protected void lnkBreakWithClear_Click(Object sender, EventArgs e) { // Check permission CheckModifyPermission(true); // Break permission inheritance and clear permissions AclInfoProvider.BreakInheritance(Node, false); // Log staging task and flush cache DocumentSynchronizationHelper.LogDocumentChange(Node, TaskTypeEnum.BreakACLInheritance, Node.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, null, Node.TreeProvider.AllowAsyncActions); Node.ClearCache(); // Insert information about this event to event log. if (DocumentManager.Tree.LogEvents) { EventLogProvider.LogEvent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", ResHelper.GetAPIString("security.documentpermissionsbreakclear", "Inheritance of the parent page permissions have been broken."), eventUrl, currentUser.UserID, currentUser.UserName, Node.NodeID, DocumentName, ipAddress, Node.NodeSiteID); } lblInheritanceInfo.Text = GetString("Security.InheritsInfo.DoesNotInherit"); SwitchBackToPermissionsMode(); // Clear and reload securityElem.InvalidateAcls(); securityElem.LoadOperators(true); }
/// <summary> /// Changes permission inheritance for documents filtered by permission 'Modify permissions' /// </summary> private bool FilterDataSet() { // Create an instance of the Tree provider TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser); // Set the parameters for getting documents string siteName = SiteContext.CurrentSiteName; string aliasPath = "/%"; string culture = SettingsKeyInfoProvider.GetStringValue(SiteContext.CurrentSiteName + ".CMSDefaultCultureCode"); bool combineWithDefaultCulture = true; // Get data set with documents DataSet documents = tree.SelectNodes(siteName, aliasPath, culture, combineWithDefaultCulture); // Get the user UserInfo user = UserInfoProvider.GetUserInfo("Andy"); if (user != null) { // Filter the data set by the user permissions TreeSecurityProvider.FilterDataSetByPermissions(documents, NodePermissionsEnum.ModifyPermissions, user); if (!DataHelper.DataSourceIsEmpty(documents)) { // Loop through filtered documents foreach (DataRow documentRow in documents.Tables[0].Rows) { // Create a new Tree node from the data row TreeNode node = TreeNode.New("CMS.MenuItem", documentRow, tree); // Break permission inheritance (with copying parent permissions) AclInfoProvider.BreakInherintance(node, true); } // Data set filtered successfully - permission inheritance broken for filtered items apiFilterDataSet.InfoMessage = "Data set with all pages filtered successfully by permission 'Modify permissions' for user 'Andy'. Permission inheritance broken for filtered items."; } else { // Data set filtered successfully - no items left in data set apiFilterDataSet.InfoMessage = "Data set with all pages filtered successfully by permission 'Modify permissions' for user 'Andy'. No items left in data set."; } return(true); } return(false); }
/// <summary> /// Expects the "CreateDocumentStructure" method to be run first. /// </summary> private bool RestorePermissionInheritance() { // Create an instance of the Tree provider TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser); // Get default culture code string culture = SettingsKeyInfoProvider.GetStringValue(SiteContext.CurrentSiteName + ".CMSDefaultCultureCode"); // Get the API Example document TreeNode node = tree.SelectSingleNode(SiteContext.CurrentSiteName, "/API-Example/API-Example-subpage", culture); if (node != null) { // Restore permission inheritance AclInfoProvider.RestoreInheritance(node); return(true); } return(false); }
