public static SetPermissionForNamespace ( AuthStatus status, NamespaceInfo nspace, string action, UserGroup group ) : bool | ||
status | AuthStatus | The authorization status. |
nspace | NamespaceInfo | The namespace ( |
action | string | The action of which to modify the authorization status. |
group | UserGroup | The group subject of the authorization change. |
return | bool |
/// <summary> /// Sets file management permissions for the users or anonymous users group in the given wiki, importing version 2.0 values. /// </summary> /// <param name="wiki">The wiki.</param> /// <param name="group">The group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private static bool SetupFileManagementPermissions(string wiki, UserGroup group) { bool done = true; AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki)); if (Settings.GetUsersCanViewFiles(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, group); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, group); } } if (Settings.GetUsersCanUploadFiles(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.UploadAttachments, group); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.UploadFiles, group); done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.CreateDirectories, group); } } if (Settings.GetUsersCanDeleteFiles(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DeleteAttachments, group); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteFiles, group); done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteDirectories, group); } } return(done); }
/// <summary> /// Sets the default permissions for the users group in the given wiki, properly importing version 2.0 values. /// </summary> /// <param name="wiki">The wiki.</param> /// <param name="users">The users group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> public static bool SetUsersGroupDefaultPermissions(string wiki, UserGroup users) { bool done = true; // Set namespace-related permissions AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki)); if (Settings.GetUsersCanCreateNewPages(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, users); } else { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, users); } done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, users); if (Settings.GetUsersCanCreateNewCategories(wiki) || Settings.GetUsersCanManagePageCategories(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, users); } done &= SetupFileManagementPermissions(wiki, users); return(done); }
protected void btnPrivate_Click(object sender, EventArgs e) { string currentWiki = DetectWiki(); NamespaceInfo nspace = Pages.FindNamespace(currentWiki, txtCurrentNamespace.Value); RemoveAllPermissions(nspace); AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki)); // Set permissions authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.FullControl, Users.FindUserGroup(currentWiki, Settings.GetAdministratorsGroup(currentWiki))); authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.CreatePages, Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki))); authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ManageCategories, Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki))); authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.PostDiscussion, Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki))); authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.DownloadAttachments, Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki))); RefreshPermissionsManager(); }
/// <summary> /// Adds some ACL entries for a subject. /// </summary> /// <param name="subject">The subject.</param> /// <param name="nspace">The namespace (<c>null</c> for the root).</param> /// <param name="grants">The granted actions.</param> /// <param name="denials">The denied actions.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private bool AddAclEntriesForNamespace(string subject, string nspace, string[] grants, string[] denials) { bool isGroup = subject.StartsWith("G."); subject = subject.Substring(2); NamespaceInfo namespaceInfo = Pages.FindNamespace(nspace); UserGroup group = null; UserInfo user = null; if (isGroup) { group = Users.FindUserGroup(subject); } else { user = Users.FindUser(subject); } foreach (string action in grants) { bool done = false; if (isGroup) { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, namespaceInfo, action, group); } else { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, namespaceInfo, action, user); } if (!done) { return(false); } } foreach (string action in denials) { bool done = false; if (isGroup) { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, namespaceInfo, action, group); } else { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, namespaceInfo, action, user); } if (!done) { return(false); } } return(true); }
/// <summary> /// Sets file management permissions for the users or anonymous users group, importing version 2.0 values. /// </summary> /// <param name="group">The group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private static bool SetupFileManagementPermissions(UserGroup group) { bool done = true; if (Settings.UsersCanViewFiles) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, group); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, group); } } if (Settings.UsersCanUploadFiles) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.UploadAttachments, group); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.UploadFiles, group); done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.CreateDirectories, group); } } if (Settings.UsersCanDeleteFiles) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DeleteAttachments, group); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteFiles, group); done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteDirectories, group); } } return(done); }
protected void btnNormal_Click(object sender, EventArgs e) { NamespaceInfo nspace = Pages.FindNamespace(txtCurrentNamespace.Value); RemoveAllPermissions(nspace); // Set permissions AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.FullControl, Users.FindUserGroup(Settings.AdministratorsGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.CreatePages, Users.FindUserGroup(Settings.UsersGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ManageCategories, Users.FindUserGroup(Settings.UsersGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.PostDiscussion, Users.FindUserGroup(Settings.UsersGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.DownloadAttachments, Users.FindUserGroup(Settings.UsersGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ReadPages, Users.FindUserGroup(Settings.AnonymousGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ReadDiscussion, Users.FindUserGroup(Settings.AnonymousGroup)); AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.DownloadAttachments, Users.FindUserGroup(Settings.AnonymousGroup)); RefreshPermissionsManager(); }
