public Handler(IUserContext userContext, IWriteDbContext writeDbContext, AccessControlService accessControlService, IMediator mediator)
{
_userContext = userContext;
_writeDbContext = writeDbContext;
_accessControlService = accessControlService;
_mediator = mediator;
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>Execution result.</returns>
public bool Execute(SitemapViewModel request)
{
var sitemap = Repository
.AsQueryable <Models.Sitemap>()
.Where(map => map.Id == request.Id)
.FetchMany(map => map.AccessRules)
.Distinct()
.ToList()
.First();
var roles = new[] { RootModuleConstants.UserRoles.EditContent };
if (CmsConfiguration.Security.AccessControlEnabled)
{
AccessControlService.DemandAccess(sitemap, Context.Principal, AccessLevel.ReadWrite, roles);
}
UnitOfWork.BeginTransaction();
if (sitemap.AccessRules != null)
{
var rules = sitemap.AccessRules.ToList();
rules.ForEach(sitemap.RemoveRule);
}
sitemap = Repository.Delete <Models.Sitemap>(request.Id, request.Version);
UnitOfWork.Commit();
Events.SitemapEvents.Instance.OnSitemapDeleted(sitemap);
return(true);
}
private ApplicationDbContext GetContext(string name)
{
var options = new DbContextOptionsBuilder <ApplicationDbContext>()
.UseInMemoryDatabase(name)
.Options;
var serviceProvider = new ServiceCollection()
.AddLogging()
.BuildServiceProvider();
var loggerFactory = serviceProvider.GetService <ILoggerFactory>();
var user = new ApplicationUser();
user.IndividualId = 1;
var userAccessorMock = new Mock <IUserAccessor>();
userAccessorMock
.Setup(ua => ua.GetUser())
.Returns(Task.FromResult(user));
var context = new ApplicationDbContext(options);
_service = new AccessControlService(
context,
loggerFactory,
userAccessorMock.Object);
return(context);
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns></returns>
public ClonePageWithLanguageViewModel Execute(GetPageForCloningWithLanguageCommandRequest request)
{
var pageFutureQuery = Repository
.AsQueryable <PageProperties>()
.Where(p => p.Id == request.PageId && !p.IsDeleted)
.Select(p =>
new
{
Model = new ClonePageWithLanguageViewModel
{
PageId = p.Id,
IsMasterPage = p.IsMasterPage
},
LanguageGroupIdentifier = p.LanguageGroupIdentifier,
LanguageId = p.Language != null ? p.Language.Id : (System.Guid?)null
})
.ToFuture();
var languagesFuture = languageService.GetLanguagesLookupValues();
var result = pageFutureQuery.FirstOne();
var model = result.Model;
model.Languages = languagesFuture.ToList();
model.ShowWarningAboutNoCultures = !model.Languages.Any();
if (model.IsMasterPage)
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.Administration);
}
else
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.EditContent);
}
IList <UserAccessViewModel> accessRules;
if (cmsConfiguration.Security.AccessControlEnabled)
{
accessRules = Repository
.AsQueryable <Root.Models.Page>()
.Where(x => x.Id == request.PageId && !x.IsDeleted)
.SelectMany(x => x.AccessRules)
.OrderBy(x => x.Identity)
.ToFuture()
.ToList()
.Select(x => new UserAccessViewModel(x))
.ToList();
}
else
{
accessRules = null;
}
model.AccessControlEnabled = cmsConfiguration.Security.AccessControlEnabled;
model.UserAccessList = accessRules;
AddRemoveLanguages(model.Languages, result.LanguageGroupIdentifier, result.LanguageId);
return(model);
}
static void Main(string[] args)
{
var userService = new UserService(new UserRepository());
var accessControlService = new AccessControlService();
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("Hello to Iron Access Control App");
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("AccessControl only accepts adult users [Upper 18 years]");
Console.ForegroundColor = ConsoleColor.Green;
var users = userService.GetAll();
Console.WriteLine($"Process Start - Total Users: { users.Count }");
accessControlService.RegisterError += AccessControlService_RegisterError;
accessControlService.RegisterSuccess += AccessControlService_RegisterSuccess;
accessControlService.RegisterUsers(users);
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("Process Results:");
Console.WriteLine($"Registered Users: { users.Where(u=> u.Status == eOperationStatus.RegisterSuccess).Count() }");
Console.WriteLine($"Unregistered Users : { users.Where(u => u.Status == eOperationStatus.RegisterError).Count() }");
Console.WriteLine("Process End");
Console.Read();
}
/// <summary>
/// Converts the specified media.
