights.Where(x => x.Hit == false).ToList();

            if (warningRights.Any())
            {
                userrights.Text += "<br><span style=\"color:#880000;\">WARNING:</span> Expected rights not found, or no Access:<br><table style=\"color:#880000;\">";
                foreach (var warningRight in warningRights)
                {
                    userrights.Text += string.Format("<tr><td>{0}</td><td>{1}</td><td>{2}</td><td>{3}</td><td>{4}</td><td>{5}</td></tr>\n", warningRight.Path, warningRight.Account, warningRight.Name, warningRight.Message, warningRight.Right, warningRight.PropagationType);
                }
                userrights.Text += "</table>";
            }
        }