protected void lnkBreakWithCopy_Click(Object sender, EventArgs e) { // Check permission CheckModifyPermission(true); // Break permission inheritance and copy parent permissions AclInfoProvider.BreakInheritance(Node, true); // Log staging task TaskParameters taskParam = new TaskParameters(); taskParam.SetParameter("copyPermissions", true); DocumentSynchronizationHelper.LogDocumentChange(Node, TaskTypeEnum.BreakACLInheritance, Node.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, taskParam, Node.TreeProvider.AllowAsyncActions); // Insert information about this event to event log. if (DocumentManager.Tree.LogEvents) { var logData = new EventLogData(EventTypeEnum.Information, "Content", "DOCPERMISSIONSMODIFIED") { EventDescription = ResHelper.GetAPIString("security.documentpermissionsbreakcopy", "Inheritance of the parent page permissions have been broken. Parent page permissions have been copied."), EventUrl = currentUrl, UserID = DocumentManager.Tree.UserInfo.UserID, UserName = DocumentManager.Tree.UserInfo.UserName, NodeID = Node.NodeID, DocumentName = DocumentName, IPAddress = ipAddress, SiteID = Node.NodeSiteID }; Service.Resolve <IEventLogService>().LogEvent(logData); } lblInheritanceInfo.Text = GetString("Security.InheritsInfo.DoesNotInherit"); SwitchBackToPermissionsMode(); // Clear and reload securityElem.InvalidateAcls(); securityElem.LoadOperators(true); }
/// <summary> /// Page_Load event. /// </summary> protected void Page_Load(object sender, EventArgs e) { // Check if node updated and role permissions should be loaded if (!usRoles.HasValue && (Form.Mode != FormModeEnum.Insert)) { // Check if node has own ACL if (AclInfoProvider.HasOwnAcl(EditedNode)) { DataSet dsRoles = AclItemInfoProvider.GetAllowedRoles(ValidationHelper.GetInteger(EditedNode.GetValue("NodeACLID"), 0), Permission, "RoleID"); if (!DataHelper.DataSourceIsEmpty(dsRoles)) { IList <string> roles = DataHelper.GetStringValues(dsRoles.Tables[0], "RoleID"); usRoles.Value = TextHelper.Join(";", roles); } } } // Set after save operation Form.OnAfterSave += AddRoles; // Initialize UniSelector Reload(false); }
/// <summary> /// Initializes the control properties. /// </summary> protected void SetupControl() { if (StopProcessing) { // Do nothing srcUsers.StopProcessing = true; } else { TreeNode node = null; TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser); // Check if path is set if (String.IsNullOrEmpty(Path)) { TreeNode curDoc = DocumentContext.CurrentDocument; // Check if current document is department if ((curDoc != null) && (curDoc.NodeClassName.ToLowerCSafe() == DEPARTMENT_CLASS_NAME)) { node = DocumentContext.CurrentDocument; } } else { // Obtain document from specified path node = tree.SelectSingleNode(SiteName, Path, LocalizationContext.PreferredCultureCode, true, DEPARTMENT_CLASS_NAME, false, false, false); } // If department document exists and has own ACL continue with initializing controls if ((node != null) && AclInfoProvider.HasOwnAcl(node)) { // Get users and roles with read permission for department document int aclId = ValidationHelper.GetInteger(node.GetValue("NodeACLID"), 0); DataSet dsRoles = AclItemInfoProvider.GetAllowedRoles(aclId, NodePermissionsEnum.Read, "RoleID"); DataSet dsUsers = AclItemInfoProvider.GetAllowedUsers(aclId, NodePermissionsEnum.Read, "UserID"); string where = null; // Process users dataset to where condition if (!DataHelper.DataSourceIsEmpty(dsUsers)) { // Get allowed users ids IList <string> users = DataHelper.GetStringValues(dsUsers.Tables[0], "UserID"); string userIds = TextHelper.Join(", ", users); // Populate where condition with user condition where = SqlHelper.AddWhereCondition("UserID IN (" + userIds + ")", where); } // Process roles dataset to where condition if (!DataHelper.DataSourceIsEmpty(dsRoles)) { // Get allowed roles ids IList <string> roles = DataHelper.GetStringValues(dsRoles.Tables[0], "RoleID"); string roleIds = TextHelper.Join(", ", roles); // Populate where condition with role condition where = SqlHelper.AddWhereCondition("UserID IN (SELECT UserID FROM View_CMS_UserRole_MembershipRole_ValidOnly_Joined WHERE RoleID IN (" + roleIds + "))", where, "OR"); } if (!String.IsNullOrEmpty(where)) { // Check if exist where condition and add it to current where condition where = SqlHelper.AddWhereCondition(WhereCondition, where); // Set datasource properties srcUsers.WhereCondition = where; srcUsers.OrderBy = OrderBy; srcUsers.TopN = SelectTopN; srcUsers.FilterName = ValidationHelper.GetString(GetValue("WebPartControlID"), ID); srcUsers.SourceFilterName = FilterName; srcUsers.SiteName = SiteName; srcUsers.CacheItemName = CacheItemName; srcUsers.CacheDependencies = CacheDependencies; srcUsers.CacheMinutes = CacheMinutes; srcUsers.SelectOnlyApproved = SelectOnlyApproved; srcUsers.SelectHidden = SelectHidden; srcUsers.SelectedColumns = Columns; } else { srcUsers.StopProcessing = true; } } else { srcUsers.StopProcessing = true; } } }
/// <summary> /// After node created, solver role permissions. /// </summary> private void AddRoles(object sender, EventArgs e) { var tree = new TreeProvider(MembershipContext.AuthenticatedUser); string roleIds = ";" + usRoles.Value + ";"; // Check if ACL should inherit from parent if (InheritParentPermissions) { AclInfoProvider.EnsureOwnAcl(EditedNode); } else { // If node has already own ACL don't leave permissions, otherwise break inheritance if (!EditedNode.NodeIsACLOwner) { AclInfoProvider.BreakInheritance(EditedNode, false); var breakInheritanceNode = tree.SelectSingleNode(EditedNode.NodeID); DocumentSynchronizationHelper.LogDocumentChange(breakInheritanceNode, TaskTypeEnum.BreakACLInheritance, tree, SynchronizationInfoProvider.ENABLED_SERVERS, null, tree.AllowAsyncActions); } } // Get original ACLItems DataSet ds = AclItemInfoProvider.GetACLItemsAndOperators(EditedNode.NodeID) .WhereStartsWith("Operator", "R") .WhereEquals("ACLID", EditedNode.NodeACLID) .Columns("Operator", "Allowed", "Denied"); // Change original values if (!DataHelper.DataSourceIsEmpty(ds)) { foreach (DataRow dr in ds.Tables[0].Rows) { string op = DataHelper.GetNotEmpty(dr["Operator"], "R"); int allowed = ValidationHelper.GetInteger(dr["Allowed"], 0); int denied = ValidationHelper.GetInteger(dr["Denied"], 0); int aclRoleId = ValidationHelper.GetInteger(op.Substring(1), 0); if (aclRoleId != 0) { // Check if read permission should be set or removed if (roleIds.Contains(";" + aclRoleId + ";")) { // Remove role from processed role and adjust permissions in database roleIds = roleIds.Replace(";" + aclRoleId + ";", ";"); allowed |= 1; } else { allowed &= 126; } RoleInfo ri = RoleInfoProvider.GetRoleInfo(aclRoleId); AclItemInfoProvider.SetRolePermissions(EditedNode, allowed, denied, ri); } } } if (roleIds.Trim(';') != "") { // Create ACL items for new roles string[] roles = roleIds.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (string role in roles) { RoleInfo ri = RoleInfoProvider.GetRoleInfo(int.Parse(role)); AclItemInfoProvider.SetRolePermissions(EditedNode, 1, 0, ri); } } var node = tree.SelectSingleNode(EditedNode.NodeID); DocumentSynchronizationHelper.LogDocumentChange(node, TaskTypeEnum.UpdateDocument, tree); }
