public static bool HasPermission(UserSession userSession, GroupMember groupMember, Group group, eGroupPermissionType permissionType)
{
bool hasNonMembersPermissions = false;
bool hasMembersPermissions = false;
bool hasVipMembersPermissions = false;
switch(permissionType)
{
case eGroupPermissionType.ViewGroup:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGroupNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGroupMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGroupVip);
break;
case eGroupPermissionType.ViewMessageBoard:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMessageBoardNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMessageBoardMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMessageBoardVip);
break;
case eGroupPermissionType.ViewGallery:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGalleryNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGalleryMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGalleryVip);
break;
case eGroupPermissionType.ViewMembers:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMembersNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMembersMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMembersVip);
break;
case eGroupPermissionType.ViewEvents:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewEventsNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewEventsMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewEventsVip);
break;
case eGroupPermissionType.UploadPhoto:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UploadPhotoNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UploadPhotoMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UploadPhotoVip);
break;
case eGroupPermissionType.UseChat:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UseChatNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UseChatMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UseChatVip);
break;
case eGroupPermissionType.AddTopic:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddTopicNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddTopicMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddTopicVip);
break;
case eGroupPermissionType.AddPost:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddPostNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddPostMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddPostVip);
break;
case eGroupPermissionType.AddEvent:
hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddEventNonMembers);
hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddEventMembers);
hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddEventVip);
break;
default:
throw new ArgumentOutOfRangeException("permissionType");
}
if (userSession != null)
{
if (groupMember == null && !hasNonMembersPermissions)
{
return false;
}
else if (groupMember != null)
{
if (!groupMember.Active)
{
if (!hasNonMembersPermissions)
{
return false;
}
}
else
{
if ((groupMember.Type == eType.Member && !hasMembersPermissions) ||
(groupMember.Type == eType.VIP && !hasVipMembersPermissions))
{
return false;
}
}
}
}
else // is not logged in
{
if (!hasNonMembersPermissions)
{
return false;
}
}
return true;
}
/// <summary>
/// Fetches group members from DB by specified group ID, username, type or active status.
/// If all arguments are null it returns all group members from DB.
/// If it cannot find a record in DB by specified arguments it returns an empty array.
/// </summary>
/// <param name="groupID">The group ID.</param>
/// <param name="username">The username.</param>
/// <param name="type">The type.</param>
/// <param name="active">The active.</param>
/// <param name="joinDate">The join date.</param>
/// <param name="invitedBy">The invited by.</param>
/// <param name="numberOfMembers">The number of members.</param>
/// <returns>Group members array or an empty array if no group members are found in DB.</returns>
private static GroupMember[] Fetch(int? groupID, string username, eType? type, bool? active,
DateTime? joinDate, string invitedBy,
int? numberOfMembers, eSortColumn sortColumn)
{
using (SqlConnection conn = Config.DB.Open())
{
SqlDataReader reader = (SqlDataReader) SqlHelper.GetDB().ExecuteReader( "FetchGroupMembers",
groupID, username, type, active, joinDate, invitedBy, numberOfMembers, sortColumn);
List<GroupMember> groupMembers = new List<GroupMember>();
while (reader.Read())
{
GroupMember groupMember = new GroupMember();
groupMember.groupID = (int) reader["GroupID"];
groupMember.username = (string) reader["Username"];
groupMember.type = (eType) reader["Type"];
groupMember.active = (bool) reader["Active"];
groupMember.joinDate = (DateTime) reader["JoinDate"];
groupMember.invitedBy = reader["InvitedBy"] != DBNull.Value
? (string) reader["InvitedBy"] : null;
groupMember.joinAnswer = (string) reader["JoinAnswer"];
groupMember.isWarned = (bool) reader["IsWarned"];
groupMember.warnReason = reader["WarnReason"] != DBNull.Value ? (string) reader["WarnReason"] : null;
groupMember.warnExpirationDate = reader["WarnExpirationDate"] != DBNull.Value
? (DateTime?) reader["WarnExpirationDate"]
: null;
groupMembers.Add(groupMember);
}
return groupMembers.ToArray();
}
}
public static bool IsAuthorized(UserSession userSession, GroupMember groupMember, Group group)
{
if (userSession != null && userSession.IsAdmin())
{
return true;
}
else if (group == null || (groupMember == null && group.AccessLevel == Group.eAccessLevel.Private))
{
return false;
}
else
{
return true;
}
}
/// <summary>
/// Mark user account as deleted
/// </summary>
/// <param name="username">the username of the user whose account is about to be deleted</param>
/// <param name="reason">The reason.</param>
public static void Delete(string username, string reason)
{
using (SqlConnection conn = Config.DB.Open())
{
SqlHelper.GetDB().ExecuteNonQuery( "DeleteUser", username, reason);
}
if (Config.Ratings.EnablePhotoContests)
{
PhotoContestEntry.DeleteByUsername(username);
}
if (Config.Groups.EnableGroups)
{
Group[] groups = Group.FetchGroupsByUsername(username);
foreach (Group group in groups)
{
if (!group.Approved)
{
Group.Delete(group.ID);
}
else
{
if (group.Owner == username)
{
GroupMember[] admins = GroupMember.Fetch(group.ID, GroupMember.eType.Admin,
GroupMember.eSortColumn.JoinDate);
if (admins.Length > 1)
{
List<GroupMember> lAdmins = new List<GroupMember>();
foreach (GroupMember admin in admins)
{
lAdmins.Add(admin);
}
lAdmins.Reverse();
admins = lAdmins.ToArray();
group.Owner = admins[1].Username; // the oldest administrator except the current owner
}
else
{
GroupMember[] moderators = GroupMember.Fetch(group.ID, GroupMember.eType.Moderator,
GroupMember.eSortColumn.JoinDate);
if (moderators.Length > 0)
{
List<GroupMember> lModerators = new List<GroupMember>();
foreach (GroupMember moderator in moderators)
{
lModerators.Add(moderator);
}
lModerators.Reverse();
moderators = lModerators.ToArray();
group.Owner = moderators[0].Username; // the oldest moderator
}
else
{
if (!GroupMember.IsMember(Config.Users.SystemUsername, group.ID))
{
GroupMember groupMember = new GroupMember(group.ID, Config.Users.SystemUsername);
groupMember.Active = true;
groupMember.Type = GroupMember.eType.Admin;
groupMember.Save();
group.ActiveMembers++;
}
group.Owner = Config.Users.SystemUsername;
}
}
group.ActiveMembers--;
group.Save();
}
}
}
}
if (IsOnline(username))
{
var notification = new AccountDeletedNotification
{
Recipient = username,
Text = "Your account has been deleted (" + reason + ")!"
};
RealtimeNotification.SendNotification(notification);
}
}
