internal Grantee(XmlReader reader)
{
reader.ReadStartElement();
var type = reader.GetAttribute("type", "xsi:type");
Id = reader.ReadElementContentAsString();
switch (type)
{
case "Group":
GranteeType = GranteeType.Group;
if (Id == "http://acs.amazonaws.com/groups/global/AuthenticatedUsers")
{
DisplayName = "Authenticated Users";
}
if (Id == "http://acs.amazonaws.com/groups/global/AllUsers")
{
DisplayName = "Anonimous";
}
break;
case "CanonicalUser":
GranteeType = GranteeType.User;
break;
case "EMail":
GranteeType = GranteeType.User;
break;
}
DisplayName = reader.ReadElementContentAsString("DisplayName", "");
reader.ReadEndElement();
}
/// <summary>
/// <see cref="ITableauPermissionService.DeleteDefaultCapabilityRolePermissionsAsync"/>
/// </summary>
public async Task DeleteDefaultCapabilityRolePermissionsAsync(
string projectId,
GranteeType granteeType,
string granteeId,
CapabilityRole capabilityRole
)
{
// collate capabilities for specified role into single unified permission
var permissions = new List <TableauPermission>();
var capabilityMode = CapabilityMode.Allow;
foreach (var capabilityName in RoleCapabilityMap[capabilityRole].Keys)
{
permissions.Add(BuildDefaultPermission(granteeType, granteeId, capabilityName, capabilityMode));
}
var capabilities = permissions.SelectMany(
p => p.GranteeCapabilities.First().Capabilities.Capability
).ToArray();
var permission = permissions.First();
permission.GranteeCapabilities.First().Capabilities.Capability = capabilities;
var resourceType = Enum.GetValues(typeof(ResourceType))
.Cast <ResourceType>()
.Single(r => capabilityRole.ToString().StartsWith(r.ToString(), StringComparison.OrdinalIgnoreCase));
await DeleteDefaultPermissionAsync(projectId, resourceType, permission).ConfigureAwait(false);
}
/// <summary>
/// <see cref="ITableauPermissionService.DeleteDefaultCapabilityAsync"/>
/// </summary>
public async Task DeleteDefaultCapabilityAsync(
string projectId,
ResourceType resourceType,
GranteeType granteeType,
string granteeId,
CapabilityName capabilityName,
CapabilityMode capabilityMode
)
{
await DeleteDefaultPermissionAsync(
projectId,
resourceType,
BuildDefaultPermission(granteeType, granteeId, capabilityName, capabilityMode)
).ConfigureAwait(false);
}
/// <summary>
/// <see cref="ITableauPermissionService.AddDefaultCapabilityAsync"/>
/// </summary>
public async Task <TableauPermission> AddDefaultCapabilityAsync(
string projectId,
ResourceType resourceType,
GranteeType granteeType,
string granteeId,
CapabilityName capabilityName,
CapabilityMode capabilityMode
)
{
return(await AddDefaultPermissionAsync(
projectId,
resourceType,
BuildDefaultPermission(granteeType, granteeId, capabilityName, capabilityMode)
).ConfigureAwait(false));
}
/// <summary>
/// Build permission for specified resource (e.g. datasource, project, workbook), user/group, and capability
/// </summary>
/// <param name="granteeType"></param>
/// <param name="granteeId"></param>
/// <param name="capabilityName"></param>
/// <param name="capabilityMode"></param>
public static TableauPermission BuildDefaultPermission(
GranteeType granteeType,
string granteeId,
CapabilityName capabilityName,
CapabilityMode capabilityMode
)
{
var permission = new TableauPermission();
var granteeCapabilities = new TableauGranteeCapabilities();
switch (granteeType)
{
case GranteeType.Group:
granteeCapabilities.Group = new TableauGroup()
{
Id = granteeId
};
break;
case GranteeType.User:
granteeCapabilities.User = new TableauUser()
{
Id = granteeId
};
break;
default:
throw new Exception("Unsupported user/group type");