/// <summary> /// Imports version 2.0 page discussion settings and properly propagates them to user groups and single pages, when needed, for the given wiki. /// </summary> /// <param name="wiki">The wiki.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private static bool ImportPageDiscussionPermissions(string wiki) { // Notes // Who can read pages, can read discussions // Who can modify pages, can post messages and read discussions // Who can manage pages, can manage discussions and post messages // Possible values: page|normal|locked|public string value = Settings.GetDiscussionPermissions(wiki).ToLowerInvariant(); UserGroup usersGroup = Users.FindUserGroup(wiki, Settings.GetUsersGroup(wiki)); UserGroup anonymousGroup = Users.FindUserGroup(wiki, Settings.GetAnonymousGroup(wiki)); bool done = true; AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki)); switch (value) { case "page": // Nothing to do break; case "normal": // Allow Users to post messages done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup); break; case "locked": // Deny Users to post messages done &= authWriter.SetPermissionForNamespace(AuthStatus.Deny, null, Actions.ForNamespaces.PostDiscussion, usersGroup); break; case "public": // Allow Users and Anonymous Users to post messages done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup); done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, anonymousGroup); break; } return(true); }
/// <summary> /// Sets the default permissions for the anonymous users group, properly importing version 2.0 values. /// </summary> /// <param name="anonymous">The anonymous users group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> public static bool SetAnonymousGroupDefaultPermissions(UserGroup anonymous) { bool done = true; // Properly import Private/Public Mode wiki if (Settings.PrivateAccess) { // Nothing to do, because without any explicit grant, Anonymous users cannot do anything } else if (Settings.PublicAccess) { // Public access, allow modification and propagate file management permissions if they were allowed for anonymous users done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, anonymous); done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, anonymous); if (Settings.UsersCanCreateNewPages) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, anonymous); } if (Settings.UsersCanCreateNewCategories || Settings.UsersCanManagePageCategories) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, anonymous); } if (Settings.FileManagementInPublicAccessAllowed) { SetupFileManagementPermissions(anonymous); } } else { // Standard configuration, only allow read permissions done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ReadPages, anonymous); done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ReadDiscussion, anonymous); done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, anonymous); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, anonymous); } } return(done); }
/// <summary> /// Imports version 2.0 page discussion settings and properly propagates them to user groups and single pages, when needed. /// </summary> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private static bool ImportPageDiscussionPermissions() { // Notes // Who can read pages, can read discussions // Who can modify pages, can post messages and read discussions // Who can manage pages, can manage discussions and post messages // Possible values: page|normal|locked|public var value = Settings.DiscussionPermissions.ToLowerInvariant(); UserGroup usersGroup = Users.FindUserGroup(Settings.UsersGroup); UserGroup anonymousGroup = Users.FindUserGroup(Settings.AnonymousGroup); var done = true; switch (value) { case "page": // Nothing to do break; case "normal": // Allow Users to post messages done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup); break; case "locked": // Deny Users to post messages done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, null, Actions.ForNamespaces.PostDiscussion, usersGroup); break; case "public": // Allow Users and Anonymous Users to post messages done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup); done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, anonymousGroup); break; } return(true); }
/// <summary> /// Sets the default permissions for the users group, properly importing version 2.0 values. /// </summary> /// <param name="users">The users group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> public static bool SetUsersGroupDefaultPermissions(UserGroup users) { bool done = true; // Set namespace-related permissions if (Settings.UsersCanCreateNewPages) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, users); } else { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, users); } done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, users); if (Settings.UsersCanCreateNewCategories || Settings.UsersCanManagePageCategories) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, users); } done &= SetupFileManagementPermissions(users); return(done); }
protected void btnAdd_Click(object sender, EventArgs e) { // Add the selected subject with full control deny, then select it in the main list string subject = lstFoundSubjects.SelectedValue.Substring(2); bool isGroup = lstFoundSubjects.SelectedValue.StartsWith("G."); bool done = false; switch (CurrentResourceType) { case AclResources.Namespaces: if (isGroup) { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, Pages.FindNamespace(CurrentResourceName), Actions.FullControl, Users.FindUserGroup(subject)); } else { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, Pages.FindNamespace(CurrentResourceName), Actions.FullControl, Users.FindUser(subject)); } break; case AclResources.Pages: if (isGroup) { done = AuthWriter.SetPermissionForPage(AuthStatus.Deny, Pages.FindPage(CurrentResourceName), Actions.FullControl, Users.FindUserGroup(subject)); } else { done = AuthWriter.SetPermissionForPage(AuthStatus.Deny, Pages.FindPage(CurrentResourceName), Actions.FullControl, Users.FindUser(subject)); } break; case AclResources.Directories: IFilesStorageProviderV30 prov = Collectors.FilesProviderCollector.GetProvider(CurrentFilesProvider); if (isGroup) { done = AuthWriter.SetPermissionForDirectory(AuthStatus.Deny, prov, CurrentResourceName, Actions.FullControl, Users.FindUserGroup(subject)); } else { done = AuthWriter.SetPermissionForDirectory(AuthStatus.Deny, prov, CurrentResourceName, Actions.FullControl, Users.FindUser(subject)); } break; default: throw new NotSupportedException(); } if (done) { PopulateSubjectsList(); // Select in main list and display permissions in actions matrix foreach (ListItem item in lstSubjects.Items) { if (item.Value == lstFoundSubjects.SelectedValue) { item.Selected = true; break; } } DisplaySubjectPermissions(subject, isGroup ? SubjectType.Group : SubjectType.User); txtNewSubject.Text = ""; lstFoundSubjects.Items.Clear(); btnAdd.Enabled = false; } else { lblAddResult.CssClass = "resulterror"; lblAddResult.Text = Properties.Messages.CouldNotStorePermissions; } }