/// </summary>
/// <param name="media">The media.</param>
/// <returns>Converts media entity to view model.</returns>
private MediaHistoryItem Convert(Media media)
{
var file = media.Original as MediaFile;
var canRestore = media.Original != null &&
(SecurityService.IsAuthorized(RootModuleConstants.UserRoles.EditContent) || SecurityService.IsAuthorized(RootModuleConstants.UserRoles.Administration)) &&
(file == null || AccessControlService.GetAccessLevel(file, Context.Principal) >= AccessLevel.ReadWrite);
return(new MediaHistoryItem
{
Id = media.Id,
Version = media.Version,
StatusName = media.Original != null
? MediaGlobalization.MediaHistory_Status_Archived
: MediaGlobalization.MediaHistory_Status_Active,
Status = media.Original != null
? MediaHistoryStatus.Archived
: MediaHistoryStatus.Active,
PublishedOn = media.PublishedOn,
PublishedByUser = media.ModifiedByUser,
ArchivedOn = media.Original != null ? media.ModifiedOn : (DateTime?)null,
DisplayedFor = media.Original != null
? media.ModifiedOn - media.PublishedOn
: (TimeSpan?)null,
CanCurrentUserRestoreIt = canRestore
});
}
public Handler(IReadDbContext readDb, MapperConfiguration mapperConfiguration, AccessControlService accessControlService, IMapper mapper)
{
_readDb = readDb;
_mapperConfiguration = mapperConfiguration;
_accessControlService = accessControlService;
_mapper = mapper;
}
private bool HasAccessLevel(IList <Root.Models.Content> contents)
{
if (!cmsConfiguration.Security.AccessControlEnabled)
{
return(true);
}
if (contents.Count > 0)
{
var content = contents[0].Original ?? contents[0];
if (content != null)
{
var pageContent = Repository.AsQueryable <Root.Models.PageContent>()
.Where(x => x.Content == content && !x.IsDeleted)
.Fetch(x => x.Page)
.ThenFetchMany(x => x.AccessRules)
.ToList()
.FirstOrDefault();
if (pageContent != null)
{
return(AccessControlService.GetAccessLevel(pageContent.Page, Context.Principal) >= AccessLevel.ReadWrite);
}
}
}
return(true);
}
async public Task <List <int[]> > Index()
{
var userId = await UserAccessor.GetCurrentIndividualId();
var giftsWithReceivers = AccessControlService.GetVisibleGiftReceiverPairs(userId);
return(await giftsWithReceivers.ToListAsync());
}
public static AccessControlService getAccessControlService(String endPointAddress)
{
AccessControlService accessControlService = new AccessControlService();
accessControlService.Url = endPointAddress + ACCESS_CONTROL_SERVICE_ADDRESS;
addSecurityHeader(accessControlService);
return(accessControlService);
}
public Handler
(
IWriteDbContext writeDbContext,
IUserContext userContext, AccessControlService accessControlService)
{
_writeDbContext = writeDbContext;
_userContext = userContext;
_accessControlService = accessControlService;
}
/// <summary>
/// Controller of Reservation
/// </summary>
/// <param name="service">ReservationService</param>
/// <param name="acs">AccessControlService</param>
/// <param name="rus">ReservationUpdaterService</param>
public ReservationController(
ReservationService service,
AccessControlService acs,
ReservationUpdaterService rus //Just for instancing
) : base(service)
{
this._acs = acs;
this._rus = rus;
}
public AccessControlPolicyController(
ConditionalExpressionService conditionalExpressionService,
IAccessControlPolicyRepository accessControlPolicyRepository,
AccessControlService accessControlService)
{
_conditionalExpressionService = conditionalExpressionService;
_accessControlPolicyRepository = accessControlPolicyRepository;
_accessControlService = accessControlService;
}
public MapServiceDeploymentManager(MapServiceManager mapServicerService,
AccessControlService accessControlService,
ILogger <MapServiceDeploymentManager> logger = null)
{
_mapServerService = mapServicerService;
_accessControlService = accessControlService;
_logger = logger ?? new ConsoleLogger <MapServiceDeploymentManager>();
MapDocument = new ServerMapDocument(_mapServerService);
