private void BindApprovers() { //get the groups under the category //get the users in that group //bind the users to the drop down //clear the dropdown list ddlApprovers.Items.Clear(); ddlApprovers.Enabled = false; ddlOwner.Items.Clear(); ddlOwner.Enabled = true; if (!string.IsNullOrEmpty(currentSelectedNode)) { IList <Access> accessList = AccessManager.GetItemEdittables(currentSelectedNode); bool canEdit = false; if (SecurityHelper.CanUserEdit(Page.User.Identity.Name, currentSelectedNode)) { canEdit = true; } else if (SecurityHelper.CanUserContribute(Page.User.Identity.Name, currentSelectedNode)) { User currentUser = MembershipManager.GetUserByName(Page.User.Identity.Name); ddlOwner.Items.Add(new ListItem(currentUser.Name, currentUser.Id)); } if (canEdit) { foreach (Access access in accessList) { IList <Person> persons = PersonManager.GetAllPersons(); foreach (Person person in persons) { User user = MembershipManager.GetUserByPerson(person); if (!string.IsNullOrEmpty(user.Name)) { if (ddlOwner.Items.FindByText(user.Name) == null) { if (SecurityHelper.CanUserEdit(user.Name, currentSelectedNode)) { ddlOwner.Items.Add(new ListItem(user.Name, user.Id)); } } //APPROVERS NOT REQUIRED AT THIS RELEASE - 19/06/2012 //if (ddlApprovers.Items.FindByText(user.Name) == null) //{ // ddlApprovers.Items.Add(new ListItem(user.Name, user.Id)); //} } } } } //ddlApprovers.Items.Insert(0, new ListItem("--All Approvers--", "")); if (ddlOwner.Items.FindByText("admin") == null) { User admin = MembershipManager.GetUserByName("admin"); ddlOwner.Items.Insert(0, new ListItem(admin.Name, admin.Id)); } if ((Item != null) && (Item.Owner != null) && (ddlOwner.Items.FindByValue(Item.Owner) == null)) { User currentUser = MembershipManager.GetUserByName(Item.Owner); ddlOwner.Items.Insert(0, new ListItem(currentUser.Name, currentUser.Id)); ddlOwner.SelectedIndex = ddlOwner.Items.IndexOf(ddlOwner.Items.FindByText(Item.Owner)); } } }
public static bool CanUserEdit(string username, string itemId) { IList <PersonType> myGroups = PersonManager.GetPersonTypesByUser(username); if (myGroups.FirstOrDefault(x => x.Name.Equals(BusiBlocksConstants.AdministratorsGroup)) != null) { return(true); } IList <Access> accesses = AccessManager.GetItemEdittables(itemId); IList <Site> myLocations = SiteManager.GetSitesByUser(username, true); foreach (Access access in accesses) { //all users if (access.AllUsers) { return(true); } //all groups and all locations if (access.AllPersonTypes && access.AllSites) { return(true); } //this user if (access.UserId == username) { return(true); } //all groups and user location if (access.AllPersonTypes) { foreach (Site l in myLocations) { if (access.SiteId == l.Id) { return(true); } } } //all locations and user group if (access.AllSites) { foreach (PersonType ug in myGroups) { if (access.PersonTypeId == ug.Id) { return(true); } } } //user location and user group foreach (PersonType ug in myGroups) { foreach (Site l in myLocations) { if (access.PersonTypeId == ug.Id && access.SiteId == l.Id) { return(true); } } } } //no access return(false); }