private void CheckImportPermission()
{
string strFuncCode = AccreditResource.Func_CreateOrg + "," + AccreditResource.Func_CreateGroup + "," + AccreditResource.Func_CreateUser;
ExceptionHelper.FalseThrow(
SecurityCheck.DoesUserHasPermissions(this.LogOnUserInfo.UserLogOnName,
AccreditResource.AppCodeName,
strFuncCode,
UserValueType.LogonName,
DelegationMaskType.All),
"对不起,你现在还不能向机构“" + _RootAllPathName + "”中导入数据!");
DataSet dsScopes = SecurityCheck.GetUserFunctionsScopes(this.LogOnUserInfo.UserLogOnName,
AccreditResource.AppCodeName,
strFuncCode,
UserValueType.LogonName,
DelegationMaskType.All,
ScopeMaskType.All);
ExceptionHelper.FalseThrow(OGUWriter.IsObjectIsIncludeInObjects("ORGANIZATIONS",
_RootAllPathName,
SearchObjectColumn.SEARCH_ALL_PATH_NAME,
string.Empty,
dsScopes),
"对不起,您没有权限在该机构“" + _RootAllPathName + "”中创建新的子对象!");
}
public IActionResult CancelPolicy(string change, int id)
{
int? activeId = HttpContext.Session.GetInt32("activeUser");
bool isValid = SecurityCheck.CheckIfUserAuthorized(activeId, id);
if (isValid == false)
{
//Redirected to Logout as user may be malicious
return(RedirectToAction("Logout"));
}
PetOwner activeUser = _context.petowner.Include(o => o.OwnedPets).Single(o => o.Id == id);
//Switch case allows one route/method to handle different yet similar logic as needed
switch (change)
{
case "Cancel":
activeUser.Active = false;
foreach (Pet pet in activeUser.OwnedPets)
{
pet.Active = false;
}
break;
case "Activate":
activeUser.Active = true;
break;
}
_context.SaveChanges();
return(RedirectToAction("Dashboard"));
}
public DataSet GetUserAllowDelegteRoles(string userValue,
string appCodeName,
UserValueType userValueType,
RightMaskType rightMask)
{
return(SecurityCheck.GetUserAllowDelegteRoles(userValue, appCodeName, userValueType, rightMask));
}
public IActionResult CancelPetPolicy(string change, int id)
{
int? activeId = HttpContext.Session.GetInt32("activeUser");
bool isValid = SecurityCheck.CheckActiveUserVsPet(activeId, id, _context);
if (isValid == false)
{
//Redirected to Logout as user may be malicious
return(RedirectToAction("Logout", "PetOwner"));
}
var changingPet = _context.pet.SingleOrDefault(p => p.Id == id);
//Switch case allows one route/method to handle different yet similar logic as needed
switch (change)
{
case "Transfer":
return(RedirectToAction("Transfer", new{ id = id }));
case "Cancel":
changingPet.Active = false;
break;
case "Activate":
changingPet.Active = true;
break;
}
_context.SaveChanges();
return(RedirectToAction("Dashboard", "PetOwner"));
}
/// <summary>
/// 获取当前登录用户在当前“机构人员管理系统”中的全部权限
/// </summary>
/// <returns></returns>
public static string GetOGUPemission()
{
string strResult = "setNoPermission";
bool IsCustomsAuthentication = AccreditSection.GetConfig().AccreditSettings.CustomsAuthentication;
if (IsCustomsAuthentication)
{
DataSet ds = SecurityCheck.GetUserPermissions(GlobalInfo.UserLogOnInfo.UserLogOnName,
AccreditResource.AppCodeName,
UserValueType.LogonName,
RightMaskType.App,
DelegationMaskType.All);
strResult = string.Empty;
foreach (DataRow row in ds.Tables[0].Rows)
{
if (strResult.Length > 0)
{
strResult += ",";
}
strResult += OGUCommonDefine.DBValueToString(row["CODE_NAME"]);
}
}
return(strResult);
}
public DataSet GetUserApplications(string userValue,
UserValueType userValueType,
RightMaskType rightMask,
DelegationMaskType delegationMask)
{
