public ApplicationSelector ( ClientAdminContextAccessor clientContextAccessor, ClientManager clientManager ) { _clientContext = clientContextAccessor.GetContext(); _clientManager = clientManager; }
private void CreatePermissionGroups(ClientAdminContext clientContext) { if (clientContext?.Client == null) { throw new NullReferenceException("ClientAdminContext.Client is required"); } var currentClientId = clientContext.Client.Id; //build permissions groups _permissions.Add(new Permission { Title = "Users", Permissions = new Permission[] { new Permission { Title = "Browse All User Directories", Claims = { new SecurityClaim(ClientClaimTypes.UserDirectoryRead, currentClientId), new SecurityClaim(ClientClaimTypes.UsersRead, currentClientId) } }, new Permission { Title = "Manage / Create User Directories", Claims = { new SecurityClaim(ClientClaimTypes.UserDirectoryCreate, currentClientId), new SecurityClaim(ClientClaimTypes.UserDirectoryRead, currentClientId), new SecurityClaim(ClientClaimTypes.UserDirectoryEdit, currentClientId), new SecurityClaim(ClientClaimTypes.UserDirectoryDelete, currentClientId), } }, new Permission { Title = "Create / Edit User Profiles", Claims = { new SecurityClaim(ClientClaimTypes.UserDirectoryRead, currentClientId), new SecurityClaim(ClientClaimTypes.UsersRead, currentClientId), new SecurityClaim(ClientClaimTypes.UsersCreate, currentClientId), new SecurityClaim(ClientClaimTypes.UsersEdit, currentClientId), new SecurityClaim(ClientClaimTypes.UsersDelete, currentClientId), } }, new Permission { Title = "Assign Global Roles to Users", Claims = { new SecurityClaim(ClientClaimTypes.UserDirectoryRead, currentClientId), new SecurityClaim(ClientClaimTypes.UsersRead, currentClientId), new SecurityClaim(ClientClaimTypes.AppRolesRead, currentClientId), new SecurityClaim(ClientClaimTypes.AppRolesAssign, currentClientId), } }, new Permission { Title = "Assign Site Roles to Users", Claims = { new SecurityClaim(SiteClaimTypes.SiteUsersRead, currentClientId), new SecurityClaim(SiteClaimTypes.SiteRolesAssign, currentClientId), } }, } }); _permissions.Add(new Permission { Title = "Roles", Permissions = new Permission[] { new Permission { Title = "Manage / Create Global Roles", Claims = { new SecurityClaim(ClientClaimTypes.AppRolesRead, currentClientId), new SecurityClaim(ClientClaimTypes.AppRolesCreate, currentClientId), new SecurityClaim(ClientClaimTypes.AppRolesEdit, currentClientId), new SecurityClaim(ClientClaimTypes.AppRolesDelete, currentClientId), new SecurityClaim(ClientClaimTypes.AppRolesAssign, currentClientId), } }, new Permission { Title = "Manage / Create Site Roles", Claims = { new SecurityClaim(SiteClaimTypes.SiteRolesRead, currentClientId), new SecurityClaim(SiteClaimTypes.SiteRolesCreate, currentClientId), new SecurityClaim(SiteClaimTypes.SiteRolesEdit, currentClientId), new SecurityClaim(SiteClaimTypes.SiteRolesDelete, currentClientId), new SecurityClaim(SiteClaimTypes.SiteRolesAssign, currentClientId), } }, } }); _permissions.Add(new Permission { Title = "Connection Groups", Permissions = new Permission[] { new Permission { Title = "Manage Global Connection Groups", Claims = { new SecurityClaim(ClientClaimTypes.AppGroupsRead, currentClientId), new SecurityClaim(ClientClaimTypes.AppGroupsCreate, currentClientId), new SecurityClaim(ClientClaimTypes.AppGroupsEdit, currentClientId), new SecurityClaim(ClientClaimTypes.AppGroupsDelete, currentClientId), new SecurityClaim(ClientClaimTypes.AppGroupsAssign, currentClientId), } }, new Permission { Title = "Manage All Site Connection Groups", Claims = { new SecurityClaim(SiteClaimTypes.SiteGroupsRead, currentClientId), new SecurityClaim(SiteClaimTypes.SiteGroupsCreate, currentClientId), new SecurityClaim(SiteClaimTypes.SiteGroupsEdit, currentClientId), new SecurityClaim(SiteClaimTypes.SiteGroupsDelete, currentClientId), new SecurityClaim(SiteClaimTypes.SiteGroupsAssign, currentClientId), } }, new Permission { Title = "Create / Manage Personal Groups", Claims = { new SecurityClaim(UserClaimTypes.PersonalGroupOwner, currentClientId) } }, } }); _permissions.Add(new Permission { Title = "Notification Groups", Permissions = new Permission[] { new Permission { Title = "Manage Global Notification Groups", Claims = { new SecurityClaim(ClientClaimTypes.AppNotifyGroupsRead, currentClientId), new SecurityClaim(ClientClaimTypes.AppNotifyGroupsCreate, currentClientId), new SecurityClaim(ClientClaimTypes.AppNotifyGroupsEdit, currentClientId), new SecurityClaim(ClientClaimTypes.AppNotifyGroupsDelete, currentClientId), new SecurityClaim(ClientClaimTypes.AppNotifyGroupsAssign, currentClientId), } }, new