public bool FilterActivity(UserActivity activity)
{
if (activity == null) return true;
if (string.IsNullOrEmpty(activity.SecurityId)) return true;
try
{
string entryId;
if (activity.ContentID.StartsWith("file_"))
{
entryId = activity.ContentID.Substring("file_".Length);
var file = Global.DaoFactory.GetFileDao().GetFile(entryId);
return Global.GetFilesSecurity().CanRead(file);
}
if (activity.ContentID.StartsWith("folder_"))
{
entryId = activity.ContentID.Substring("folder_".Length);
var folder = Global.DaoFactory.GetFolderDao().GetFolder(entryId);
return Global.GetFilesSecurity().CanRead(folder);
}
}
catch (Exception)
{
return false;
}
return true;
}
public bool FilterActivity(UserActivity activity)
{
if (activity.ProductID == ProductEntryPoint.ID)
{
return TimeLinePublisher.IsAllowedToView(activity, Global.EngineFactory);
}
return true;
}
internal static UserActivity ApplyCustomeActivityParams(UserActivity ua, string actionText, Guid userID, int actionType, int businessValue)
{
ua.ActionText = actionText;
ua.UserID = userID;
ua.ActionType = actionType;
ua.BusinessValue = businessValue;
return ua;
}
internal static UserActivity ApplyCustomeActivityParams(UserActivity ua, string actionText, Guid userID, int actionType, int businessValue)
{
ua.ImageOptions = new ImageOptions();
ua.ImageOptions.PartID = WikiManager.ModuleId;
ua.ImageOptions.ImageFileName = string.Empty;
ua.ActionText = actionText;
ua.UserID = userID;
ua.ActionType = actionType;
ua.BusinessValue = businessValue;
return ua;
}
internal static UserActivity ApplyCustomeActivityParams(Feed feed, UserActivity ua, string actionText, Guid userID, int actionType, int businessValue)
{
ua.ImageOptions = new ImageOptions();
ua.ImageOptions.PartID = NewsConst.ModuleId;
ua.ImageOptions.ImageFileName = FeedTypeInfo.FromFeedType(feed.FeedType).TypeLogoPath;
ua.ActionText = actionText;
ua.UserID = userID;
ua.ActionType = actionType;
ua.BusinessValue = businessValue;
return ua;
}
internal static UserActivity ComposeActivityByPhotos(Album album)
{
UserActivity ua = new UserActivity();
ua.ContentID = GetAlbumContentID(album);
ua.TenantID = CurrentTenantID;
ua.Date = ASC.Core.Tenants.TenantUtil.DateTimeNow();
ua.ModuleID = PhotoConst.ModuleID;
ua.ProductID = ASC.Web.Community.Product.CommunityProduct.ID;
ua.Title = album.Event.Name;
ua.URL = String.Format("{0}?item={1}", PhotoConst.ViewAlbumPageUrl, album.Id);
return ua;
}
internal static UserActivity ComposeActivityByPhoto(AlbumItem item)
{
UserActivity ua = new UserActivity();
ua.TenantID = CurrentTenantID;
ua.ContentID = GetPhotoContentID(item);
ua.Date = ASC.Core.Tenants.TenantUtil.DateTimeNow();
ua.ModuleID = PhotoConst.ModuleID;
ua.ProductID = ASC.Web.Community.Product.CommunityProduct.ID;
ua.Title = item.Name;
ua.URL = String.Format("{0}?photo={1}", PhotoConst.ViewPhotoPageUrl, item.Id);
return ua;
}
internal static UserActivity ComposeActivityByPage(object page)
{
UserActivity ua = new UserActivity();
ua.TenantID = TenantProvider.CurrentTenantID;
ua.ContentID = GetContentID(page);
ua.Date = TenantUtil.DateTimeNow();
ua.ModuleID = WikiManager.ModuleId;
ua.ProductID = Product.CommunityProduct.ID;
ua.Title = GetTitle(page);
ua.URL = GetUrl(page);
return ua;
}
public static VelocityContext PrepareContext(UserActivity userActivity, UserInfo user)
{
var velocitycontext = new VelocityContext();
velocitycontext.Put("activity", userActivity);
velocitycontext.Put("url", CommonLinkUtility.GetFullAbsolutePath(userActivity.URL));
velocitycontext.Put("user", user);