return(SecurityCheck.GetUserApplications(userValue, userValueType, rightMask, delegationMask));
}
public async Task <ActionResult <SecurityCheck> > PostSecurityCheck(SecurityCheck securityCheck)
{
var device = await _context.Devices.FindAsync(securityCheck.DeviceId);
if (device == null)
{
return(NotFound());
}
string userName = User.GetUserName();
if (device.UserName != userName)
{
return(Forbid());
}
await _context.Database.CreateExecutionStrategy().ExecuteAsync(async() => {
var trans = _context.Database.BeginTransaction();
device.Status = DeviceStatus.Submitted;
_context.UpdateProperties(device, d => d.Status);
securityCheck.SubmissionDate = DateTime.Now;
securityCheck.UserName = userName;
_context.SecurityChecks.Add(securityCheck);
await _context.SaveChangesAsync();
await trans.CommitAsync();
});
return(CreatedAtAction("GetSecurityCheck", new { id = securityCheck.Id }, securityCheck));
}
public IActionResult ProcessTransfer(TransferOwner transfer, int petId, int ownerId)
{
int? activeId = HttpContext.Session.GetInt32("activeUser");
bool isValid = SecurityCheck.CheckUserCanTransfer(activeId, petId, ownerId, _context);
if (!isValid)
{
//Redirected to Logout as user may be malicious
return(RedirectToAction("Logout", "PetOwner"));
}
var transferPet = _context.pet.SingleOrDefault(p => p.Id == petId);
if (ModelState.IsValid)
{
int newOwnerId = _context.petowner.Single(o => o.Email == transfer.Email).Id;
transferPet.PetOwnerId = newOwnerId;
transferPet.Active = false;
_context.SaveChanges();
return(RedirectToAction("Dashboard", "PetOwner"));
}
transfer.PetToBeTransferred = (Pet)transferPet;
transfer.CurrentOwner = _context.petowner.SingleOrDefault(o => o.Id == (int)activeId);
transfer.Email = "";
return(View("Transfer", transfer));
}
protected void Page_Load(object sender, System.EventArgs e)
{
// 在此处放置用户代码以初始化页面
XmlDocument xmlUserInfo = new XmlDocument();
xmlUserInfo.LoadXml("<UserInfo/>");
XmlHelper.AppendNode(xmlUserInfo.FirstChild, "UserGuid", LogOnUserInfo.UserGuid);
XmlHelper.AppendNode(xmlUserInfo.FirstChild, "UserLogOnName", LogOnUserInfo.UserLogOnName);
for (int i = 0; i < LogOnUserInfo.OuUsers.Length; i++)
{
XmlNode OuUsersNode = XmlHelper.AppendNode(xmlUserInfo.FirstChild, "OuUsers");
XmlHelper.AppendNode(OuUsersNode, "UserGuid", LogOnUserInfo.OuUsers[i].UserGuid);
XmlHelper.AppendNode(OuUsersNode, "AllPathName", LogOnUserInfo.OuUsers[i].AllPathName);
XmlHelper.AppendNode(OuUsersNode, "UserDisplayName", LogOnUserInfo.OuUsers[i].UserDisplayName);
XmlHelper.AppendNode(OuUsersNode, "UserObjName", LogOnUserInfo.OuUsers[i].UserObjName);
XmlHelper.AppendNode(OuUsersNode, "Sideline", LogOnUserInfo.OuUsers[i].Sideline.ToString());
}
if (SecurityCheck.IsAdminUser(LogOnUserInfo.UserLogOnName))
{
XmlHelper.AppendAttr(xmlUserInfo.FirstChild, "AdminUser", "true");
}
else
{
XmlHelper.AppendAttr(xmlUserInfo.FirstChild, "AdminUser", "false");
}
userInfo.Value = xmlUserInfo.OuterXml;
}
/// <summary>
/// Update a SecurityCheck
/// </summary>
/// <param name="currentUser"></param>
/// <param name="user"></param>
/// <param name="appID"></param>
/// <param name="overrideID"></param>
/// <param name="code"></param>
/// <param name="lockID"></param>
/// <param name="dataRepository"></param>
/// <param name="uow"></param>
public void DeleteSecurityCheck(string currentUser, string user, string appID, string overrideID, string code, string lockID, IRepository <SecurityCheck> dataRepository, IUnitOfWork uow)