Permission { Title = "Send Nofifications to Global Groups", Claims = { new SecurityClaim(ClientClaimTypes.AppNotificationsSend, currentClientId), } }, new Permission { Title = "Manage All Site Notification Groups", Claims = { new SecurityClaim(SiteClaimTypes.SiteNotifyGroupsRead, currentClientId), new SecurityClaim(SiteClaimTypes.SiteNotifyGroupsCreate, currentClientId), new SecurityClaim(SiteClaimTypes.SiteNotifyGroupsEdit, currentClientId), new SecurityClaim(SiteClaimTypes.SiteNotifyGroupsDelete, currentClientId), new SecurityClaim(SiteClaimTypes.SiteNotifyGroupsAssign, currentClientId), } }, new Permission { Title = "Send Notifications to Site Groups", Claims = { new SecurityClaim(SiteClaimTypes.SiteNotificationsSend, currentClientId), }, }, } }); _permissions.Add(new Permission { Title = "Document Library", Permissions = { new Permission { Title = "Browse Global Document Library", Claims = { new SecurityClaim(ClientClaimTypes.AppLibraryRead, currentClientId), } }, new Permission { Title = "Manage Global Document Library", Claims = { new SecurityClaim(ClientClaimTypes.AppLibraryRead, currentClientId), new SecurityClaim(ClientClaimTypes.AppLibraryOwner, currentClientId) } }, new Permission { Title = "View All Sites Document Libraries", Claims = { new SecurityClaim(SiteClaimTypes.SiteLibraryReader, currentClientId) } }, new Permission { Title = "Manage All Sites Document Libraries", Claims = { new SecurityClaim(SiteClaimTypes.SiteLibraryReader, currentClientId), new SecurityClaim(SiteClaimTypes.SiteLibraryOwner, currentClientId) } }, new Permission { Title = "Browse All User Libraries", Claims = { new SecurityClaim(ClientClaimTypes.UserLibrariesBrowse, currentClientId), } }, new Permission { Title = "Manage All User Libraries", Claims = { new SecurityClaim(ClientClaimTypes.UserLibrariesBrowse, currentClientId), new SecurityClaim(ClientClaimTypes.UserLibrariesManage, currentClientId) } }, new Permission { Title = "Manage Personal Document Library", Claims = { new SecurityClaim(UserClaimTypes.PersonalLibraryOwner, currentClientId) } } } }); _permissions.Add(new Permission { Title = "Websites", Permissions = new Permission[] { new Permission { Title = "Manage / Create Websites", Claims = { new SecurityClaim(ClientClaimTypes.SitesCreate, currentClientId), new SecurityClaim(ClientClaimTypes.SitesRead, currentClientId), new SecurityClaim(ClientClaimTypes.SitesEdit, currentClientId), new SecurityClaim(ClientClaimTypes.SitesDelete, currentClientId), new SecurityClaim(ClientClaimTypes.SitesPublish, currentClientId), } }, new Permission { Title = "Manage / Create Site Collections", Claims = { new SecurityClaim(ClientClaimTypes.SiteCollectionsCreate, currentClientId), new SecurityClaim(ClientClaimTypes.SiteCollectionsRead, currentClientId), new SecurityClaim(ClientClaimTypes.SiteCollectionsEdit, currentClientId), new SecurityClaim(ClientClaimTypes.SiteCollectionsDelete, currentClientId), new SecurityClaim(ClientClaimTypes.SiteCollectionsAssign, currentClientId), } }, new Permission { Title = "Create / Design All Website Content", Claims = { new SecurityClaim(SiteClaimTypes.SiteSettingsEdit, currentClientId), new SecurityClaim(SiteClaimTypes.SiteSettingsRead, currentClientId), new SecurityClaim(SiteClaimTypes.SiteTemplateEdit, currentClientId), new SecurityClaim(SiteClaimTypes.SiteTemplateRead, currentClientId), new SecurityClaim(SiteClaimTypes.SitePagesCreate, currentClientId), new SecurityClaim(SiteClaimTypes.SitePagesRead, currentClientId), new SecurityClaim(SiteClaimTypes.SitePagesEdit, currentClientId), new SecurityClaim(SiteClaimTypes.SitePagesDelete, currentClientId), new SecurityClaim(SiteClaimTypes.SitePagesDesign, currentClientId), new SecurityClaim(SiteClaimTypes.SitePagesPublish, currentClientId), // HOTFIX: Per Dave - Client's cannot design master pages /* * new SecurityClaim(SiteClaimTypes.SiteMasterPagesDelete, currentClientId), * new SecurityClaim(SiteClaimTypes.SiteMasterPagesCreate, currentClientId), * new SecurityClaim(SiteClaimTypes.SiteMasterPagesRead, currentClientId), * new SecurityClaim(SiteClaimTypes.SiteMasterPagesEdit, currentClientId), * new SecurityClaim(SiteClaimTypes.SiteMasterPagesDelete, currentClientId), * new SecurityClaim(SiteClaimTypes.SiteMasterPagesDesign, currentClientId), * new SecurityClaim(SiteClaimTypes.SiteMasterPagesPublish, currentClientId), */ } } } }); }
public ClientUserSites(ClientAdminContextAccessor clientContextAccessor, SiteManager siteManager) { _clientContextAccessor = clientContextAccessor; _clientContext = clientContextAccessor.GetContext(); _siteManager = siteManager; }