/// <summary> /// Resets permission inheritance of node and its children. /// </summary> /// <param name="siteName">Name of site</param> /// <param name="nodeAliasPath">Alias path</param> /// <param name="recursive">Indicates whether to recursively reset all nodes below the current node</param> /// <param name="user">Current user</param> /// <param name="tr">Tree provider</param> /// <returns>Whether TRUE if no permission conflict has occurred</returns> private bool ResetNodePermission(string siteName, string nodeAliasPath, bool recursive, UserInfo user, TreeProvider tr) { // Check permissions bool permissionsResult = false; try { if (tr == null) { tr = new TreeProvider(user); } // Get node by alias path TreeNode treeNode = tr.SelectSingleNode(siteName, nodeAliasPath, null, true, null, false); permissionsResult = CanModifyPermission(!recursive, treeNode, user); if (treeNode != null) { // If user has permissions if (permissionsResult) { // Break inheritance of a node if (!AclInfoProvider.DoesNodeInheritPermissions(treeNode)) { // Restore inheritance of a node AclInfoProvider.RestoreInheritance(treeNode); // Log current encoded alias path AddLog(HTMLHelper.HTMLEncode(nodeAliasPath)); // Log staging task and flush cache DocumentSynchronizationHelper.LogDocumentChange(treeNode, TaskTypeEnum.RestoreACLInheritance, treeNode.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, null, treeNode.TreeProvider.AllowAsyncActions); Node.ClearCache(); // Insert information about this event to event log. if (DocumentManager.Tree.LogEvents) { if (recursive) { LogContext.LogEventToCurrent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", string.Format(ResHelper.GetAPIString("security.documentpermissionsrestoredfordoc", "Permissions of the page '{0}' have been restored to the parent page permissions."), nodeAliasPath), null, user.UserID, user.UserName, treeNode.NodeID, treeNode.GetDocumentName(), ipAddress, Node.NodeSiteID, null, null, null, DateTime.Now); } else { EventLogProvider.LogEvent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", ResHelper.GetAPIString("security.documentpermissionsrestored", "Permissions have been restored to the parent page permissions."), eventUrl, user.UserID, user.UserName, treeNode.NodeID, treeNode.GetDocumentName(), ipAddress, Node.NodeSiteID); } } } else { AddLog(string.Format(GetString("cmsdesk.skippingrestoring"), HTMLHelper.HTMLEncode(nodeAliasPath))); } } // Recursively reset node inheritance if (recursive) { // Get child nodes of current node DataSet ds = DocumentManager.Tree.SelectNodes(siteName, treeNode.NodeAliasPath.TrimEnd('/') + "/%", TreeProvider.ALL_CULTURES, true, null, null, null, 1, false, -1, DocumentColumnLists.SELECTNODES_REQUIRED_COLUMNS + ",NodeAliasPath"); if (!DataHelper.DataSourceIsEmpty(ds)) { foreach (DataRow dr in ds.Tables[0].Rows) { string childNodeAliasPath = ValidationHelper.GetString(dr["NodeAliasPath"], string.Empty); if (!string.IsNullOrEmpty(childNodeAliasPath)) { bool tempPermissionsResult = ResetNodePermission(siteName, childNodeAliasPath, true, user, tr); permissionsResult = tempPermissionsResult && permissionsResult; } } } } } } catch (ThreadAbortException ex) { if (CMSThread.Stopped(ex)) { // When canceled CurrentInfo = GetString("cmsdesk.restoringcanceled"); AddLog(CurrentInfo); } else { // Log error CurrentError = GetString("cmsdesk.restoringfailed") + ": " + ex.Message; AddLog(CurrentError); } } catch (Exception ex) { // Log error CurrentError = GetString("cmsdesk.restoringfailed") + ": " + ex.Message; AddLog(CurrentError); } return(permissionsResult); }