{
try
{
#region Parameter validation
// Validate parameters
if (string.IsNullOrEmpty(currentUser))
{
throw new ArgumentOutOfRangeException("currentUser");
}
if (string.IsNullOrEmpty(user))
{
throw new ArgumentOutOfRangeException("user");
}
if (string.IsNullOrEmpty(appID))
{
throw new ArgumentOutOfRangeException("appID");
}
if (string.IsNullOrEmpty(code))
{
throw new ArgumentOutOfRangeException("code");
}
if (string.IsNullOrEmpty(lockID))
{
throw new ArgumentOutOfRangeException("lockID");
}
if (null == dataRepository)
{
throw new ArgumentOutOfRangeException("dataRepository");
}
if (null == uow)
{
throw new ArgumentOutOfRangeException("uow");
}
#endregion
using (uow)
{
// Convert string to guid
Guid codeGuid = Guid.Parse(code);
// Find item based on ID
SecurityCheck dataEntity = dataRepository.Single(x => x.Code == codeGuid);
// Delete the item
dataRepository.Delete(dataEntity);
// Commit unit of work
uow.Commit();
}
}
catch (Exception e)
{
//Prevent exception from propogating across the service interface
ExceptionManager.ShieldException(e);
}
}
public DataSet GetDelegatedUser(string userValues,
string appCodeName,
string roleCodeNames,
UserValueType userValueType,
bool includeDisabled)
{
return(SecurityCheck.GetDelegatedUser(userValues, appCodeName, roleCodeNames, userValueType, includeDisabled));
}
public DataSet GetUserPermissions(string userValue,
string appCodeName,
UserValueType userValueType,
RightMaskType rightMask,
DelegationMaskType delegationMask)
{
return(SecurityCheck.GetUserPermissions(userValue, appCodeName, userValueType, rightMask, delegationMask));
}
public bool DoesUserHasAllPermissions(string userValue,
string appCodeName,
string funcCodeNames,
UserValueType userValueType,
DelegationMaskType delegationMask)
{
return(SecurityCheck.DoesUserHasAllPermissions(userValue, appCodeName, funcCodeNames, userValueType, delegationMask));
}
public bool IsUserInAllRoles(string userValue,
string appCodeName,
string roleCodeNames,
UserValueType userValueType,
DelegationMaskType delegationMask)
{
return(SecurityCheck.IsUserInAllRoles(userValue, appCodeName, roleCodeNames, userValueType, delegationMask));
}
public override bool DeleteItem(Item item, SecurityCheck securityCheck)
{
var args = new DeleteItemArgs(this.DefaultProvider, item, securityCheck);
CorePipeline.Run("deleteItem", args);
return(args.Result);
}
public AddVersionArgs(ItemProvider defaultProvider, Item item, SecurityCheck securityCheck)
: base(defaultProvider)
{
Assert.ArgumentNotNull(item, "item");
this.item = item;
this.securityCheck = securityCheck;
}
public DeleteItemArgs([NotNull] ItemProvider defaultProvider, [NotNull] Item item, SecurityCheck securityCheck)
: base(defaultProvider)
{
Assert.ArgumentNotNull(item, "item");
this.item = item;
this.securityCheck = securityCheck;
}
public override Item AddVersion(Item item, SecurityCheck securityCheck)
{
var args = new AddVersionArgs(this.DefaultProvider, item, securityCheck);
CorePipeline.Run("addVersion", args);
return(args.Result);
}
static void Main(string[] args)
{
Welcome.WelcomeToAirport();
string name = Console.ReadLine();
string firstNames, lastName;
SplitFullName.SplitName(name, out firstNames, out lastName);
Console.WriteLine($"{firstNames}, welcome to check-in desk. Please answer for a few questions.");
Console.WriteLine($"First of all, please input your date of birthday (yyyy,mm,d): ");
Passport passport = new Passport();
