public Rock.CMS.DTO.Auth ApiGet(string id, string apiKey)
{
using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope())
{
Rock.CMS.UserService userService = new Rock.CMS.UserService();
Rock.CMS.User user = userService.Queryable().Where(u => u.ApiKey == apiKey).FirstOrDefault();
if (user != null)
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id));
if (Auth.Authorized("View", user))
{
return(Auth.DataTransferObject);
}
else
{
throw new WebFaultException <string>("Not Authorized to View this Auth", System.Net.HttpStatusCode.Forbidden);
}
}
else
{
throw new WebFaultException <string>("Invalid API Key", System.Net.HttpStatusCode.Forbidden);
}
}
}
public void UpdateAuth(string id, Rock.CMS.DTO.Auth Auth)
{
var currentUser = Rock.CMS.UserService.GetCurrentUser();
if (currentUser == null)
{
throw new WebFaultException <string>("Must be logged in", System.Net.HttpStatusCode.Forbidden);
}
using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope())
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth existingAuth = AuthService.Get(int.Parse(id));
if (existingAuth.Authorized("Edit", currentUser))
{
uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth);
if (existingAuth.IsValid)
{
AuthService.Save(existingAuth, currentUser.PersonId);
}
else
{
throw new WebFaultException <string>(existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest);
}
}
else
{
throw new WebFaultException <string>("Not Authorized to Edit this Auth", System.Net.HttpStatusCode.Forbidden);
}
}
}
public void ApiDeleteAuth(string id, string apiKey)
{
using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope())
{
Rock.CMS.UserService userService = new Rock.CMS.UserService();
Rock.CMS.User user = userService.Queryable().Where(u => u.ApiKey == apiKey).FirstOrDefault();
if (user != null)
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id));
if (Auth.Authorized("Edit", user))
{
AuthService.Delete(Auth, user.PersonId);
AuthService.Save(Auth, user.PersonId);
}
else
{
throw new WebFaultException <string>("Not Authorized to Edit this Auth", System.Net.HttpStatusCode.Forbidden);
}
}
else
{
throw new WebFaultException <string>("Invalid API Key", System.Net.HttpStatusCode.Forbidden);
}
}
}
public void DeleteAuth(string id)
{
var currentUser = Rock.CMS.UserService.GetCurrentUser();
if (currentUser == null)
{
throw new WebFaultException <string>("Must be logged in", System.Net.HttpStatusCode.Forbidden);
}
using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope())
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id));
if (Auth.Authorized("Edit", currentUser))
{
AuthService.Delete(Auth, currentUser.PersonId);
AuthService.Save(Auth, currentUser.PersonId);
}
else
{
throw new WebFaultException <string>("Not Authorized to Edit this Auth", System.Net.HttpStatusCode.Forbidden);
}
}
}
public void ApiCreateAuth(string apiKey, Rock.CMS.DTO.Auth Auth)
{
using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope())
{
Rock.CMS.UserService userService = new Rock.CMS.UserService();
Rock.CMS.User user = userService.Queryable().Where(u => u.ApiKey == apiKey).FirstOrDefault();
if (user != null)
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth existingAuth = new Rock.CMS.Auth();
AuthService.Add(existingAuth, user.PersonId);
uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth);
if (existingAuth.IsValid)
{
AuthService.Save(existingAuth, user.PersonId);
}
else
{
throw new WebFaultException <string>(existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest);
}
}
else
{
throw new WebFaultException <string>("Invalid API Key", System.Net.HttpStatusCode.Forbidden);
}
}
}
protected void lbAddUser_Click(object sender, EventArgs e)
{
List <Rock.Security.AuthRule> existingAuths =
Rock.Security.Authorization.AuthRules(iSecured.AuthEntity, iSecured.Id, CurrentAction);
int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1;
bool actionUpdated = false;
foreach (ListItem li in cbUsers.Items)
{
if (li.Selected)
{
bool alreadyExists = false;
int personId = Int32.Parse(li.Value);
foreach (Rock.Security.AuthRule auth in existingAuths)
{
if (auth.PersonId.HasValue && auth.PersonId.Value == personId)
{
alreadyExists = true;
break;
}
}
if (!alreadyExists)
{
Rock.CMS.Auth auth = new Rock.CMS.Auth();
auth.EntityType = iSecured.AuthEntity;
auth.EntityId = iSecured.Id;
auth.Action = CurrentAction;
auth.AllowOrDeny = "A";
auth.SpecialRole = Rock.CMS.SpecialRole.None;
