public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAccount(mInstance.AccountBlog.Account, DataOperation.All));
if (ManagedDiscussion.IsDiscussionType(type))
{
if (mInstance.EnableComments && mInstance.AccountBlog.EnableComments)
{
acl.Add(new ACLAuthenticatedAllowCreate());
}
}
foreach (AccountBlogAuthor author in Collection <AccountBlogAuthor> .GetSafeCollection(mInstance.AccountBlog.AccountBlogAuthors))
{
int op = (int)DataOperation.None;
if (author.AllowDelete)
{
op |= (int)DataOperation.Delete;
}
if (author.AllowEdit)
{
op |= (int)DataOperation.Update;
}
if (author.AllowPost)
{
op |= (int)DataOperation.Create;
}
acl.Add(new ACLAccount(author.Account, op));
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
// everyone is able to see this membership if the group is public
if (!mInstance.AccountGroup.IsPrivate)
{
acl.Add(new ACLEveryoneAllowRetrieve());
}
// everyone is able to join the group if the group is public
if (!mInstance.AccountGroup.IsPrivate)
{
acl.Add(new ACLAuthenticatedAllowCreate());
}
// member can remove and read himself from the group
acl.Add(new ACLAccount(mInstance.Account, DataOperation.Delete | DataOperation.Retreive));
// members can edit or see the membership depending on their permissions
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(
mInstance.AccountGroup.AccountGroupAccounts))
{
acl.Add(new ACLAccount(account.Account, account.IsAdministrator
? DataOperation.All
: DataOperation.Retreive));
}
// members with pending invitations can accept it
foreach (AccountGroupAccountInvitation invitation in Collection <AccountGroupAccountInvitation> .GetSafeCollection(
mInstance.AccountGroup.AccountGroupAccountInvitations))
{
acl.Add(new ACLAccount(invitation.Account, DataOperation.Create));
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLAuthenticatedAllowCreate());
acl.Add(new ACLAccount(mInstance.Account, DataOperation.All));
return acl;
}
public override ACL GetACL(Type type)
{
if (ManagedDiscussion.IsDiscussionType(type))
{
ACL acl = base.GetACL(type);
// members can post articles, admins can edit and delete
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(mInstance.AccountGroupAccounts))
{
acl.Add(new ACLAccount(account.Account, account.IsAdministrator
? DataOperation.All
: DataOperation.Create | DataOperation.Retreive));
}
return(acl);
}
else
{
ACL acl = base.GetACL(type);
// everyone can create a group
acl.Add(new ACLAuthenticatedAllowCreate());
// everyone is able to see a group (only name/description)
acl.Add(new ACLEveryoneAllowRetrieve());
// members can edit or see the group depending on their permissions
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(mInstance.AccountGroupAccounts))
{
acl.Add(new ACLAccount(account.Account, account.IsAdministrator
? DataOperation.All
: DataOperation.Retreive));
}
return(acl);
}
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAuthenticatedAllowCreate());
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAccount(mInstance.AccountFeedItem.AccountFeed.Account, DataOperation.All));
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLAuthenticatedAllowCreate());
acl.Add(new ACLAccount(mInstance.Account, DataOperation.All));
acl.Add(new ACLAccount(mInstance.Keen, DataOperation.Update | DataOperation.Retreive | DataOperation.Delete));
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAuthenticatedAllowCreate());
acl.Add(new ACLAccountId(mInstance.AccountId, DataOperation.All));
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAuthenticatedAllowCreate());
// website owner can delete/edit his own addition
acl.Add(new ACLAccount(mInstance.Account, DataOperation.All));
// place owners have the same rights to linked websites
acl.AddRange(new ManagedPlace(Session, mInstance.Place).GetACL(type).AccessControlList);
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAccount(mInstance.Place.Account, DataOperation.All));
foreach (AccountPlace relationship in Collection <AccountPlace> .GetSafeCollection(mInstance.Place.AccountPlaces))
{
acl.Add(new ACLAccount(relationship.Account,
relationship.Type.CanWrite ? DataOperation.All : DataOperation.Retreive));
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAccount(mInstance.AccountFeed.Account, DataOperation.All));
if (ManagedDiscussion.IsDiscussionType(type))
{
acl.Add(new ACLAuthenticatedAllowCreate());
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLAuthenticatedAllowCreate());
Account acct = null;
try
{
acct = Session.Load <Account>(mInstance.AccountId);
if (acct.Id == 0)
{