}
granteeCapabilities.Capabilities = new TableauCapabilities()
{
Capability = new TableauCapability[] {
new TableauCapability()
{
Name = capabilityName.ToString(),
Mode = capabilityMode.ToString()
}
}
};
permission.GranteeCapabilities = new TableauGranteeCapabilities[] { granteeCapabilities };
return(permission);
}
/// <summary>
/// <see cref="ITableauPermissionService.DeleteCapabilityAsync"/>
/// </summary>
public async Task DeleteCapabilityAsync(
ResourceType resourceType,
string resourceId,
GranteeType userGroupType,
string userGroupId,
CapabilityName capabilityName,
CapabilityMode capabilityMode
)
{
await DeletePermissionAsync(
BuildPermission(
resourceType,
resourceId,
userGroupType,
userGroupId,
capabilityName,
capabilityMode
)
).ConfigureAwait(false);
}
/// <summary>
/// <see cref="ITableauPermissionService.AddCapabilityAsync"/>
/// </summary>
public async Task <TableauPermission> AddCapabilityAsync(
ResourceType resourceType,
string resourceId,
GranteeType userGroupType,
string userGroupId,
CapabilityName capabilityName,
CapabilityMode capabilityMode
)
{
return(await AddPermissionAsync(
BuildPermission(
resourceType,
resourceId,
userGroupType,
userGroupId,
capabilityName,
capabilityMode
)
).ConfigureAwait(false));
}
/// <summary>
/// Build permission for specified resource (e.g. datasource, project, workbook), user/group, and capability
/// </summary>
/// <param name="resourceType"></param>
/// <param name="resourceId"></param>
/// <param name="granteeType"></param>
/// <param name="granteeId"></param>
/// <param name="capabilityName"></param>
/// <param name="capabilityMode"></param>
public static TableauPermission BuildPermission(
ResourceType resourceType,
string resourceId,
GranteeType granteeType,
string granteeId,
CapabilityName capabilityName,
CapabilityMode capabilityMode
)
{
var permission = BuildDefaultPermission(granteeType, granteeId, capabilityName, capabilityMode);
switch (resourceType)
{
case ResourceType.Datasource:
permission.Datasource = new TableauDatasource()
{
Id = resourceId
};
break;
case ResourceType.Project:
permission.Project = new TableauProject()
{
Id = resourceId
};
break;
case ResourceType.Workbook:
permission.Workbook = new TableauWorkbook()
{
Id = resourceId
};
break;
default:
// default permission
break;
}
return(permission);
}
private DataGridViewRow rowFromGrants(S3Grantee grantee, IEnumerable <S3Permission> permissions)
{
// Create the S3Grantee from the Canonical User ID, Email Address, or Group (whichever was provided)
int grTypeIndex = 0;
string grName = null;
GranteeType type = grantee.Type;
if (type == GranteeType.CanonicalUser)
{
grTypeIndex = 0;
grName = grantee.CanonicalUser;
}
else if (type == GranteeType.Email)
{
grTypeIndex = 1;
grName = grantee.EmailAddress;
}
else if (type == GranteeType.Group)
{
grTypeIndex = 2;
grName = grantee.URI;
}
// Add a grant with READ permissions, if required
bool canRead = permissions.Contains(S3Permission.READ);
bool canReadAcl = permissions.Contains(S3Permission.READ_ACP);
bool canWriteAcl = permissions.Contains(S3Permission.WRITE_ACP);
// Add a grant with WRITE_ACP permissions, if required
var row = DgvGrants.RowTemplate.Clone() as DataGridViewRow;
string grType = DgvColGranteeType.Items[grTypeIndex].ToString();
row.CreateCells(DgvGrants, grType, grName, canRead, canReadAcl, canWriteAcl);
return(row);
}
public Grantee(GranteeType granteeType, string id, string displayName)
: base(id, displayName)
{
GranteeType = granteeType;
}
public Grantee(GranteeType granteeType, string id)
: this(granteeType, id, null)
{
}
