/// <summary>
/// Ensures that a <see cref="CPUserRights"/> value consists only of valid individual C-Access user account rights.
/// </summary>
/// <param name="rights">The <see cref="CPUserRights"/> value to sanitize.</param>
/// <returns>A sanitized copy of <paramref name="rights"/>.</returns>
public static CPUserRights Sanitize(CPUserRights rights)
{
CPUserRights cleanRights = CPUserRights.None;
foreach (CPUserRights right in Enum.GetValues(typeof(CPUserRights)))
{
if ((rights & right) == right)
{
cleanRights |= right;
}
}
return(cleanRights);
}
/// <summary>
/// Gets a <see cref="CPUserRights"/> value that represents the access rights granted to the specified user.
/// </summary>
/// <param name="username">The name of the user to get access rights for.</param>
/// <returns>A <see cref="CPUserRights"/> value indicating the total access rights granted to the specified user.</returns>
public CPUserRights GetUserRights(string username)
{
using (CPSecurityEntities context = new CPSecurityEntities())
{
CPUserRights rights = CPUserRights.None;
var groupRights = from m in context.SecurityGroupMemberships
where m.UserName == username
select(CPUserRights) m.SecurityGroup.UserRights;
foreach (var right in groupRights)
{
rights |= right;
}
return(CPSecurity.Sanitize(rights));
}
}
/// <summary>
/// Converts the value of this instance to a friendly string representation.
/// </summary>
/// <param name="right">The <see cref="CPUserRights"/> to convert.</param>
/// <returns>The friendly string representation of the value of this instance.</returns>
public static string ToDisplayString(this CPUserRights right)
{
switch (right)
{
case CPUserRights.CAccess:
return("C-Access");
case CPUserRights.CAccessModifyProfile:
return("C-Access - Modify Profile");
case CPUserRights.CAccessPrivate:
return("C-Access - Sensitive Data");
case CPUserRights.Csmart:
return("C-SMART");
case CPUserRights.CsmartDelete:
return("C-SMART - Delete Data");
case CPUserRights.CsmartEncryptionKey:
return("C-SMART - Change Encryption Key");
case CPUserRights.CsmartModify:
return("C-SMART - Modify Data");
case CPUserRights.CsmartPrivate:
return("C-SMART - Sensitive Data");
case CPUserRights.CsmartSubmit:
return("C-SMART - Administration and Submission");
case CPUserRights.EmailAlert:
return("E-mail Alerts");
case CPUserRights.SecurityAdmin:
return("C-Access - Security Administration");
case CPUserRights.VoterGuide:
return("VGSA");
case CPUserRights.VoterGuideSubmit:
return("VGSA - Submission");
default:
return(null);
}
}
private void _groupsListBox_SelectedIndexChanged(object sender, EventArgs e)
{
CPUserRights rights = CPUserRights.None;
IEnumerable items = _groupsListBox.SelectedItems.Count > 0 ? _groupsListBox.SelectedItems as IEnumerable : _groupsListBox.Items;
foreach (var i in items)
{
CPGroup group = i as CPGroup;
if (group == null)
{
continue;
}
rights |= group.UserRights;
}
foreach (var flag in _permissionFlags)
{
CPUserRights flagRights;
flag.Visible = Enum.TryParse(flag.Tag as string, out flagRights) && rights.HasRights(flagRights);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="Application"/> class.
/// </summary>
/// <param name="id">The application's unique identifier.</param>
/// <param name="name">The application name.</param>
/// <param name="accessRights">The user account rights needed to access the application.</param>
public Application(byte id, string name, CPUserRights accessRights)
{
_id = id;
_name = name;
_accessRights = accessRights;
}
/// <summary>
/// Determines whether one or more C-Access Security user rights are set in the current instance.
/// </summary>
/// <param name="this">The current instance to examine.</param>
/// <param name="rights">A user rights value.</param>
/// <returns>true if the user rights that are set in <paramref name="rights"/> are also set in the current instance; otherwise, false.</returns>
public static bool HasRights(this CPUserRights @this, CPUserRights rights)
{
return((@this & rights) == rights);
}
/// <summary>
/// Gets a value that indicates whether or not a user has been granted certain C-Access account rights and privileges.
/// </summary>
/// <param name="username">The name of the user to analyze.</param>
/// <param name="rights">A <see cref="CPUserRights"/> value indicating the security rights to check for.</param>
/// <returns>true if <paramref name="username"/> has been granted the rights indicated by <paramref name="rights"/>; otherwise, false.</returns>
public bool HasUserRights(string username, CPUserRights rights)
{
return(GetUserRights(username).HasFlag(rights));
}
/// <summary>
/// Gets a value that indicates whether or not a user has been granted certain C-Access account rights and privileges.
/// </summary>
/// <param name="userName">The name of the user to analyze.</param>
/// <param name="rights">A <see cref="CPUserRights"/> value indicating the security rights to check for.</param>
/// <returns>true if <paramref name="userName"/> has been granted the rights indicated by <paramref name="rights"/>; otherwise, false.</returns>
public bool HasUserRights(string userName, CPUserRights rights)
{
using (SecurityClient client = new SecurityClient()) { return(client.HasUserRights(userName, rights)); }
}
