static private UriPermission GetPermission(SystemUser user, string uri) { if (user == null || string.IsNullOrEmpty(uri)) { return(null); } UriPermission permission = Db.SQL <UriPermission>("SELECT o.Permission FROM Simplified.Ring5.SystemUserUriPermission o WHERE o.Permission.Uri=? AND o.SystemUser=?", uri, user).First; if (permission != null) { return(permission); } // Check user group var groups = Db.SQL <Simplified.Ring3.SystemUserGroupMember>("SELECT o FROM Simplified.Ring3.SystemUserGroupMember o WHERE o.SystemUser=?", user); foreach (var group in groups) { permission = GetPermissionFromGroup(group.SystemUserGroup, uri); if (permission != null) { return(permission); } } return(null); }
private static UriPermission GetPermissionFromGroup(SystemUserGroup group, string url) { if (group == null) { return(null); } UriPermission permission = Db.SQL <UriPermission>("SELECT o.Permission FROM Simplified.Ring5.SystemUserGroupUriPermission o WHERE o.Permission.Uri=? AND o.SystemUserGroup=?", url, group).First ?? GetPermissionFromGroup(group.Parent, url); return(permission); }
public static void AssureUriPermission(string uri, SystemUserGroup group) { UriPermission permission = Db.SQL <UriPermission>("SELECT o.Permission FROM Simplified.Ring5.SystemUserGroupUriPermission o WHERE o.Permission.Uri=? AND o.SystemUserGroup=?", uri, group).First; if (permission == null) { Db.Transact(() => { UriPermission p1 = new UriPermission { Uri = uri, CanGet = true }; new SystemUserGroupUriPermission { ToWhat = p1, WhatIs = group }; }); } }
private static bool CanGetUri(SystemUser user, string uri, Request request) { // Check if there is any permission set for a url UriPermission per = Db.SQL <UriPermission>("SELECT o FROM Simplified.Ring5.UriPermission o WHERE o.Uri=?", uri).First; if (per == null) { // TODO: Check if user is part of Admin group, then allow acces? // No permission configuration for this url = DENY ACCESS return(false); } UriPermission permission = AuthorizationHelper.GetPermission(user, uri); if (permission != null) { return(permission.CanGet); } return(false); }