}
private static AccessControlService CreateAccessControlService(Guid objectId, IEnumerable <IUserAccess> accesses, AccessControlCollection defaults = null)
{
var repository = GetRepositoryMock(objectId, accesses);
var cacheService = GetCacheServiceMock();
var cmsConfiguration = GetCmsConfigurationMock(defaults);
var service = new AccessControlService(repository.Object, cacheService.Object, cmsConfiguration.Object);
return(service);
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns><c>true</c> if succeeded, otherwise <c>false</c></returns>
/// <exception cref="System.ComponentModel.DataAnnotations.ValidationException">If page status is not correct.</exception>
public bool Execute(SavePagePublishStatusRequest request)
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.PublishContent); // This would rise security exception if user has no access.
var page = UnitOfWork.Session
.QueryOver <PageProperties>().Where(p => p.Id == request.PageId && !p.IsDeleted)
.SingleOrDefault <PageProperties>();
if (page != null)
{
if (page.IsMasterPage)
{
return(false);
}
var initialStatus = page.Status;
if (page.Status == PageStatus.Draft || page.Status == PageStatus.Preview)
{
var message = string.Format(PagesGlobalization.SavePageStatus_PageIsInInappropriateStatus_Message);
var logMessage = string.Format("Draft/Preview page id={0} can not be published.", page.Id);
throw new ValidationException(() => message, logMessage);
}
if (request.IsPublished)
{
page.Status = PageStatus.Published;
page.PublishedOn = DateTime.Now;
}
else
{
page.Status = PageStatus.Unpublished;
}
// NOTE: When transaction is enabled exception is raised from DefaultEntityTrackingService.DemandReadWriteRule() saying that DB timeouted...
// UnitOfWork.BeginTransaction();
Repository.Save(page);
if (request.IsPublished)
{
contentService.PublishDraftContent(page.Id);
}
UnitOfWork.Commit();
if (page.Status != initialStatus)
{
Events.PageEvents.Instance.OnPagePublishStatusChanged(page);
}
}
return(true);
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>
/// <c>true</c>, if successfully restored.
/// </returns>
public bool Execute(RestorePageContentViewModel request)
{
var content = Repository
.AsQueryable <Root.Models.Content>(p => p.Id == request.PageContentId)
.Fetch(f => f.Original)
.First();
var contentType = content.GetType();
if (contentType == typeof(HtmlContentWidget) || contentType == typeof(ServerControlWidget))
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.Administration);
}
else
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.PublishContent);
if (content.Original != null)
{
var pageContent = Repository.AsQueryable <Root.Models.PageContent>()
.Where(x => x.Content.Id == content.Original.Id && !x.IsDeleted)
.Fetch(x => x.Page)
.ThenFetchMany(x => x.AccessRules)
.ToList()
.FirstOrDefault();
if (pageContent != null)
{
AccessControlService.DemandAccess(pageContent.Page, Context.Principal, AccessLevel.ReadWrite);
// Check if user has confirmed the deletion of regions in content.
if (!request.IsUserConfirmed && pageContent.Page.IsMasterPage)
{
var hasAnyChildren = contentService.CheckIfContentHasDeletingChildren(pageContent.Page.Id, content.Original.Id, ((HtmlContent)content).Html);
if (hasAnyChildren)
{
var message = PagesGlobalization.RestoreContent_ContentHasChildrenContents_RegionDeleteConfirmationMessage;
var logMessage = string.Format("User is trying to restore content with regions which has children contents. Confirmation is required. PageContentId: {0}, ContentId: {1}, PageId: {2}",
pageContent.Id, content.Id, pageContent.Page.Id);
throw new ConfirmationRequestException(() => message, logMessage);
}
}
}
}
}
var restoredContent = contentService.RestoreContentFromArchive(content);
UnitOfWork.Commit();
Events.RootEvents.Instance.OnContentRestored(restoredContent);
return(true);
}
/// <summary>
/// Executes this command.