passport.DateOfBirth = CheckType.GetDateFromConsole();
CheckDB.CheckDateOfBirth(passport);
Console.WriteLine($"Are you have a visa, {firstNames}? (yes or no)");
Visa visa = new Visa();
visa.Status = CheckVisa.CheckOfVisa();
Console.WriteLine($"{firstNames}, please input your passport number: ");
passport.Number = Console.ReadLine();
Console.WriteLine($"{firstNames}, now please input passport issued (yyyy,mm,d): ");
passport.Issued = CheckType.GetDateFromConsole();
Console.WriteLine($"{firstNames}, now please input passport expired (yyyy,mm,d): ");
passport.Expired = CheckType.GetDateFromConsole();
CheckPassport.CheckDatesOfPassport(passport);
Console.WriteLine($"Are you have a online registration, {firstNames}? (yes or no)");
Ticket ticket = new Ticket();
ticket.NumberOfTicket = CheckTicket.CheckOnlineRegistration(ticket);
Console.WriteLine($"\nDo you have any luggage, {firstNames}? (yes or no)");
Bag bag = new Bag();
CheckBag.CheckWeightOfBag(bag);
Console.WriteLine($"{firstNames}, allright! Please go to security check. (any key)");
Console.ReadKey();
Console.WriteLine($"{firstNames}, welcome to security check. Open your case for examination, please." +
$"\nDo you have anything forbidden in your suitcase: drugs, guns, explosive materials? (yes or no)");
SecurityEmployee security = new SecurityEmployee();
security.ForbiddenItem = SecurityCheck.CheckForbiddenItem(security);
Console.WriteLine($"{firstNames}, welcome to passport control. May I see your passport and ticket, please? (yes or no)");
Passanger passanger = new Passanger(name, passport, ticket, visa, bag);
PassportControlEmployee passportControlEmployee = new PassportControlEmployee();
passportControlEmployee.Passanger = PassportControl.CheckPassanger(passanger);
}
public DataSet GetFunctionsUsers(string orgRoot,
string appCodeName,
string funcCodeNames,
DelegationMaskType delegationMask,
SidelineMaskType sidelineMask,
string extAttr)
{
return(SecurityCheck.GetFunctionsUsers(orgRoot, appCodeName, funcCodeNames, delegationMask, sidelineMask, extAttr));
}
private void CheckPermission(string strOPType)
{
bool bPermission = true;
bool isCustomsAuthentication = AccreditSection.GetConfig().AccreditSettings.CustomsAuthentication;
if (isCustomsAuthentication)
{
switch (strOPType)
{
case "Update":
bPermission = SecurityCheck.DoesUserHasPermissions(LogOnUserInfo.UserLogOnName,
AccreditResource.AppCodeName,
AccreditResource.Func_ModifyUser,
UserValueType.LogonName,
DelegationMaskType.All);
if (bPermission)
{
DataSet ds = SecurityCheck.GetUserFunctionsScopes(LogOnUserInfo.UserLogOnName,
AccreditResource.AppCodeName,
AccreditResource.Func_ModifyUser,
UserValueType.LogonName,
DelegationMaskType.All,
ScopeMaskType.All);
string strObjGuid = (string)GetRequestData("objGuid", string.Empty);
bPermission = IsObjectIsIncludeInObjects("USERS", strObjGuid, SearchObjectColumn.SEARCH_GUID, ds);
}
break;
case "AddSideline":
case "Insert":
bPermission = SecurityCheck.DoesUserHasPermissions(LogOnUserInfo.UserLogOnName,
AccreditResource.AppCodeName,
AccreditResource.Func_CreateUser,
UserValueType.LogonName,
DelegationMaskType.All);
ExceptionHelper.FalseThrow(bPermission, "对不起,您没有权限创建新的“用户”!");
if (bPermission)
{
DataSet ds = SecurityCheck.GetUserFunctionsScopes(LogOnUserInfo.UserLogOnName,
AccreditResource.AppCodeName,
AccreditResource.Func_CreateUser,
UserValueType.LogonName,
DelegationMaskType.All,