auth.PersonId = personId;
auth.Order = ++maxOrder;
authService.Add(auth, CurrentPersonId);
authService.Save(auth, CurrentPersonId);
actionUpdated = true;
}
}
}
if (actionUpdated)
{
Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, CurrentAction);
}
pnlAddUser.Visible = false;
phList.Visible = true;
BindGrid();
}
protected void rGrid_Delete(object sender, RowEventArgs e)
{
Rock.CMS.Auth auth = authService.Get(( int )rGrid.DataKeys[e.RowIndex]["id"]);
if (auth != null)
{
authService.Delete(auth, CurrentPersonId);
authService.Save(auth, CurrentPersonId);
Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, CurrentAction);
}
BindGrid();
}
protected void rblAllowDeny_SelectedIndexChanged(object sender, EventArgs e)
{
RadioButtonList rblAllowDeny = ( RadioButtonList )sender;
GridViewRow selectedRow = rblAllowDeny.NamingContainer as GridViewRow;
if (selectedRow != null)
{
int id = ( int )rGrid.DataKeys[selectedRow.RowIndex]["id"];
Rock.CMS.Auth auth = authService.Get(id);
if (auth != null)
{
auth.AllowOrDeny = rblAllowDeny.SelectedValue;
authService.Save(auth, CurrentPersonId);
Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, CurrentAction);
}
}
BindGrid();
}
public Rock.CMS.DTO.Auth Get(string id)
{
var currentUser = Rock.CMS.UserService.GetCurrentUser();
if (currentUser == null)
{
throw new WebFaultException <string>("Must be logged in", System.Net.HttpStatusCode.Forbidden);
}
using (Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope())
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth Auth = AuthService.Get(int.Parse(id));
if (Auth.Authorized("View", currentUser))
{
return(Auth.DataTransferObject);
}
else
{
throw new WebFaultException <string>("Not Authorized to View this Auth", System.Net.HttpStatusCode.Forbidden);
}
}
}
public void ApiCreateAuth( string apiKey, Rock.CMS.DTO.Auth Auth )
{
using ( Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope() )
{
Rock.CMS.UserService userService = new Rock.CMS.UserService();
Rock.CMS.User user = userService.Queryable().Where( u => u.ApiKey == apiKey ).FirstOrDefault();
if (user != null)
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth existingAuth = new Rock.CMS.Auth();
AuthService.Add( existingAuth, user.PersonId );
uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth);
if (existingAuth.IsValid)
AuthService.Save( existingAuth, user.PersonId );
else
throw new WebFaultException<string>( existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest );
}
else
throw new WebFaultException<string>( "Invalid API Key", System.Net.HttpStatusCode.Forbidden );
}
}
protected void lbAddRole_Click( object sender, EventArgs e )
{
List<Rock.Security.AuthRule> existingAuths =
Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, CurrentAction );
int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1;
foreach ( ListItem li in cblRoleActionList.Items )
{
if (li.Selected)
{
bool actionUpdated = false;
bool alreadyExists = false;
Rock.CMS.SpecialRole specialRole = Rock.CMS.SpecialRole.None;
int? groupId = Int32.Parse(ddlRoles.SelectedValue);
switch(groupId)
{
case -1: specialRole = Rock.CMS.SpecialRole.AllUsers; break;
case -2: specialRole = Rock.CMS.SpecialRole.AllAuthenticatedUsers; break;
case -3: specialRole = Rock.CMS.SpecialRole.AllUnAuthenticatedUsers; break;
default: specialRole = Rock.CMS.SpecialRole.None; break;
}
if (groupId < 0)
groupId = null;
foreach ( Rock.Security.AuthRule rule in
Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, li.Text ) )
{
if ( rule.SpecialRole == specialRole && rule.GroupId == groupId )
{
alreadyExists = true;
break;
}
}
if ( !alreadyExists )
{
Rock.CMS.Auth auth = new Rock.CMS.Auth();
auth.EntityType = iSecured.AuthEntity;
auth.EntityId = iSecured.Id;
auth.Action = li.Text;
auth.AllowOrDeny = "A";
auth.SpecialRole = specialRole;
auth.GroupId = groupId;
auth.Order = ++maxOrder;
authService.Add( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
actionUpdated = true;
}
if ( actionUpdated )
Rock.Security.Authorization.ReloadAction( iSecured.AuthEntity, iSecured.Id, li.Text );
}
}
pnlAddRole.Visible = false;
phList.Visible = true;
BindGrid();
}
protected void lbAddUser_Click( object sender, EventArgs e )
{
List<Rock.Security.AuthRule> existingAuths =
Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, CurrentAction );
int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1;
bool actionUpdated = false;