/// </summary>
/// <param name="fileId">The file id.</param>
/// <returns>The view model.</returns>
public virtual FileViewModel Execute(Guid fileId)
{
var fileQuery = Repository.AsQueryable <MediaFile>().Where(f => f.Id == fileId && !f.IsDeleted);
if (configuration.Security.AccessControlEnabled)
{
fileQuery = fileQuery.FetchMany(f => f.AccessRules);
}
var file = fileQuery.ToList().FirstOne();
var model = new FileViewModel
{
Id = file.Id.ToString(),
Title = file.Title,
Description = file.Description,
Url = fileUrlResolver.EnsureFullPathUrl(file.PublicUrl),
Version = file.Version.ToString(CultureInfo.InvariantCulture),
FileName = file.OriginalFileName,
FileExtension = file.OriginalFileExtension,
FileSize = file.SizeAsText(),
Tags = tagService.GetMediaTagNames(fileId),
Image = file.Image == null || file.Image.IsDeleted ? null :
new ImageSelectorViewModel
{
ImageId = file.Image.Id,
ImageVersion = file.Image.Version,
ImageUrl = fileUrlResolver.EnsureFullPathUrl(file.Image.PublicUrl),
ThumbnailUrl = fileUrlResolver.EnsureFullPathUrl(file.Image.PublicThumbnailUrl),
ImageTooltip = file.Image.Caption,
FolderId = file.Image.Folder != null ? file.Image.Folder.Id : (Guid?)null
},
AccessControlEnabled = configuration.Security.AccessControlEnabled
};
model.Categories = categoryService.GetSelectedCategories <Media, MediaCategory>(fileId);
if (configuration.Security.AccessControlEnabled)
{
AccessControlService.DemandAccess(file, Context.Principal, AccessLevel.Read);
model.UserAccessList = file.AccessRules.Select(f => new UserAccessViewModel(f)).ToList();
model.Url = fileService.GetDownloadFileUrl(MediaType.File, model.Id.ToGuidOrDefault(), model.Url);
SetIsReadOnly(model, ((IAccessSecuredObject)file).AccessRules);
}
model.CategoriesFilterKey = file.GetCategorizableItemKey();
model.CategoriesLookupList = categoryService.GetCategoriesLookupList(model.CategoriesFilterKey);
return(model);
}
public AccessControlServiceTest()
{
var dbContextMock = CreateTestDbContext(OrganizationList());
_accessControlService = new AccessControlService(dbContextMock);
Thread.CurrentPrincipal = null;
_register = new Models.Register();
_organization = CreateOrganization();
_document = CreateDocument();
_dataset = CreateDataset();
_municipality = CreateMunicipality();
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>Execution result.</returns>
public SitemapNodeViewModel Execute(SitemapNodeViewModel request)
{
var sitemap =
Repository.AsQueryable <Models.Sitemap>()
.Where(map => map.Id == request.SitemapId)
.FetchMany(f => f.AccessRules)
.FetchMany(map => map.Nodes)
.ThenFetch(mapNode => mapNode.Page)
.FetchMany(map => map.Nodes)
.ThenFetch(mapNode => mapNode.Translations)
.Distinct()
.ToList()
.First();
if (CmsConfiguration.Security.AccessControlEnabled)
{
AccessControlService.DemandAccess(sitemap, Context.Principal, AccessLevel.ReadWrite);
}
UnitOfWork.BeginTransaction();
if (!request.SitemapId.HasDefaultValue())
{
SitemapService.ArchiveSitemap(sitemap);
}
bool updatedInDB;