velocitycontext.Put("displayName", user.DisplayUserName());
velocitycontext.Put("userLink", CommonLinkUtility.GetFullAbsolutePath(CommonLinkUtility.GetUserProfile(user.ID, userActivity.ProductID)));
velocitycontext.Put("moduleName", GetModuleName(userActivity));
velocitycontext.Put("productName", GetProductName(userActivity));
velocitycontext.Put("additionalData", userActivity.AdditionalData);
return velocitycontext;
}
internal static UserActivity ComposeActivityByPost(Post post)
{
UserActivity ua = new UserActivity();
ua.ContentID = GetContentID(post);
ua.Date = ASC.Core.Tenants.TenantUtil.DateTimeNow();
ua.ModuleID = BlogsSettings.ModuleID;
ua.ProductID = ASC.Web.Community.Product.CommunityProduct.ID;
ua.TenantID = CoreContext.TenantManager.GetCurrentTenant().TenantId;
ua.Title = post.Title;
ua.URL = String.Format("{0}?blogID={1}", Constants.ViewBlogPageUrl, post.ID);
return ua;
}
internal static UserActivity ComposeActivityByFeed(Feed post)
{
var ua = new UserActivity();
ua.TenantID = TenantProvider.CurrentTenantID;
ua.ContentID = GetContentID(post);
ua.Date = TenantUtil.DateTimeNow();
ua.ModuleID = NewsConst.ModuleId;
ua.ProductID = Product.CommunityProduct.ID;
ua.Title = post.Caption;
ua.URL = FeedUrls.GetFeedVirtualPath(post.Id);
return ua;
}
public ProjectActivityWrapper(UserActivity activity)
{
Id = activity.ID;
ProjectId = activity.ContainerID;
Title = activity.Title;
Url = activity.URL;
ActionText = activity.ActionText;
Date = (ApiDateTime)activity.Date;
User = EmployeeWraper.Get(activity.UserID);
if (string.IsNullOrEmpty(activity.AdditionalData)) return;
var data = activity.AdditionalData.Split('|');
if (data.Length <= 0) return;
EntityType = data[0];
ProjectTitle = data.Length == 3 ? data[2] : "";
switch (EntityType)
{
case "Project":
EntityTitle = ProjectsEnumResource.EntityType_Project;
break;
case "Milestone":
EntityTitle = ProjectsEnumResource.EntityType_Milestone;
break;
case "Message":
EntityTitle = ProjectsEnumResource.EntityType_Message;
break;
case "Team":
EntityTitle = ProjectsEnumResource.EntityType_Team;
break;
case "Task":
EntityTitle = ProjectsEnumResource.EntityType_Task;
break;
case "SubTask":
EntityTitle = ProjectsEnumResource.EntityType_SubTask;
break;
case "TimeSpend":
EntityTitle = ProjectsEnumResource.EntityType_TimeSpend;
break;
case "Comment":
EntityTitle = ProjectsEnumResource.EntityType_Comment;
break;
}
}
public static bool CanAccessTo(UserActivity activity)
{
try
{
if (activity.ProductID != ProductEntryPoint.ID || String.IsNullOrEmpty(activity.SecurityId))
throw new ArgumentException();
var parts = activity.SecurityId.Split(new[] { '|' });
var entityType = (EntityType)Convert.ToInt32(parts[0]);
var entityID = Convert.ToInt32(parts[1]);
switch (entityType)
{
case EntityType.Case:
var cases = Global.DaoFactory.GetCasesDao().GetByID(entityID);
return cases != null && CRMSecurity.CanAccessTo(cases);
case EntityType.Task:
var task = Global.DaoFactory.GetTaskDao().GetByID(entityID);
return task != null && CRMSecurity.CanAccessTo(task);
case EntityType.Opportunity:
var deal = Global.DaoFactory.GetDealDao().GetByID(entityID);
return deal != null && CRMSecurity.CanAccessTo(deal);
case EntityType.Contact:
case EntityType.Person:
case EntityType.Company:
var contact = Global.DaoFactory.GetDealDao().GetByID(entityID);
return contact != null && CRMSecurity.CanAccessTo(contact);
case EntityType.RelationshipEvent:
return true;
default:
return true;
}
}
catch
{
return false;
}
}
internal static void PublishInternal(UserActivity activity)