ScopeMaskType.All);
ExceptionHelper.FalseThrow(IsObjectIsIncludeInObjects("ORGANIZATIONS",
parentAllPathName.Value,
SearchObjectColumn.SEARCH_ALL_PATH_NAME,
ds),
"对不起,您没有在当前机构中创建“用户”的权限!");
}
break;
}
}
opPermission.Value = bPermission.ToString().ToLower();
}
public DataSet GetUserFunctionsScopes(string userValue,
string appCodeName,
string funcCodeNames,
UserValueType userValueType,
DelegationMaskType delegationMask,
ScopeMaskType scopeMask)
{
return(SecurityCheck.GetUserFunctionsScopes(userValue, appCodeName, funcCodeNames, userValueType, delegationMask, scopeMask));
}
public DataSet GetChildrenInRoles(string orgRoot,
string appCodeName,
string roleCodeNames,
bool doesMixSort,
bool doesSortRank,
bool includeDelegate)
{
return(SecurityCheck.GetChildrenInRoles(orgRoot, appCodeName,
roleCodeNames, doesMixSort, doesSortRank, includeDelegate));
}
/// <summary>
/// 查询应用(app_id)中包含用户(UserID)的所有角色
/// </summary>
/// <param name="xmlDoc"></param>
/// <remarks>
/// <code>
/// <getAppDelegationRoles logonName="userLogonName" appID="app_id" appCodeName="app_code_name"></getAppDelegationRoles>
/// </code>
/// </remarks>
protected void GetAppDelegationRoles(XmlDocument xmlDoc)
{
string strLogonName = xmlDoc.DocumentElement.GetAttribute("logonName");
string strAppCodeName = xmlDoc.DocumentElement.GetAttribute("appCodeName");
DataSet ds = SecurityCheck.GetUserAllowDelegteRoles(strLogonName, strAppCodeName,
UserValueType.LogonName, RightMaskType.All);
_XmlResult = InnerCommon.GetXmlDoc(ds);
}
public GetItemArgs([NotNull] ItemProvider defaultProvider, [NotNull] Language language, [NotNull] Version version, [NotNull] Database database, SecurityCheck securityCheck)
: base(defaultProvider)
{
Assert.ArgumentNotNull(language, "language");
Assert.ArgumentNotNull(version, "version");
Assert.ArgumentNotNull(database, "database");
this.language = language;
this.version = version;
this.database = database;
this.securityCheck = securityCheck;
}
private void DoQueryRoleToExp()
{
using (DbContext context = DbContext.GetContext(AppResource.ConnAlias))
{
XmlElement root = _XmlRequest.DocumentElement;
string strAppID = root.GetAttribute("app_id");
string strRoleID = root.GetAttribute("role_id");
//string strSQL = "SELECT ID, ROLE_ID, NAME, EXPRESSION, DESCRIPTION, SORT_ID, INHERITED, CLASSIFY "
// + " FROM EXPRESSIONS "
// + " WHERE ROLE_ID = " + TSqlBuilder.Instance.CheckQuotationMark(strRoleID)
// + " ORDER BY CLASSIFY DESC, DESCRIPTION, SORT_ID";
string strSQL = string.Format("SELECT CODE_NAME FROM APPLICATIONS WHERE ID = {0}; SELECT CODE_NAME FROM ROLES WHERE ID={1}",
TSqlBuilder.Instance.CheckQuotationMark(strAppID, true), TSqlBuilder.Instance.CheckQuotationMark(strRoleID, true));
DataSet ds = InnerCommon.ExecuteDataset(strSQL);
string strAppCodeName = string.Empty;
string strRoleCodeName = string.Empty;
if (ds.Tables[0].Rows.Count > 0)
{
strAppCodeName = ds.Tables[0].Rows[0]["CODE_NAME"].ToString();
}
if (ds.Tables[1].Rows.Count > 0)
{
strRoleCodeName = ds.Tables[1].Rows[0]["CODE_NAME"].ToString();
}
//如果不是总管理员,则得到机构管理范围
string strOrgRoot = string.Empty;
if (false == SecurityCheck.IsAdminUser(LogOnUserInfo.UserLogOnName))
{
ds = SecurityCheck.GetUserFunctionsScopes(LogOnUserInfo.UserLogOnName, strAppCodeName, "ADD_OBJECT_FUNC,DELETE_OBJECT_FUNC,MODIFY_OBJECT_FUNC");
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
if (strOrgRoot == string.Empty)
{