protected void Page_Load(Object sender, EventArgs e) { currentSite = SiteContext.CurrentSite; currentUser = MembershipContext.AuthenticatedUser; ipAddress = RequestContext.UserHostAddress; eventUrl = RequestContext.RawURL; if (!RequestHelper.IsCallback()) { pnlLog.Visible = false; pnlPageContent.Visible = true; // Gets the node if (Node != null) { if (ShowContentOnlyProperties) { pnlAccessPart.Visible = false; } // Check license if (DataHelper.GetNotEmpty(RequestContext.CurrentDomain, string.Empty) != string.Empty) { if (!LicenseKeyInfoProvider.IsFeatureAvailable(RequestContext.CurrentDomain, FeatureEnum.DocumentLevelPermissions)) { if (LicenseHelper.IsUnavailableUIHidden()) { plcContainer.Visible = false; } else { pnlPermissions.Visible = false; lblLicenseInfo.Visible = true; lblLicenseInfo.Text = GetString("Security.NotAvailableInThisEdition"); } } } // Register scripts ScriptHelper.RegisterDialogScript(this); // Check if document inherits permissions and display info inheritsPermissions = AclInfoProvider.DoesNodeInheritPermissions(Node); lblInheritanceInfo.Text = inheritsPermissions ? GetString("Security.InheritsInfo.Inherits") : GetString("Security.InheritsInfo.DoesNotInherit"); if (!RequestHelper.IsPostBack()) { SetupAccess(); } // Hide link to the inheritance settings if this is the root node if (Node.NodeParentID == 0) { plcAuthParent.Visible = false; plcSSLParent.Visible = false; lnkInheritance.Visible = false; } else { // Add parent caption radParentSSL.Text = GetString("Security.Parent") + " (" + GetInheritedAccessCaption("RequiresSSL") + ")"; radParent.Text = GetString("Security.Parent") + " (" + GetInheritedAccessCaption("IsSecuredNode") + ")"; } } else { pnlPageContent.Visible = false; } } ctlAsyncLog.OnFinished += ctlAsyncLog_OnFinished; ctlAsyncLog.OnError += ctlAsyncLog_OnError; ctlAsyncLog.OnCancel += ctlAsyncLog_OnCancel; pnlPageContent.Enabled = !DocumentManager.ProcessingAction; }
/// <summary> /// Initializes the control properties. /// </summary> protected void SetupControl() { if (StopProcessing) { // Do nothing filterUsers.StopProcessing = true; srcUsers.StopProcessing = true; } else { // Set general properties repUsers.DataBindByDefault = false; pagerElem.PageControl = repUsers.ID; filterUsers.Visible = ShowFilterControl; filterUsers.OnFilterChanged += filterUsers_OnFilterChanged; srcUsers.OnFilterChanged += filterUsers_OnFilterChanged; // Basic control properties repUsers.HideControlForZeroRows = HideControlForZeroRows; repUsers.ZeroRowsText = ZeroRowsText; TreeNode node = null; TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser); // Check if path is set if (String.IsNullOrEmpty(Path)) { TreeNode curDoc = DocumentContext.CurrentDocument; // Check if current document is department if ((curDoc != null) && (curDoc.NodeClassName.ToLowerCSafe() == DEPARTMENT_CLASS_NAME)) { node = DocumentContext.CurrentDocument; } } else { // Obtain document from specified path node = tree.SelectSingleNode(SiteName, Path, LocalizationContext.PreferredCultureCode, true, DEPARTMENT_CLASS_NAME, false, false, false); } // If department document exists and has own ACL continue with initializing controls if ((node != null) && AclInfoProvider.HasOwnAcl(node)) { // Get users and roles with read permission for department document int aclId = ValidationHelper.GetInteger(node.GetValue("NodeACLID"), 0); DataSet dsRoles = AclItemInfoProvider.GetAllowedRoles(aclId, NodePermissionsEnum.Read, "RoleID"); DataSet dsUsers = AclItemInfoProvider.GetAllowedUsers(aclId, NodePermissionsEnum.Read, "UserID"); string where = null; // Process users dataset to where condition if (!DataHelper.DataSourceIsEmpty(dsUsers)) { // Get allowed users ids IList <string> users = DataHelper.GetStringValues(dsUsers.Tables[0], "UserID"); string userIds = TextHelper.Join(", ", users); // Populate where condition with user condition where = SqlHelper.AddWhereCondition("UserID IN (" + userIds + ")", where); } // Process roles dataset to where condition if (!DataHelper.DataSourceIsEmpty(dsRoles)) { // Get allowed roles ids IList <string> roles = DataHelper.GetStringValues(dsRoles.Tables[0], "RoleID"); string roleIds = TextHelper.Join(", ", roles); // Populate where condition with role condition where = SqlHelper.AddWhereCondition("UserID IN (SELECT UserID FROM View_CMS_UserRole_MembershipRole_ValidOnly_Joined WHERE RoleID IN (" + roleIds + "))", where, "OR"); } if (!String.IsNullOrEmpty(where)) { // Check if exist where condition and add it to current where condition where = SqlHelper.AddWhereCondition(WhereCondition, where); // Data source properties srcUsers.WhereCondition = where; srcUsers.OrderBy = OrderBy; srcUsers.TopN = SelectTopN; srcUsers.SelectedColumns = Columns; srcUsers.SiteName = SiteName; srcUsers.FilterName = filterUsers.ID; srcUsers.SourceFilterName = FilterName; srcUsers.CacheItemName = CacheItemName; srcUsers.CacheDependencies = CacheDependencies; srcUsers.CacheMinutes = CacheMinutes; srcUsers.SelectOnlyApproved = SelectOnlyApproved; srcUsers.SelectHidden = SelectHidden; // Init data properties filterUsers.InitDataProperties(srcUsers); #region "Repeater template properties" // Apply transformations if they exist if (!String.IsNullOrEmpty(TransformationName)) { repUsers.ItemTemplate = CMSDataProperties.LoadTransformation(this, TransformationName); } if (!String.IsNullOrEmpty(AlternatingItemTransformationName)) { repUsers.AlternatingItemTemplate = CMSDataProperties.LoadTransformation(this, AlternatingItemTransformationName); } if (!String.IsNullOrEmpty(FooterTransformationName)) { repUsers.FooterTemplate = CMSDataProperties.LoadTransformation(this, FooterTransformationName); } if (!String.IsNullOrEmpty(HeaderTransformationName)) { repUsers.HeaderTemplate = CMSDataProperties.LoadTransformation(this, HeaderTransformationName); } if (!String.IsNullOrEmpty(SeparatorTransformationName)) { repUsers.SeparatorTemplate = CMSDataProperties.LoadTransformation(this, SeparatorTransformationName); } #endregion // UniPager properties pagerElem.PageSize = PageSize; pagerElem.GroupSize = GroupSize; pagerElem.QueryStringKey = QueryStringKey; pagerElem.DisplayFirstLastAutomatically = DisplayFirstLastAutomatically; pagerElem.DisplayPreviousNextAutomatically = DisplayPreviousNextAutomatically; pagerElem.HidePagerForSinglePage = HidePagerForSinglePage; pagerElem.Enabled = EnablePaging; switch (PagingMode.ToLowerCSafe()) { case "querystring": pagerElem.PagerMode = UniPagerMode.Querystring; break; default: pagerElem.PagerMode = UniPagerMode.PostBack; break; } #region "UniPager template properties" // UniPager template properties if (!String.IsNullOrEmpty(PagesTemplate)) { pagerElem.PageNumbersTemplate = CMSDataProperties.LoadTransformation(pagerElem, PagesTemplate); } if (!String.IsNullOrEmpty(CurrentPageTemplate)) { pagerElem.CurrentPageTemplate = CMSDataProperties.LoadTransformation(pagerElem, CurrentPageTemplate); } if (!String.IsNullOrEmpty(SeparatorTemplate)) { pagerElem.PageNumbersSeparatorTemplate = CMSDataProperties.LoadTransformation(pagerElem, SeparatorTemplate); } if (!String.IsNullOrEmpty(FirstPageTemplate)) { pagerElem.FirstPageTemplate = CMSDataProperties.LoadTransformation(pagerElem, FirstPageTemplate); } if (!String.IsNullOrEmpty(LastPageTemplate)) { pagerElem.LastPageTemplate = CMSDataProperties.LoadTransformation(pagerElem, LastPageTemplate); } if (!String.IsNullOrEmpty(PreviousPageTemplate)) { pagerElem.PreviousPageTemplate = CMSDataProperties.LoadTransformation(pagerElem, PreviousPageTemplate); } if (!String.IsNullOrEmpty(NextPageTemplate)) { pagerElem.NextPageTemplate = CMSDataProperties.LoadTransformation(pagerElem, NextPageTemplate); } if (!String.IsNullOrEmpty(PreviousGroupTemplate)) { pagerElem.PreviousGroupTemplate = CMSDataProperties.LoadTransformation(pagerElem, PreviousGroupTemplate); } if (!String.IsNullOrEmpty(NextGroupTemplate)) { pagerElem.NextGroupTemplate = CMSDataProperties.LoadTransformation(pagerElem, NextGroupTemplate); } if (!String.IsNullOrEmpty(DirectPageTemplate)) { pagerElem.DirectPageTemplate = CMSDataProperties.LoadTransformation(pagerElem, DirectPageTemplate); } if (!String.IsNullOrEmpty(LayoutTemplate)) { pagerElem.LayoutTemplate = CMSDataProperties.LoadTransformation(pagerElem, LayoutTemplate); } #endregion // Connects repeater with data source repUsers.DataSource = srcUsers.DataSource; repUsers.DataBind(); } else { // Disable datasource srcUsers.StopProcessing = true; } } else { // Disable datasource srcUsers.StopProcessing = true; } } }
/// <summary> /// PreRender action on which security settings are set. /// </summary> private void Page_PreRender(object sender, EventArgs e) { if (mDocumentSaved) { TreeNode editedNode = Form.EditedObject as TreeNode; // Create or rebuild department content index CreateDepartmentContentSearchIndex(editedNode); if (AclInfoProvider.HasOwnAcl(editedNode)) { ForumInfo fi = ForumInfoProvider.GetForumInfo("Default_department_" + editedNode.NodeGUID, SiteContext.CurrentSiteID); MediaLibraryInfo mi = MediaLibraryInfoProvider.GetMediaLibraryInfo("Department_" + editedNode.NodeGUID, SiteContext.CurrentSiteName); // Check if forum of media library exists if ((fi != null) || (mi != null)) { // Get allowed roles ID int aclID = ValidationHelper.GetInteger(editedNode.GetValue("NodeACLID"), 0); DataSet listRoles = AclItemInfoProvider.GetAllowedRoles(aclID, NodePermissionsEnum.Read, "RoleID"); string roleIDs = null; if (!DataHelper.DataSourceIsEmpty(listRoles)) { IList <string> roles = DataHelper.GetStringValues(listRoles.Tables[0], "RoleID"); roleIDs = TextHelper.Join(";", roles); } // Set permissions for forum if (fi != null) { // Get resource object ResourceInfo resForums = ResourceInfoProvider.GetResourceInfo("CMS.Forums"); // Get permissions IDs DataSet dsForumPerm = PermissionNameInfoProvider.GetPermissionNames("ResourceID = " + resForums.ResourceId + " AND (PermissionName != '" + CMSAdminControl.PERMISSION_READ + "' AND PermissionName != '" + CMSAdminControl.PERMISSION_MODIFY + "')", null, 0, "PermissionID"); string forumPermissions = null; if (!DataHelper.DataSourceIsEmpty(dsForumPerm)) { foreach (DataRow drForumPerm in