Esempio n. 1
0
        public void SetRight(string strDatabase, string strItem, string strAccount, string strRights, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType, Credentials credentials)
        {
            Error.AssertString(strDatabase, "strDatabase", false);
            Error.AssertString(strItem, "strItem", false);
            Error.AssertString(strAccount, "strAccount", false);
            Error.AssertString(strRights, "strRights", false);

            Login(credentials);

            Sitecore.Data.Database   db   = Sitecore.Configuration.Factory.GetDatabase(strDatabase);
            Sitecore.Data.Items.Item item = db.GetItem(strItem);
            Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User;
            if (Sitecore.Security.SecurityUtility.IsRole(strAccount))
            {
                accountType = Sitecore.Security.Accounts.AccountType.Role;
            }
            Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType);

            // Always ensure that a minimum of 1 "|" character exists
            if (strRights.IndexOf("|") == -1)
            {
                strRights += '|';
            }

            string[] strRightsList = strRights.Split('|');
            for (int t = 0; t < strRightsList.Length; t++)
            {
                string strRight = strRightsList[t];
                if ((strRight != null) && (strRight != ""))
                {
                    Sitecore.Security.AccessControl.AccessRight right = Sitecore.Security.AccessControl.AccessRight.FromName(strRight);
                    SetRight(item, account, right, rightState, propagationType);
                }
            }
        }
Esempio n. 2
0
 private void SetRight(Sitecore.Data.Items.Item item, Sitecore.Security.Accounts.Account account, Sitecore.Security.AccessControl.AccessRight right, Sitecore.Security.AccessControl.AccessPermission rightState, Sitecore.Security.AccessControl.PropagationType propagationType)
 {
     Sitecore.Security.AccessControl.AccessRuleCollection accessRules = item.Security.GetAccessRules();
     if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any)
     {
         accessRules.Helper.RemoveExactMatches(account, right);
     }
     else
     {
         accessRules.Helper.RemoveExactMatches(account, right, propagationType);
     }
     if (rightState != Sitecore.Security.AccessControl.AccessPermission.NotSet)
     {
         if (propagationType == Sitecore.Security.AccessControl.PropagationType.Any)
         {
             accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Entity, rightState);
             accessRules.Helper.AddAccessPermission(account, right, Sitecore.Security.AccessControl.PropagationType.Descendants, rightState);
         }
         else
         {
             accessRules.Helper.AddAccessPermission(account, right, propagationType, rightState);
         }
     }
     item.Security.SetAccessRules(accessRules);
 }
Esempio n. 3
0
 private string GetAccessPermission(AccessRuleCollection rules, Sitecore.Security.Accounts.Account account, AccessRight accessRight, AccessPermission accessPermission, string sExistingPermissions)
 {
     if ((rules.Helper.GetAccessPermission(account, accessRight, PropagationType.Descendants) == accessPermission) &&
         (sExistingPermissions.IndexOf(accessRight.Name) == -1))
     {
         sExistingPermissions += accessRight.Name + "|";
     }
     return(sExistingPermissions);
 }
Esempio n. 4
0
        public string GetRight(string strDatabase, string strItem, string strAccount, SecurityPermission rightState, Credentials credentials)
        {
            Error.AssertString(strDatabase, "strDatabase", false);
            Error.AssertString(strItem, "strItem", false);

            Login(credentials);

            Sitecore.Data.Database   db   = Sitecore.Configuration.Factory.GetDatabase(strDatabase);
            Sitecore.Data.Items.Item item = db.GetItem(strItem);

            if (strAccount.IndexOf("sitecore\\") == -1)
            {
                strAccount = "sitecore\\" + strAccount;
            }

            Sitecore.Security.Accounts.AccountType accountType = Sitecore.Security.Accounts.AccountType.User;
            if (Sitecore.Security.SecurityUtility.IsRole(strAccount))
            {
                accountType = Sitecore.Security.Accounts.AccountType.Role;
            }
            Sitecore.Security.Accounts.Account account = Sitecore.Security.Accounts.Account.FromName(strAccount, accountType);


            string sResults = "";

            if (rightState == SecurityPermission.AllowAccess)
            {
                if (item.Security.CanAdmin(account))
                {
                    sResults += AccessRight.ItemAdmin + "|";
                }
                if (item.Security.CanCreate(account))
                {
                    sResults += AccessRight.ItemCreate + "|";
                }
                if (item.Security.CanDelete(account))
                {
                    sResults += AccessRight.ItemDelete + "|";
                }
                if (item.Security.CanRead(account))
                {
                    sResults += AccessRight.ItemRead + "|";
                }
                if (item.Security.CanRename(account))
                {
                    sResults += AccessRight.ItemRename + "|";
                }
                if (item.Security.CanWrite(account))
                {
                    sResults += AccessRight.ItemWrite + "|";
                }
            }
            else if (rightState == SecurityPermission.DenyAccess)
            {
                if (!item.Security.CanAdmin(account))
                {
                    sResults += AccessRight.ItemAdmin + "|";
                }
                if (!item.Security.CanCreate(account))
                {
                    sResults += AccessRight.ItemCreate + "|";
                }
                if (!item.Security.CanDelete(account))
                {
                    sResults += AccessRight.ItemDelete + "|";
                }
                if (!item.Security.CanRead(account))
                {
                    sResults += AccessRight.ItemRead + "|";
                }
                if (!item.Security.CanRename(account))
                {
                    sResults += AccessRight.ItemRename + "|";
                }
                if (!item.Security.CanWrite(account))
                {
                    sResults += AccessRight.ItemWrite + "|";
                }
            }
            return(sResults);
        }