{
UserActivityPublisher.Publish<WikiActivityPublisher>(activity);
}
public ActivityVm(UserActivity activity)
{
Activity = activity;
}
private static string GetProductName(UserActivity userActivity)
{
var module = ProductManager.Instance.Products.Where(x=>userActivity.ProductID == x.ID).SingleOrDefault();
return module == null ? "Unknown module" : module.Name;
}
private static string GetModuleName(UserActivity userActivity)
{
IModule module = ProductManager.Instance.GetModuleByID(userActivity.ModuleID);
return module == null ? "Unknown module" : module.Name;
}
private static UserActivity ApplyCustomeActivityParams(FileEntry entry, string imgFileName, string actionText, int actionType, int businessValue, string containerId)
{
if (entry == null) return null;
string url;
var moduleId = ProductEntryPoint.ID;
var additionalData = "";
var securityId = "0";
if (entry.RootFolderType == FolderType.BUNCH)
{
var title = Global.DaoFactory.GetFolderDao().GetFolder(entry.RootFolderId).Title;
if (title.StartsWith("projects/project/"))
{
moduleId = ProjectModuleId;
additionalData = "File||";
containerId = title.Replace("projects/project/", "");
securityId = "File||" + containerId;
}
else if (title.StartsWith("crm/crm_common/"))
{
moduleId = CrmModuleId;
securityId = "6|" + entry.UniqID;
}
}
if (entry is File)
{
url = FileUtility.ExtsWebPreviewed.Contains(FileUtility.GetFileExtension(entry.Title), StringComparer.CurrentCultureIgnoreCase)
? CommonLinkUtility.GetFileWebViewerUrl(entry.ID)
: ((File) entry).ViewUrl;
}
else
{
url = PathProvider.GetFolderUrl((Folder) entry);
}
var ua = new UserActivity
{
Title = entry.Title,
ContentID = entry.UniqID,
URL = url,
ModuleID = moduleId,
ProductID = moduleId,
TenantID = TenantProvider.CurrentTenantID,
Date = ASC.Core.Tenants.TenantUtil.DateTimeNow(),
ImageOptions = new ImageOptions {PartID = ProductEntryPoint.ID, ImageFileName = imgFileName},
ActionText = actionText,
UserID = SecurityContext.CurrentAccount.ID,
ActionType = actionType,
BusinessValue = businessValue,
AdditionalData = additionalData,
ContainerID = containerId,
SecurityId = securityId
};
return ua;
}
private static void PublishInternal(UserActivity activity)
{
if (activity == null) return;
UserActivityPublisher.Publish<FilesActivityPublisher>(activity);
}
public static bool IsAllowedToView(UserActivity activity, EngineFactory engineFactory)
{
if (activity != null)
{
activity.SecurityFiltered = true;//Set to true to miss later checks
//Root key is project id. will be used to drop cache
return ActivitySecurityCache.Get(activity.ContainerID, SecurityContext.CurrentAccount.ID + activity.ID.ToString(), () => CheckAccess(activity, engineFactory));
}
//If empty - then don't care
return true;
}
public static int SaveUserActivity(UserActivity activity)
{
using (var db = GetDbManager())
{
var id = db.ExecuteScalar<int>(
new SqlInsert("webstudio_useractivity")
.InColumnValue("ID", 0)
.InColumnValue("TenantID", activity.TenantID)
.InColumnValue("ProductID", activity.ProductID.ToString())
.InColumnValue("ModuleID", activity.ModuleID.ToString())
.InColumnValue("UserID", activity.UserID.ToString())
.InColumnValue("ContentID", activity.ContentID)
.InColumnValue("ContainerID", activity.ContainerID)
.InColumnValue("ActionType", activity.ActionType)
.InColumnValue("ActionText", activity.ActionText)
.InColumnValue("BusinessValue", activity.BusinessValue)
.InColumnValue("AdditionalData", activity.AdditionalData)
.InColumnValue("ActivityDate", TenantUtil.DateTimeToUtc(activity.Date))