var node = SitemapService.SaveNode(out updatedInDB, sitemap, request.Id, request.Version, request.Url, request.Title, request.Macro, request.PageId, request.UsePageTitleAsNodeTitle, request.DisplayOrder, request.ParentId);
UnitOfWork.Commit();
if (updatedInDB)
{
if (request.Id.HasDefaultValue())
{
Events.SitemapEvents.Instance.OnSitemapNodeCreated(node);
}
else
{
Events.SitemapEvents.Instance.OnSitemapNodeUpdated(node);
}
Events.SitemapEvents.Instance.OnSitemapUpdated(node.Sitemap);
}
return(new SitemapNodeViewModel
{
Id = node.Id,
Version = node.Version
});
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>The view model with list of history view models.</returns>
public SitemapHistoryViewModel Execute(GetSitemapHistoryRequest request)
{
var currentVersionQuery = Repository.AsQueryable <Models.Sitemap>()
.Where(map => map.Id == request.SitemapId);
if (cmsConfiguration.Security.AccessControlEnabled)
{
currentVersionQuery = currentVersionQuery.FetchMany(f => f.AccessRules);
}
var currentVersion = currentVersionQuery.Distinct().ToList().First();
if (cmsConfiguration.Security.AccessControlEnabled)
{
AccessControlService.DemandAccess(currentVersion, Context.Principal, AccessLevel.Read);
}
var history = new List <SitemapHistoryItem>
{
new SitemapHistoryItem
{
Id = currentVersion.Id,
Version = currentVersion.Version,
SitemapTitle = currentVersion.Title,
StatusName = NavigationGlobalization.SitemapStatus_Active,
ArchivedOn = null,
ArchivedByUser = null,
CanCurrentUserRestoreIt = false
}
};
var historyEntities = sitemapService.GetSitemapHistory(request.SitemapId);
history.AddRange(
historyEntities.Select(
archive =>
new SitemapHistoryItem
{
Id = archive.Id,
Version = archive.Version,
SitemapTitle = archive.Title,
StatusName = NavigationGlobalization.SitemapStatus_Archived,
ArchivedOn = archive.CreatedOn,
ArchivedByUser = archive.CreatedByUser,
CanCurrentUserRestoreIt = true
}).ToList());
history = AddSortAndPaging(history, request);
return(new SitemapHistoryViewModel(history, request, history.Count, request.SitemapId));
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>
/// <c>true</c>, if successfully restored.
/// </returns>
public SiteSettingSitemapViewModel Execute(SitemapRestoreViewModel request)
{
var archive =
Repository.AsQueryable <SitemapArchive>()
.Where(sitemapArchive => sitemapArchive.Id == request.SitemapVersionId)
.Fetch(sitemapArchive => sitemapArchive.Sitemap)
.ThenFetchMany(f => f.AccessRules)
.Fetch(sitemapArchive => sitemapArchive.Sitemap)
.ThenFetchMany(map => map.Nodes)
.ThenFetch(node => node.Page)
.Fetch(sitemapArchive => sitemapArchive.Sitemap)
.ThenFetchMany(map => map.Nodes)
.ThenFetchMany(node => node.Translations)
.Distinct()
.ToList()
.First();
if (CmsConfiguration.Security.AccessControlEnabled)
{
AccessControlService.DemandAccess(archive.Sitemap, Context.Principal, AccessLevel.ReadWrite);
}
// TODO: do we need a such confirmation?
// // Check if user has confirmed restoration if exist nodes linked to deleted pages.