strOrgRoot += ds.Tables[0].Rows[i]["DESCRIPTION"].ToString();
}
else
{
strOrgRoot += "," + ds.Tables[0].Rows[i]["DESCRIPTION"].ToString();
}
}
if (strOrgRoot == string.Empty)
{
strOrgRoot = "NoOrgRoot";
}
}
ds = SecurityCheck.GetChildrenInRoles(strOrgRoot, strAppCodeName, strRoleCodeName, false, false, false);
_XmlResult = InnerCommon.GetXmlDoc(ds);
}
}
public IActionResult Update(string id, SecurityCheck securityCheckIn)
{
var securityCheck = _securityCheckService.Get(id);
if (securityCheck == null)
{
return(NotFound());
}
_securityCheckService.Update(id, securityCheckIn);
return(NoContent());
}
/// <summary>
/// Exports a list of strings to a file. </summary>
/// <param name="filename"> the name of the file to write. </param>
/// <param name="strings"> a non-null Vector of Strings, each element of which will be
/// another line in the file. </param>
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in .NET:
//ORIGINAL LINE: protected void export(String filename, java.util.List<String> strings) throws Exception
protected internal virtual void export(string filename, IList <string> strings)
{
string routine = "StateMod_Data_JFrame.export";
// First see if we can write the file given the security
// settings...
if (!SecurityCheck.canWriteFile(filename))
{
Message.printWarning(1, routine, "Cannot save \"" + filename + "\".");
throw new Exception("Security check failed - unable to write \"" + filename + "\"");
}
JGUIUtil.setWaitCursor(this, true);
// Create a new FileOutputStream wrapped with a DataOutputStream
// for writing to a file.
PrintWriter oStream = null;
try
{
oStream = new PrintWriter(new StreamWriter(filename));
}
catch (Exception)
{
JGUIUtil.setWaitCursor(this, false);
throw new Exception("Error opening file \"" + filename + "\".");
}
try
{
// Write each element of the strings Vector to a file.
// For some reason, when just using println in an
// applet, the cr-nl pair is not output like it should
// be on Windows95. Java Bug???
string linesep = System.getProperty("line.separator");
int size = strings.Count;
for (int i = 0; i < size; i++)
{
oStream.print(strings[i].ToString() + linesep);
}
oStream.flush();
oStream.close();
}
catch (Exception)
{
JGUIUtil.setWaitCursor(this, false);
throw new Exception("Error writing to file \"" + filename + "\".");
}
JGUIUtil.setWaitCursor(this, false);
}
public CreateItemArgs([NotNull] ItemProvider defaultProvider, [NotNull] string itemName, [NotNull] Item destination, [NotNull] ID templateId, [NotNull] ID newId, SecurityCheck securityCheck)
: base(defaultProvider)
{
Assert.ArgumentNotNullOrEmpty(itemName, "itemName");
Assert.ArgumentNotNull(templateId, "templateId");
Assert.ArgumentNotNull(destination, "destination");
Assert.ArgumentNotNull(newId, "newId");
this.itemName = itemName;
this.templateId = templateId;
this.destination = destination;
this.newId = newId;
this.securityCheck = securityCheck;
}
/// <summary>
/// 得到当前人员指定功能的,相应服务范围
/// </summary>
/// <example>
/// <code>
/// <queryUserFuncScopes app_code_name="asdf" func_code_names="ADD_OBJECT_FUNC" delegation_mask="3" scope_mask="1"/>
/// </code>
/// </example>
protected void DoQueryUserFuncScopes()
{
XmlElement root = _XmlRequest.DocumentElement;
string appCodeName = root.GetAttribute("app_code_name");
string funcCodeNames = root.GetAttribute("func_code_names");
string delegationMask = root.GetAttribute("delegation_mask");
string scopeMask = root.GetAttribute("scope_mask");