.InColumnValue("URL", activity.URL)
.InColumnValue("Title", activity.Title)
.InColumnValue("PartID", (activity.ImageOptions != null) ? activity.ImageOptions.PartID : Guid.Empty)
.InColumnValue("ImageFileName", (activity.ImageOptions != null) ? activity.ImageOptions.ImageFileName : string.Empty)
.InColumnValue("HtmlPreview", activity.HtmlPreview)
.InColumnValue("SecurityId", activity.SecurityId)
.Identity(0, 0, true)
);
lock (cache)
{
cache.Remove(BuildDependencyKey(activity.TenantID, activity.ProductID));
cache.Remove(BuildDependencyKey(activity.TenantID, default(Guid)));
}
return id;
}
}
private static bool CheckPermission(Project project, UserActivity ua, EngineFactory engineFactory)
{
var additionalDataParts = ua.AdditionalData.Split('|');
if (additionalDataParts.Length == 0) return false;
var entityType = (EntityType)Enum.Parse(typeof(EntityType), additionalDataParts[0], true);
if (entityType == EntityType.Message)
{
return ProjectSecurity.CanReadMessages(project);
}
if (entityType == EntityType.Task || entityType == EntityType.TimeSpend)
{
if (ProjectSecurity.CanReadTasks(project))
{
return true;
}
if (entityType == EntityType.Task)
{
var match = GetIdParam.Match(ua.URL);
int taskId;
if (match.Success && match.Groups["value"].Success && int.TryParse(match.Groups["value"].Value, out taskId))
{
var task = engineFactory.GetTaskEngine().GetByID(taskId);
if (ProjectSecurity.CanRead(task))
return true;
}
return false;
}
return SecurityContext.CurrentAccount.ID == ua.UserID;
}
if (entityType == EntityType.Milestone)
{
var match = GetIdParam.Match(ua.URL);
int milestoneId;
if (match.Success && match.Groups["value"].Success && int.TryParse(match.Groups["value"].Value, out milestoneId))
{
var milestone = engineFactory.GetMilestoneEngine().GetByID(milestoneId);
return ProjectSecurity.CanRead(milestone);
}
return false;
}
return true;
}
private static bool CheckAccess(UserActivity activity, EngineFactory engineFactory)
{
if (!string.IsNullOrEmpty(activity.SecurityId))
{
var data = activity.SecurityId.Split('|');
if (data.Length == 3)
{
try
{
var entityType = (EntityType)Enum.Parse(typeof(EntityType), data[0], true);
var entityId = string.IsNullOrEmpty(data[1]) ? -1 : int.Parse(data[1]);
var projectId = 0;
if (!int.TryParse(data[2], out projectId))
{
return false;
}
var project = engineFactory.GetProjectEngine().GetByID(projectId);
if (project.Private)
{
//Switch types
switch (entityType)
{
case EntityType.Team:
case EntityType.Project:
return ProjectSecurity.CanRead(project);
case EntityType.Milestone:
return ProjectSecurity.CanRead(engineFactory.GetMilestoneEngine().GetByID(entityId));
case EntityType.Task:
return ProjectSecurity.CanRead(engineFactory.GetTaskEngine().GetByID(entityId));
case EntityType.Message:
return ProjectSecurity.CanReadMessages(project);
case EntityType.File:
return ProjectSecurity.CanReadFiles(project);
case EntityType.TimeSpend:
{
if (entityId < 0)
{
return ProjectSecurity.CanRead(project);
}
return ProjectSecurity.CanRead(engineFactory.GetTaskEngine().GetByID(entityId));
}
}
}
}
catch (Exception)
{
return false;
}
}
}
else if (!string.IsNullOrEmpty(activity.ContainerID))
{
//Go long way. Parse old data
int prjId;
if (int.TryParse(activity.ContainerID, out prjId))
{
var prj = engineFactory.GetProjectEngine().GetByID(prjId);
if (prj != null)
{
if (prj.Private)
{
try
{
return !string.IsNullOrEmpty(activity.AdditionalData) &&
CheckPermission(prj, activity, engineFactory);
}
catch
{
return false;
}
}
}
}
}
return true;
}
