private static async Task EnforceAccessRightAsync(int documentId, Employee employee, AccessRight right) { using (var context = new ngenDbContext()) { var document = await context.Documents.FirstAsync(d => d.Id == documentId); var permissions = document.Permissions == null ? null : DocumentPermissions.FromBytes(document.Permissions); if (permissions == null) { return; } switch (right) { case AccessRight.Read: if (!permissions.CanRead(employee)) { throw new DocumentAccessException("You do not have read access for this document", document, employee); } break; case AccessRight.ReadWrite: if (!permissions.CanWrite(employee)) { throw new DocumentAccessException("You do not have write access to this document", document, employee); } break; } } }
public void Can_grant_employees_role_write_access_to_document() { var role = new SystemRole { Id = 1, Name = "Test Role" }; var employee = new Employee { Id = 1, SystemRoleId = role.Id }; var docPermissions = new DocumentPermissions(); Assert.IsFalse(docPermissions.CanWrite(employee)); docPermissions.Set(role, AccessRight.ReadWrite); Assert.IsTrue(docPermissions.CanWrite(employee)); }
protected virtual PDFWriterFactory GetSecureWriter(Document forDoc, IDocumentPasswordSettings settings) { if (null == forDoc) { throw new ArgumentNullException("forDoc"); } SecureString owner = null; SecureString user = null; PDFDocumentID id = forDoc.DocumentID; var permissions = forDoc.Permissions; if (null != settings) { owner = settings.OwnerPassword; user = settings.UserPassword; } if (null == id) { id = PDFDocumentID.Create(); forDoc.DocumentID = id; } if (null == permissions) { permissions = new DocumentPermissions(); } var encFactory = permissions.GetFactory(); var enc = encFactory.InitEncrypter(owner, user, id, permissions.GetRestrictions(), forDoc.PerformanceMonitor); return(new PDFSecureWrite14Factory(enc)); }
/// <summary> /// Document Permissions. /// </summary> /// <param name="documentPermissions">Document Permissions.</param> public void WithPermissions(DocumentPermissions documentPermissions) { _encryptionPreferences.DocumentPermissions = documentPermissions; }