DelegationMaskType dm = DelegationMaskType.All;
ScopeMaskType sm = ScopeMaskType.All;
if (delegationMask != string.Empty)
{
dm = (DelegationMaskType)int.Parse(delegationMask);
}
if (scopeMask != string.Empty)
{
sm = (ScopeMaskType)int.Parse(scopeMask);
}
string userID = LogOnUserInfo.UserLogOnName;
//得到服务范围
DataTable dt = SecurityCheck.GetUserFunctionsScopes(userID, appCodeName, funcCodeNames, UserValueType.LogonName, dm, sm).Tables[0];
_XmlResult = new XmlDocument();
_XmlResult.LoadXml("<DataSet/>");
XmlHelper.AppendNode(_XmlResult.FirstChild, "Table");
string strRootOrg;
string[] arrRootOrg;
for (int i = 0; i < dt.Rows.Count; i++)
{
strRootOrg = dt.Rows[i]["DESCRIPTION"].ToString();
arrRootOrg = strRootOrg.Split(new char[] { ',', ';' });
for (int j = 0; j < arrRootOrg.Length; j++)
{
if (arrRootOrg[j] != string.Empty)
{
if (_XmlResult.SelectSingleNode(string.Format(".//ORGANIZATIONS[.='{0}']", arrRootOrg[j])) == null)
{
XmlHelper.AppendNode(_XmlResult.FirstChild.FirstChild, "ORGANIZATIONS", arrRootOrg[j]);
}
}
}
}
}
protected override Item ApplySecurity(Item item, SecurityCheck securityCheck)
{
// if this item's a template, just return standard security
if (item.TemplateID == ID.Parse(STANDARD_TEMPLATE_ID))
{
return base.ApplySecurity(item, securityCheck);
}
// detect if running the CMS or the end site
// && make sure we're supposed to do security checks
// && check if the item is derived from the custom security template
if (Context.Site != null
&& Context.Site.Name.ToLower() == WEBSITE_NAME
&& securityCheck != SecurityCheck.Disable
&& Context.PageMode.IsNormal
&& item.IsDerivedFrom(ID.Parse(SECURITY_TEMPLATE_ID)))
{
// here you can apply custom security rules based on your security template.
// in this case, I have...
// 1. a concept called "Span of Control" and an extension method to check it against the user
// 2. a set of roles on the security template that the user needs to have. In this case, I perform the check with an extension method.
// 3. a concept around "Departments", and an extension method hanging off the user to perform this check.
// Be extremely mindful of the efficiency of this check. Sitecore will run through this code each time you touch an item through the sitecore API.
if (item.HasSpanOfControlOver(Context.User) && Context.User.IsInDepartmentFor(item) && Context.User.HasRolesFor(item))
{
return base.ApplySecurity(item, securityCheck);
}
else
{
// trick sitecore into thinking that the item doesn't exist
return null;
}
}
return base.ApplySecurity(item, securityCheck);
}
public override Item GetRootItem(Language language, Version version, Database database, SecurityCheck securityCheck)
{
var fakeDatabase = database as FakeDatabase;
return fakeDatabase == null ? ((FakeDatabase)Factory.GetDatabase(database.Name)).RootItem : fakeDatabase.RootItem;
}
public override Item GetParent(Item item, SecurityCheck securityCheck)
{
return ((FakeItem) item).FakeParent;
}
public override Item GetItem(ID itemId, Language language, Version version, Database database, SecurityCheck securityCheck)
{
var fakeDatabase = database as FakeDatabase;
return fakeDatabase == null ? ((FakeDatabase) Factory.GetDatabase(database.Name)).FakeGetItem(itemId) : ((FakeDatabase) database).FakeGetItem(itemId);
}
public override ChildList GetChildren(Item item, SecurityCheck securityCheck)
{
return new ChildList(item,((FakeItem)item).FakeChildren);
}
