public void Throws_Exception_When_No_Content_Found() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(9); var user = userMock.Object; var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(0)).Returns(content); var contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection(); var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; //act/assert Assert.Throws <HttpResponseException>(() => ContentController.CheckPermissions(new Dictionary <string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' })); }
public void No_Access_By_Path() { // Arrange IUser user = CreateUser(id: 9, startContentId: 9876); var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); IContent content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(1234)).Returns(content); IContentService contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection(); var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234")).Returns(permissionSet); IUserService userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny <UmbracoObjectTypes>(), It.IsAny <int[]>())) .Returns(new[] { Mock.Of <TreeEntityPath>(entity => entity.Id == 9876 && entity.Path == "-1,9876") }); IEntityService entityService = entityServiceMock.Object; var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled); // Act ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(1234, user, out IContent foundContent, new[] { 'F' }); // Assert Assert.AreEqual(ContentPermissions.ContentAccess.Denied, result); }
public void No_Access_To_Recycle_Bin_By_Permission() { // Arrange IUser user = CreateUser(withUserGroup: false); var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet); IUserService userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); IEntityService entityService = entityServiceMock.Object; var contentServiceMock = new Mock <IContentService>(); IContentService contentService = contentServiceMock.Object; var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled); // Act ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(-20, user, out IContent foundContent, new[] { 'B' }); // Assert Assert.AreEqual(ContentPermissions.ContentAccess.Denied, result); }
public void No_Access_By_Path() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(9); userMock.Setup(u => u.StartContentIds).Returns(new[] { 9876 }); var user = userMock.Object; var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(1234)).Returns(content); var contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection(); var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny <UmbracoObjectTypes>(), It.IsAny <int[]>())) .Returns(new[] { Mock.Of <EntityPath>(entity => entity.Id == 9876 && entity.Path == "-1,9876") }); var entityService = entityServiceMock.Object; //act var result = ContentController.CheckPermissions(new Dictionary <string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' }); //assert Assert.IsFalse(result); }
public void Access_Allowed_By_Permission() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(9); userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List <string>()) }); var user = userMock.Object; var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(1234)).Returns(content); var contentService = contentServiceMock.Object; var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A", "F", "C" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); var userServiceMock = new Mock <IUserService>(); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; //act var result = ContentPermissionsHelper.CheckPermissions(1234, user, userService, contentService, entityService, out var foundContent, new[] { 'F' }); //assert Assert.AreEqual(ContentPermissionsHelper.ContentAccess.Granted, result); }
public async Task <IEnumerable <EntityPermissionSet> > GetEntityPermissionsForRole(IUnitOfWork uofw, string roleID) { var rolePermissions = await uofw.GetRepository <AccessLevel>().All() .Where(x => !x.Hidden && x.RoleID == roleID) .Select(x => new { x.Entity.TypeName, x.AccessModifier }) .ToListAsync(); var allEntities = await _mappedBaseEntityService.GetEntitiesAsync(); var ret = new List <EntityPermissionSet>(); foreach (var item in allEntities) { var inRoleForType = rolePermissions.Where(x => x.TypeName == item.TypeName); var el = new EntityPermissionSet() { EntityType = item.TypeName, Create = inRoleForType.Any(x => x.AccessModifier == Base.Enums.AccessModifier.Create), Read = inRoleForType.Any(x => x.AccessModifier == Base.Enums.AccessModifier.Read), Update = inRoleForType.Any(x => x.AccessModifier == Base.Enums.AccessModifier.Update), Delete = inRoleForType.Any(x => x.AccessModifier == Base.Enums.AccessModifier.Delete), }; ret.Add(el); } return(ret); }
public void No_Access_To_Recycle_Bin_By_Permission() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(0); var user = userMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; var contentServiceMock = new Mock <IContentService>(); var contentService = contentServiceMock.Object; //act var result = ContentPermissionsHelper.CheckPermissions(-20, user, userService, contentService, entityService, AppCaches.Disabled, out var foundContent, new[] { 'B' }); //assert Assert.AreEqual(ContentPermissionsHelper.ContentAccess.Denied, result); }
public void No_Content_Found() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(9); var user = userMock.Object; var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(0)).Returns(content); var contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection(); var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; //act var result = ContentPermissionsHelper.CheckPermissions(1234, user, userService, contentService, entityService, AppCaches.Disabled, out var foundContent, new[] { 'F' }); //assert Assert.AreEqual(ContentPermissionsHelper.ContentAccess.NotFound, result); }
