Esempio n. 1
0
        internal SecurityEntry[] SetAcl(SnAccessControlList acl)
        {
            var result = new List <SecurityEntry>();

            //var acl0 = GetAcl(nodeId, path, creatorId);

            foreach (var entry in acl.Entries)
            {
                if (entry.Identity.NodeId == RepositoryConfiguration.SomebodyUserId)
                {
                    continue;
                }

                var values = new PermissionValue[ActiveSchema.PermissionTypes.Count];
                foreach (var perm in entry.Permissions)
                {
                    //var id = ActiveSchema.PermissionTypes[perm.Name].Id;
                    //var allow = perm.AllowFrom == null ? perm.Allow : false;
                    //var deny = perm.DenyFrom == null ? perm.Deny : false;
                    //var value = deny ? PermissionValue.Deny : (allow ? PermissionValue.Allow : PermissionValue.NonDefined);
                    //values[id - 1] = value;

                    var index = ActiveSchema.PermissionTypes[perm.Name].Index;
                    var value = perm.Deny ? PermissionValue.Deny : (perm.Allow ? PermissionValue.Allow : PermissionValue.NonDefined);
                    values[index - 1] = value;
                }

                result.Add(new SecurityEntry(acl.NodeId, entry.Identity.NodeId, entry.Propagates, values));
            }

            return(result.ToArray());
        }
Esempio n. 2
0
        //============================================================================= for editing

        internal SnAccessControlList GetAcl(int nodeId, string path, int creatorId, int lastModifierId)
        {
            var acl = new SnAccessControlList {
                Path = path, NodeId = nodeId, Creator = SnIdentity.Create(creatorId), LastModifier = SnIdentity.Create(lastModifierId)
            };
            var firstPermInfo = GetFirstInfo(path);

            if (firstPermInfo == null)
            {
                return(acl);
            }
            return(firstPermInfo.BuildAcl(acl));
        }
Esempio n. 3
0
        internal SnAccessControlList BuildAcl(SnAccessControlList acl)
        {
            //var principals = GetEffectedPrincipals();
            var aces          = new Dictionary <int, SnAccessControlEntry>();
            var localOnlyAces = new List <SnAccessControlEntry>();

            if (this.Path == acl.Path)
            {
                foreach (var permSet in this.PermissionSets)
                {
                    if (permSet.Propagates)
                    {
                        continue;
                    }

                    var princ = permSet.PrincipalId;
                    SnAccessControlEntry ace;

                    ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
                    localOnlyAces.Add(ace);

                    // get permissions and paths
                    int mask = 1;
                    for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
                    {
                        var permission = ace.Permissions.ElementAt(i);
                        if ((permSet.DenyBits & mask) != 0)
                        {
                            permission.Deny     = true;
                            permission.DenyFrom = null;
                        }
                        var allow = (permSet.AllowBits & mask) != 0;
                        if ((permSet.AllowBits & mask) != 0)
                        {
                            permission.Allow     = true;
                            permission.AllowFrom = null;
                        }
                        mask = mask << 1;
                    }
                }
            }
            for (var permInfo = this; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null)
            {
                foreach (var permSet in permInfo.PermissionSets)
                {
                    if (!permSet.Propagates)
                    {
                        continue;
                    }

                    var localEntry = acl.Path == permInfo.Path;
                    // get ace by princ
                    var princ = permSet.PrincipalId;
                    SnAccessControlEntry ace;
                    if (!aces.TryGetValue(princ, out ace))
                    {
                        ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
                        aces.Add(princ, ace);
                    }

                    // get permissions and paths
                    int mask = 1;
                    for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
                    {
                        var permission = ace.Permissions.ElementAt(i);
                        if (!permission.Deny)
                        {
                            if ((permSet.DenyBits & mask) != 0)
                            {
                                permission.Deny     = true;
                                permission.DenyFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, true);
                            }
                        }
                        if (!permission.Allow)
                        {
                            var allow = (permSet.AllowBits & mask) != 0;
                            if ((permSet.AllowBits & mask) != 0)
                            {
                                permission.Allow     = true;
                                permission.AllowFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, false);
                            }
                        }
                        mask = mask << 1;
                    }
                }
            }

            acl.Inherits = acl.Path == this.Path ? this.Inherits : true;
            localOnlyAces.AddRange(aces.Values);
            acl.Entries = localOnlyAces.ToArray();
            return(acl);
        }
Esempio n. 4
0
 public AclEditor(Node node)
 {
     this.node = node;
     this.acl  = node.Security.GetAcl();
 }