dsForumPerm.Tables[0].Rows) { forumPermissions += drForumPerm["PermissionID"] + ";"; } forumPermissions = forumPermissions.TrimEnd(';'); } // Delete old permissions apart attach file permission ForumRoleInfoProvider.DeleteAllRoles("ForumID = " + fi.ForumID + " AND PermissionID IN (" + forumPermissions.Replace(";", ", ") + ")"); // Set forum permissions ForumRoleInfoProvider.SetPermissions(fi.ForumID, roleIDs, forumPermissions); // Log staging task SynchronizationHelper.LogObjectChange(fi, TaskTypeEnum.UpdateObject); } // Set permissions for media library if (mi != null) { // Get resource object ResourceInfo resMediaLibs = ResourceInfoProvider.GetResourceInfo("CMS.MediaLibrary"); // Get permissions IDs DataSet dsMediaLibPerm = PermissionNameInfoProvider.GetPermissionNames("ResourceID = " + resMediaLibs.ResourceId + " AND (PermissionName = 'LibraryAccess' OR PermissionName = 'FileCreate')", null, 0, "PermissionID"); string mediaLibPermissions = null; if (!DataHelper.DataSourceIsEmpty(dsMediaLibPerm)) { foreach (DataRow drMediaLibPerm in dsMediaLibPerm.Tables[0].Rows) { mediaLibPermissions += drMediaLibPerm["PermissionID"] + ";"; } mediaLibPermissions = mediaLibPermissions.TrimEnd(';'); } // Delete old permissions only for Create file and See library content permissions MediaLibraryRolePermissionInfoProvider.DeleteAllRoles("LibraryID = " + mi.LibraryID + " AND PermissionID IN (" + mediaLibPermissions.Replace(";", ", ") + ")"); // Set media library permissions MediaLibraryRolePermissionInfoProvider.SetPermissions(mi.LibraryID, roleIDs, mediaLibPermissions); // Log staging task SynchronizationHelper.LogObjectChange(mi, TaskTypeEnum.UpdateObject); } } } } }
/// <summary> /// After node created, solver role permissions. /// </summary> private void AddRoles(object sender, EventArgs e) { string roleIds = ";" + usRoles.Value + ";"; // Check if ACL should inherit from parent if (InheritParentPermissions) { AclInfoProvider.EnsureOwnAcl(EditedNode); } else { // If node has already own ACL don't leave permissions, otherwise break inheritance if (!AclInfoProvider.HasOwnAcl(EditedNode)) { AclInfoProvider.BreakInherintance(EditedNode, false); } } int aclId = ValidationHelper.GetInteger(EditedNode.GetValue("NodeACLID"), 0); // Get original ACLItems DataSet ds = AclItemInfoProvider.GetAclItems(EditedNode.NodeID, "Operator LIKE N'R%' AND ACLID = " + aclId, null, 0, "Operator, Allowed, Denied"); // Change original values if (!DataHelper.DataSourceIsEmpty(ds)) { foreach (DataRow dr in ds.Tables[0].Rows) { string op = DataHelper.GetNotEmpty(dr["Operator"], "R"); int allowed = ValidationHelper.GetInteger(dr["Allowed"], 0); int denied = ValidationHelper.GetInteger(dr["Denied"], 0); int aclRoleId = ValidationHelper.GetInteger(op.Substring(1), 0); if (aclRoleId != 0) { // Check if read permission should be set or removed if (roleIds.Contains(";" + aclRoleId + ";")) { // Remove role from processed role and adjust permissions in database roleIds = roleIds.Replace(";" + aclRoleId + ";", ";"); allowed |= 1; } else { allowed &= 126; } RoleInfo ri = RoleInfoProvider.GetRoleInfo(aclRoleId); AclItemInfoProvider.SetRolePermissions(EditedNode, allowed, denied, ri); } } } // Create ACL items for new roles if (roleIds.Trim(';') != "") { // Process rest of the roles string[] roles = roleIds.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (string role in roles) { RoleInfo ri = RoleInfoProvider.GetRoleInfo(int.Parse(role)); AclItemInfoProvider.SetRolePermissions(EditedNode, 1, 0, ri); } } }