// if (!request.IsUserConfirmed)
// {
// var hasDeletedPages = SitemapService.CheckIfArchiveHasDeletedPages(archive);
// if (hasDeletedPages)
// {
// var message = NavigationGlobalization.RestoreSitemap_ArchiveHasDeletedPages_RestoreConfirmationMessage;
// var logMessage = string.Format("User is trying to restore sitemap which has deleted pages. Confirmation is required. archiveId: {0}, sitemapId: {1}", archive.Id, archive.Sitemap.Id);
// throw new ConfirmationRequestException(() => message, logMessage);
// }
// }
UnitOfWork.BeginTransaction();
SitemapService.ArchiveSitemap(archive.Sitemap);
var restoredSitemap = SitemapService.RestoreSitemapFromArchive(archive);
UnitOfWork.Commit();
Events.SitemapEvents.Instance.OnSitemapRestored(restoredSitemap);
return(new SiteSettingSitemapViewModel
{
Id = restoredSitemap.Id,
Title = restoredSitemap.Title,
Version = restoredSitemap.Version
});
}
public MultiFileUploadViewModel Execute(GetMultiFileUploadRequest request)
{
var model = new MultiFileUploadViewModel();
model.RootFolderId = request.FolderId;
model.RootFolderType = request.Type;
model.ReuploadMediaId = request.ReuploadMediaId;
model.SelectedFolderId = Guid.Empty;
model.UploadedFiles = null;
var foldersQuery = Repository.AsQueryable <MediaFolder>().Where(f => f.Type == request.Type);
if (request.FolderId == Guid.Empty)
{
foldersQuery = foldersQuery.Where(f => f.Folder == null);
}
else
{
foldersQuery = foldersQuery.Where(f => f.Folder.Id == request.FolderId);
}
model.Folders = foldersQuery
.OrderBy(f => f.Title)
.Select(f => new Tuple <Guid, string>(f.Id, f.Title))
.ToList();
model.Folders.Insert(0, new Tuple <Guid, string>(Guid.Empty, ".."));
if (request.Type != MediaType.Image && cmsConfiguration.Security.AccessControlEnabled)
{
if (!request.ReuploadMediaId.HasDefaultValue())
{
var media = Repository.AsQueryable <Media>(m => m.Id == request.ReuploadMediaId).FirstOne();
var file = media as MediaFile;
if (file != null)
{
AccessControlService.DemandAccess(file, Context.Principal, AccessLevel.ReadWrite);
}
}
else
{
var principal = SecurityService.GetCurrentPrincipal();
model.UserAccessList = AccessControlService.GetDefaultAccessList(principal).Cast <UserAccessViewModel>().ToList();
model.AccessControlEnabled = cmsConfiguration.Security.AccessControlEnabled;
}
}
return(model);
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns></returns>
/// <exception cref="System.NotImplementedException"></exception>
public ClonePageViewModel Execute(Guid request)
{
var pageQuery = Repository
.AsQueryable <PageProperties>()
.Where(p => p.Id == request && !p.IsDeleted)
.Select(p => new ClonePageViewModel
{
PageId = p.Id,
IsMasterPage = p.IsMasterPage
})
.ToFuture();
ClonePageViewModel model;
IList <UserAccessViewModel> accessRules;
if (cmsConfiguration.Security.AccessControlEnabled)
{
accessRules = Repository
.AsQueryable <Root.Models.Page>()
.Where(x => x.Id == request && !x.IsDeleted)
.SelectMany(x => x.AccessRules)
.OrderBy(x => x.Identity)
.ToFuture()
.ToList()
.Select(x => new UserAccessViewModel(x))
.ToList();
}
else
{
accessRules = null;
}
model = pageQuery.FirstOne();
model.AccessControlEnabled = cmsConfiguration.Security.AccessControlEnabled;
model.UserAccessList = accessRules;
if (model.IsMasterPage)
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.Administration);
}
else
{
AccessControlService.DemandAccess(Context.Principal, RootModuleConstants.UserRoles.EditContent);
}
return(model);
}
/// <summary>
/// Executes the specified request.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>Media preview.</returns>
public MediaPreviewViewModel Execute(Guid request)
{
var response = new MediaPreviewViewModel();
var media = Repository
.AsQueryable <Media>(m => m.Id == request)
.Fetch(m => m.Original)
.FirstOne();
var image = media as MediaImage;
if (image != null)
{
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_Caption, image.Caption);
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_ImageDimensions, string.Format("{0} x {1}", image.Width, image.Height));