public async Task <EntityPermissionSet> GetPermissionsForType <T>(IUnitOfWork uofw, T type, IEnumerable <string> roleIDs = null) { var typeName = typeof(T).FullName; if (AppContext.UserID == null) { return(EntityPermissionSet.ReadOnly(typeName)); } if (roleIDs == null && await _userManager.IsInRoleAsync(AppContext.UserID, Roles.Admin)) { return(EntityPermissionSet.FullAccess(typeName)); } roleIDs = roleIDs ?? await _userManager.GetRolesAsync(AppContext.UserID); var accessModifiers = await uofw.GetRepository <AccessLevel>().All() .Where(x => roleIDs.Contains(x.RoleID) && x.Entity.TypeName == typeName) .Select(x => new { x.AccessModifier }) .ToListAsync(); return(new EntityPermissionSet() { Create = accessModifiers.Any(x => x.AccessModifier == AccessModifier.Create), Update = accessModifiers.Any(x => x.AccessModifier == AccessModifier.Update), Delete = accessModifiers.Any(x => x.AccessModifier == AccessModifier.Delete), Read = accessModifiers.Any(x => x.AccessModifier == AccessModifier.Read), EntityType = typeName }); }
public void No_Access_To_Recycle_Bin_By_Permission() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(0); var user = userMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; var contentServiceMock = new Mock <IContentService>(); var contentService = contentServiceMock.Object; //act var result = ContentController.CheckPermissions(new Dictionary <string, object>(), user, userService, contentService, entityService, -20, new[] { 'B' }); //assert Assert.IsFalse(result); }
public void No_Content_Found() { // Arrange IUser user = CreateUser(id: 9); var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); IContent content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(0)).Returns(content); IContentService contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection(); var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet); IUserService userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); IEntityService entityService = entityServiceMock.Object; var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled); // Act ContentPermissions.ContentAccess result = contentPermissions.CheckPermissions(1234, user, out IContent foundContent, new[] { 'F' }); // Assert Assert.AreEqual(ContentPermissions.ContentAccess.NotFound, result); }
public void No_Access_By_Permission() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(9); var user = userMock.Object; var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(1234)).Returns(content); var contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A", "B", "C" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; //act var result = ContentController.CheckPermissions(new Dictionary <string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' }); //assert Assert.IsFalse(result); }
public void Access_To_Recycle_Bin_By_Permission() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(0); userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List <string>()) }); var user = userMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A" }) }; var permissionSet = new EntityPermissionSet(-20, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; var contentServiceMock = new Mock <IContentService>(); var contentService = contentServiceMock.Object; //act var result = ContentController.CheckPermissions(new Dictionary <string, object>(), user, userService, contentService, entityService, -20, new[] { 'A' }); //assert Assert.IsTrue(result); }
public void Access_Allowed_By_Permission() { // Arrange var user = CreateUser(9); var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(1234)).Returns(content); var contentService = contentServiceMock.Object; var permissions = new EntityPermissionCollection { new(9876, 1234, new[] { "A", "F", "C" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); var userServiceMock = new Mock <IUserService>(); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled); // Act var result = contentPermissions.CheckPermissions(1234, user, out IContent _, new[] { 'F' }); // Assert Assert.AreEqual(ContentPermissions.ContentAccess.Granted, result); }
public void Access_To_Recycle_Bin_By_Permission() { // Arrange var user = CreateUser(); var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new(9876, 1234, new[] { "A" }) }; var permissionSet = new EntityPermissionSet(-20, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; var contentServiceMock = new Mock <IContentService>(); var contentService = contentServiceMock.Object; var contentPermissions = new ContentPermissions(userService, contentService, entityService, AppCaches.Disabled); // Act var result = contentPermissions.CheckPermissions(-20, user, out IContent _, new[] { 'A' }); // Assert Assert.AreEqual(ContentPermissions.ContentAccess.Granted, result); }
public void No_Access_By_Path() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(9); userMock.Setup(u => u.StartContentIds).Returns(new[] { 9876 }); var user = userMock.Object; var contentMock = new Mock <IContent>(); contentMock.Setup(c => c.Path).Returns("-1,1234,5678"); var content = contentMock.Object; var contentServiceMock = new Mock <IContentService>(); contentServiceMock.Setup(x => x.GetById(1234)).Returns(content); var contentService = contentServiceMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection(); var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234")).Returns(permissionSet); var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny <UmbracoObjectTypes>(), It.IsAny <int[]>())) .Returns(new[] { Mock.Of <TreeEntityPath>(entity => entity.Id == 9876 && entity.Path == "-1,9876") }); var entityService = entityServiceMock.Object; //act var result = ContentPermissionsHelper.CheckPermissions(1234, user, userService, contentService, entityService, AppCaches.Disabled, out var foundContent, new[] { 'F' }); //assert Assert.AreEqual(ContentPermissionsHelper.ContentAccess.Denied, result); }