foreach ( ListItem li in cbUsers.Items )
{
if ( li.Selected )
{
bool alreadyExists = false;
int personId = Int32.Parse( li.Value );
foreach ( Rock.Security.AuthRule auth in existingAuths )
if ( auth.PersonId.HasValue && auth.PersonId.Value == personId)
{
alreadyExists = true;
break;
}
if ( !alreadyExists )
{
Rock.CMS.Auth auth = new Rock.CMS.Auth();
auth.EntityType = iSecured.AuthEntity;
auth.EntityId = iSecured.Id;
auth.Action = CurrentAction;
auth.AllowOrDeny = "A";
auth.SpecialRole = Rock.CMS.SpecialRole.None;
auth.PersonId = personId;
auth.Order = ++maxOrder;
authService.Add( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
actionUpdated = true;
}
}
}
if ( actionUpdated )
Rock.Security.Authorization.ReloadAction( iSecured.AuthEntity, iSecured.Id, CurrentAction );
pnlAddUser.Visible = false;
phList.Visible = true;
BindGrid();
}
protected void lbAddRole_Click(object sender, EventArgs e)
{
List <Rock.Security.AuthRule> existingAuths =
Rock.Security.Authorization.AuthRules(iSecured.AuthEntity, iSecured.Id, CurrentAction);
int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1;
foreach (ListItem li in cblRoleActionList.Items)
{
if (li.Selected)
{
bool actionUpdated = false;
bool alreadyExists = false;
Rock.CMS.SpecialRole specialRole = Rock.CMS.SpecialRole.None;
int?groupId = Int32.Parse(ddlRoles.SelectedValue);
switch (groupId)
{
case -1: specialRole = Rock.CMS.SpecialRole.AllUsers; break;
case -2: specialRole = Rock.CMS.SpecialRole.AllAuthenticatedUsers; break;
case -3: specialRole = Rock.CMS.SpecialRole.AllUnAuthenticatedUsers; break;
default: specialRole = Rock.CMS.SpecialRole.None; break;
}
if (groupId < 0)
{
groupId = null;
}
foreach (Rock.Security.AuthRule rule in
Rock.Security.Authorization.AuthRules(iSecured.AuthEntity, iSecured.Id, li.Text))
{
if (rule.SpecialRole == specialRole && rule.GroupId == groupId)
{
alreadyExists = true;
break;
}
}
if (!alreadyExists)
{
Rock.CMS.Auth auth = new Rock.CMS.Auth();
auth.EntityType = iSecured.AuthEntity;
auth.EntityId = iSecured.Id;
auth.Action = li.Text;
auth.AllowOrDeny = "A";
auth.SpecialRole = specialRole;
auth.GroupId = groupId;
auth.Order = ++maxOrder;
authService.Add(auth, CurrentPersonId);
authService.Save(auth, CurrentPersonId);
actionUpdated = true;
}
if (actionUpdated)
{
Rock.Security.Authorization.ReloadAction(iSecured.AuthEntity, iSecured.Id, li.Text);
}
}
}
pnlAddRole.Visible = false;
phList.Visible = true;
BindGrid();
}
protected void lbAddRole_Click( object sender, EventArgs e )
{
List<Rock.Security.AuthRule> existingAuths =
Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, CurrentAction );
int maxOrder = existingAuths.Count > 0 ? existingAuths.Last().Order : -1;
foreach ( ListItem li in cblRoleActionList.Items )
{
if (li.Selected)
{
bool actionUpdated = false;
bool alreadyExists = false;
foreach ( Rock.Security.AuthRule rule in
Rock.Security.Authorization.AuthRules( iSecured.AuthEntity, iSecured.Id, li.Text ) )
{
if ( rule.UserOrRole == "R" && rule.UserOrRoleName == ddlRoles.SelectedValue )
{
alreadyExists = true;
break;
}
}
if ( !alreadyExists )
{
Rock.CMS.Auth auth = new Rock.CMS.Auth();
auth.EntityType = iSecured.AuthEntity;
auth.EntityId = iSecured.Id;
auth.Action = li.Text;
auth.AllowOrDeny = "A";
auth.UserOrRole = "R";
auth.UserOrRoleName = ddlRoles.SelectedValue;
auth.Order = ++maxOrder;
authService.Add( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
actionUpdated = true;
}
if ( actionUpdated )
Rock.Security.Authorization.ReloadAction( iSecured.AuthEntity, iSecured.Id, li.Text );
}
}
pnlAddRole.Visible = false;
phList.Visible = true;
BindGrid();
}
public void CreateAuth( Rock.CMS.DTO.Auth Auth )
{
var currentUser = Rock.CMS.UserService.GetCurrentUser();
if ( currentUser == null )
throw new WebFaultException<string>("Must be logged in", System.Net.HttpStatusCode.Forbidden );
using ( Rock.Data.UnitOfWorkScope uow = new Rock.Data.UnitOfWorkScope() )
{
uow.objectContext.Configuration.ProxyCreationEnabled = false;
Rock.CMS.AuthService AuthService = new Rock.CMS.AuthService();
Rock.CMS.Auth existingAuth = new Rock.CMS.Auth();
AuthService.Add( existingAuth, currentUser.PersonId );
uow.objectContext.Entry(existingAuth).CurrentValues.SetValues(Auth);
if (existingAuth.IsValid)
AuthService.Save( existingAuth, currentUser.PersonId );
else
throw new WebFaultException<string>( existingAuth.ValidationResults.AsDelimited(", "), System.Net.HttpStatusCode.BadRequest );
}
}
