Esempio n. 1
0
        /// <summary>
        /// Check if a specific permission entity allows for the desired permission
        /// </summary>
        /// <param name="permissionEntity">The entity describing a permission</param>
        /// <param name="desiredActionCode">A key like r (for read), u (for update) etc. which is the level you want to check</param>
        /// <returns></returns>
        private bool DoesPermissionAllow(ToSic.Eav.Interfaces.IEntity permissionEntity, char desiredActionCode)
        {
            // Check if it's a grant-read permission - otherwise stop here
            var grnt = permissionEntity.GetBestValue(Grant).ToString();

            if (grnt.IndexOf(desiredActionCode) == -1) // Grant doesn't contain read, so stop here
            {
                return(false);
            }

            // Check if the current user fits the reason for this grant
            try
            {
                // check general permissions
                var condition = permissionEntity.GetBestValue(Condition).ToString();
                if (condition.ToLower().StartsWith(_salPrefix))
                {
                    var salWord = condition.Substring(_salPrefix.Length);
                    var sal     = (SecurityAccessLevel)Enum.Parse(typeof(SecurityAccessLevel), salWord);
                    // check anonymous - this is always valid, even if not in a module context
                    if (sal == SecurityAccessLevel.Anonymous)
                    {
                        return(true);
                    }

                    // check within module context
                    if (Module == null)
                    {
                        throw new Exception("trying to check permission " + _salPrefix + ", but don't have module in context");
                    }

                    return(DotNetNuke.Security.Permissions.ModulePermissionController
                           .HasModuleAccess(sal, CustomPermissionKey, Module));
                }

                // check owner conditions
                if (condition == _keyOwner)
                {
                    // if it's an entity, possibly also check owner-permissions
                    if (TargetItem != null && TargetItem.Owner == Environment.Dnn7.UserIdentity.CurrentUserIdentityToken)
                    {
                        return(true);
                    }
                }
            }
            catch
            {
                // something happened, in this case we assume that this rule cannot described a "is allowed"
                return(false);
            }

            // If the code gets here, we apparently don't know what the rule is about - return false
            return(false);
        }
Esempio n. 2
0
 private string GetBestString(string key) => (string)_templateEntity.GetBestValue(key);