throw new ObjectNotFoundException(mInstance.AccountId, typeof(Account));
}
}
catch (ObjectNotFoundException)
{
acct = null;
}
if (acct != null)
{
// user can view his own activity and delete broadcasts
acl.Add(new ACLAccount(acct, mInstance.IsBroadcast ? DataOperation.AllExceptUpdate : DataOperation.Retreive));
if (!mInstance.IsPrivate && !mInstance.IsSystem)
{
// friends can retrieve public audit entries
if (acct.AccountFriends != null)
{
foreach (AccountFriend friend in acct.AccountFriends)
{
acl.Add(new ACLAccount(friend.Keen, DataOperation.Retreive));
}
}
if (acct.KeenAccountFriends != null)
{
foreach (AccountFriend friend in acct.KeenAccountFriends)
{
acl.Add(new ACLAccount(friend.Account, DataOperation.Retreive));
}
}
}
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLAccount(mInstance.Account, DataOperation.Retreive));
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
acl.Add(new ACLAuthenticatedAllowCreateAndDelete());
acl.Add(new ACLAccount(mInstance.Account, DataOperation.Delete | DataOperation.Retreive));
acl.Add(new ACLAccount(mInstance.Place.Account, DataOperation.AllExceptUpdate));
foreach (AccountPlace relationship in Collection <AccountPlace> .GetSafeCollection(mInstance.Place.AccountPlaces))
{
if (relationship.Type.CanWrite)
{
acl.Add(new ACLAccount(relationship.Account, DataOperation.AllExceptUpdate));
}
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
// members can create invitations or approve / deny them depending on their permissions
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(mInstance.AccountGroup.AccountGroupAccounts))
{
acl.Add(new ACLAccount(account.Account, account.IsAdministrator
? DataOperation.All
: DataOperation.Create));
}
// the person who the invitation is for can retreive and delete it
if (Id > 0)
{
acl.Add(new ACLAccount(mInstance.Account, DataOperation.AllExceptUpdate));
}
return(acl);
}
public override ACL GetACL(Type type)
{
ManagedDiscussionMapEntry mapentry = null;
ACL acl = null;
if (mInstance.Personal && ManagedDiscussionMap.TryFind(mInstance.DataObject, out mapentry))
{
acl = mapentry.GetACL(Session, mInstance.ObjectId, typeof(Discussion));
}
else
{
acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
}
acl.Add(new ACLAccount(mInstance.Account, DataOperation.All));
return(acl);
}
public override ACL GetACL(Type type)
{
ManagedDiscussionMapEntry mapentry = null;
ACL acl = null;
if (mInstance.Discussion.Personal && ManagedDiscussionMap.TryFind(mInstance.Discussion.DataObject, out mapentry))
{
acl = mapentry.GetACL(Session, mInstance.Discussion.ObjectId, typeof(DiscussionThread));
}
else
{
acl = base.GetACL(type);
acl.Add(new ACLEveryoneAllowRetrieve());
acl.Add(new ACLAuthenticatedAllowCreate());
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
// everyone is able to request membership in a group
// TODO: invitation-only groups
// if (!mInstance.AccountGroup.IsInviteOnly)
acl.Add(new ACLAuthenticatedAllowCreate());
// requester can cancel and fetch his own request
acl.Add(new ACLAccount(mInstance.Account, DataOperation.Delete | DataOperation.Retreive));
// members can delete (approve or deny) this request based on their permissions
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(mInstance.AccountGroup.AccountGroupAccounts))
{
if (account.IsAdministrator)
{
acl.Add(new ACLAccount(account.Account, DataOperation.AllExceptUpdate));
}
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
// everyone is able to see this membership if the group is public
if (!mInstance.AccountGroup.IsPrivate)
{
acl.Add(new ACLEveryoneAllowRetrieve());
}
// the user who has uploaded the picture can do anything to it
// members can create or see the pictures depending on their permissions
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(mInstance.AccountGroup.AccountGroupAccounts))
{
// account that uploaded the picture or the admin can do anything with it
acl.Add(new ACLAccount(account.Account, account.IsAdministrator || (Id > 0 && mInstance.Account == account.Account)
? DataOperation.All
: DataOperation.Retreive | DataOperation.Create));
}
return(acl);
}
public override ACL GetACL(Type type)
{
ACL acl = base.GetACL(type);
// members can create or see the places depending on their permissions
foreach (AccountGroupAccount account in Collection <AccountGroupAccount> .GetSafeCollection(mInstance.AccountGroup.AccountGroupAccounts))
{
acl.Add(new ACLAccount(account.Account, account.IsAdministrator
? DataOperation.All
: DataOperation.Retreive | DataOperation.Create));
}
return(acl);
}