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_PublicThumbnailUrl, fileUrlResolver.EnsureFullPathUrl(image.PublicThumbnailUrl), true);
response.AddProperty(image.Caption, fileUrlResolver.EnsureFullPathUrl(image.PublicUrl), isImageUrl: true);
}
var file = media as MediaFile;
if (file != null)
{
if (cmsConfiguration.Security.AccessControlEnabled)
{
AccessControlService.DemandAccess(file.Original as MediaFile ?? file, Context.Principal, AccessLevel.Read);
}
var publicUrl = fileService.GetDownloadFileUrl(MediaType.File, file.Id, fileUrlResolver.EnsureFullPathUrl(file.PublicUrl));
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_Title, file.Title);
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_Description, file.Description);
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_FileSize, file.SizeAsText());
response.AddProperty(MediaGlobalization.MediaHistory_Preview_Properties_PublicUrl, publicUrl, true);
if (media.Image != null)
{
response.AddProperty(media.Image.Caption, fileUrlResolver.EnsureFullPathUrl(media.Image.PublicUrl), isImageUrl: true);
}
}
response.Properties = response.Properties.OrderByDescending(o => o.Title).ToList();
return(response);
}
async public Task <DataContext> Index()
{
var userId = await UserAccessor.GetCurrentIndividualId();
var individuals = AccessControlService.GetVisibleIndividuals(userId).Select(i => i.ToWeb());
var gifts = AccessControlService.GetVisibleGifts(userId).Select(g => g.ToWeb());
var giftsWithReceivers = AccessControlService.GetVisibleGiftReceiverPairs(userId);
return(new DataContext
{
IndividualMap = await individuals.ToDictionaryAsync(i => i.Id),
EventMap = await DbContext.Events.Select(e => e.ToWeb()).ToDictionaryAsync(e => e.Id),
GiftMap = await gifts.ToDictionaryAsync(g => g.Id),
GiftReceiverPairs = await giftsWithReceivers.ToListAsync(),
CurrentUserId = userId
});
}
/// <summary>
/// Adds the default access rules to blog post entity.
/// </summary>
/// <param name="blogPost">The blog post.</param>
private void AddDefaultAccessRules(BlogPost blogPost)
{
// Set default access rules
blogPost.AccessRules = new List <AccessRule>();
var list = AccessControlService.GetDefaultAccessList(Context.Principal);
foreach (var rule in list)
{
blogPost.AccessRules.Add(new AccessRule
{
Identity = rule.Identity,
AccessLevel = rule.AccessLevel,
IsForRole = rule.IsForRole
});
}
}
public IList <UserAccessViewModel> Execute(GetLayoutUserAccessCommandRequest request)
{
var principal = securityService.GetCurrentPrincipal();
if (request.IsMasterPage)
{
return
(Repository.AsQueryable <Root.Models.Page>()
.Where(x => x.Id == request.Id && !x.IsDeleted)
.SelectMany(x => x.AccessRules)
.OrderBy(x => x.IsForRole)
.ThenBy(x => x.Identity)
.Select(x => new UserAccessViewModel(x))
.ToList());
}
return(AccessControlService.GetDefaultAccessList(principal).Select(f => new UserAccessViewModel(f)).ToList());
}
protected override System.Collections.Generic.IEnumerable <System.Guid> GetDeniedMedias(ViewModels.MediaManager.MediaManagerViewModel request)
{
var query = Repository.AsQueryable <MediaFile>()
.Where(f => f.AccessRules.Any(b => b.AccessLevel == AccessLevel.Deny))
.FetchMany(f => f.AccessRules);
var list = query.ToList().Distinct();
var principle = SecurityService.GetCurrentPrincipal();
foreach (var file in list)
{
var accessLevel = AccessControlService.GetAccessLevel(file, principle);
if (accessLevel == AccessLevel.Deny)
{
yield return(file.Id);
}
}
}
void InitializeServices()
{
_services = new Dictionary <string, BaseService>();
EngineParameters parameters = new EngineParameters();
parameters.Logger = _logger;
_deviceService = new DeviceService();
_deviceService.AttachLogger(_logger);
_services.Add(Common.Definitions.OnvifService.DEVICE, _deviceService);
_doorControlService = new DoorControlService();
_doorControlService.AttachLogger(_logger);
_services.Add(Common.Definitions.OnvifService.DOORCONTROL, _doorControlService);
_accessControlService = new AccessControlService();
_accessControlService.AttachLogger(_logger);
_services.Add(Common.Definitions.OnvifService.ACCESSCONTROL, _accessControlService);
}