/// <summary> /// Assigns permissions to an entity for multiple group/permission entries /// </summary> /// <param name="permissionSet"> /// </param> /// <remarks> /// This will first clear the permissions for this entity then re-create them /// </remarks> public void ReplaceEntityPermissions(EntityPermissionSet permissionSet) { var db = AmbientScope.Database; const string sql = "DELETE FROM umbracoUserGroup2NodePermission WHERE nodeId = @nodeId"; db.Execute(sql, new { nodeId = permissionSet.EntityId }); var toInsert = new List <UserGroup2NodePermissionDto>(); foreach (var entityPermission in permissionSet.PermissionsSet) { foreach (var permission in entityPermission.AssignedPermissions) { toInsert.Add(new UserGroup2NodePermissionDto { NodeId = permissionSet.EntityId, Permission = permission, UserGroupId = entityPermission.UserGroupId }); } } db.BulkInsertRecords(toInsert); }
/// <summary> /// This performs the calculations for inherited nodes based on this /// http://issues.umbraco.org/issue/U4-10075#comment=67-40085 /// </summary> /// <param name="groupPermissions"></param> /// <param name="pathIds"></param> /// <returns></returns> internal static EntityPermissionSet CalculatePermissionsForPathForUser( EntityPermission[] groupPermissions, int[] pathIds) { // not sure this will ever happen, it shouldn't since this should return defaults, but maybe those are empty? if (groupPermissions.Length == 0 || pathIds.Length == 0) { return(EntityPermissionSet.Empty()); } // The actual entity id being looked at (deepest part of the path) var entityId = pathIds[0]; var resultPermissions = new EntityPermissionCollection(); // create a grouped by dictionary of another grouped by dictionary var permissionsByGroup = groupPermissions .GroupBy(x => x.UserGroupId) .ToDictionary( x => x.Key, x => x.GroupBy(a => a.EntityId).ToDictionary(a => a.Key, a => a.ToArray())); // iterate through each group foreach (KeyValuePair <int, Dictionary <int, EntityPermission[]> > byGroup in permissionsByGroup) { var added = false; // iterate deepest to shallowest foreach (var pathId in pathIds) { if (byGroup.Value.TryGetValue(pathId, out EntityPermission[]? permissionsForNodeAndGroup) == false)
public void Access_To_Root_By_Permission() { //arrange var userMock = new Mock <IUser>(); userMock.Setup(u => u.Id).Returns(0); userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List <string>()) }); var user = userMock.Object; var userServiceMock = new Mock <IUserService>(); var permissions = new EntityPermissionCollection { new EntityPermission(9876, 1234, new string[] { "A" }) }; var permissionSet = new EntityPermissionSet(1234, permissions); userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1")).Returns(permissionSet); var contentServiceMock = new Mock <IContentService>(); var contentService = contentServiceMock.Object; var userService = userServiceMock.Object; var entityServiceMock = new Mock <IEntityService>(); var entityService = entityServiceMock.Object; //act var result = ContentPermissionsHelper.CheckPermissions(-1, user, userService, contentService, entityService, AppCaches.Disabled, out var foundContent, new[] { 'A' }); //assert Assert.AreEqual(ContentPermissionsHelper.ContentAccess.Granted, result); }
public void Get_User_Implicit_Permissions() { // Arrange UserGroup userGroup = CreateTestUserGroup(); Template template = TemplateBuilder.CreateTextPageTemplate(); FileService.SaveTemplate(template); ContentType contentType = ContentTypeBuilder.CreateSimpleContentType(defaultTemplateId: template.Id); ContentTypeService.Save(contentType); Content parent = ContentBuilder.CreateSimpleContent(contentType); ContentService.Save(parent); Content child1 = ContentBuilder.CreateSimpleContent(contentType, "child1", parent.Id); ContentService.Save(child1); Content child2 = ContentBuilder.CreateSimpleContent(contentType, "child2", child1.Id); ContentService.Save(child2); ContentService.SetPermission(parent, ActionBrowse.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionDelete.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionMove.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionBrowse.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionDelete.ActionLetter, new int[] { userGroup.Id }); // Act EntityPermissionSet permissions = UserService.GetPermissionsForPath(userGroup, child2.Path); // Assert string[] allPermissions = permissions.GetAllPermissions().ToArray(); Assert.AreEqual(3, allPermissions.Length); }
/// <summary> /// Gets the implicit/inherited permissions for the user for the given path /// </summary> /// <param name="user">User to check permissions for</param> /// <param name="path">Path to check permissions for</param> public EntityPermissionSet GetPermissionsForPath(IUser?user, string?path) { var nodeIds = path?.GetIdsFromPathReversed(); if (nodeIds is null || nodeIds.Length == 0 || user is null) { return(EntityPermissionSet.Empty()); } // collect all permissions structures for all nodes for all groups belonging to the user EntityPermission[] groupPermissions = GetPermissionsForPath(user.Groups.ToArray(), nodeIds, true).ToArray(); return(CalculatePermissionsForPathForUser(groupPermissions, nodeIds)); }
/// <summary> /// Gets the permissions for the provided group and path /// </summary> /// <param name="groups"></param> /// <param name="path">Path to check permissions for</param> /// <param name="fallbackToDefaultPermissions"> /// Flag indicating if we want to include the default group permissions for each result if there are not explicit /// permissions set /// </param> /// <returns>String indicating permissions for provided user and path</returns> public EntityPermissionSet GetPermissionsForPath(IUserGroup[] groups, string path, bool fallbackToDefaultPermissions = false) { var nodeIds = path.GetIdsFromPathReversed(); if (nodeIds.Length == 0) { return(EntityPermissionSet.Empty()); } // collect all permissions structures for all nodes for all groups EntityPermission[] groupPermissions = GetPermissionsForPath(groups.Select(x => x.ToReadOnlyGroup()).ToArray(), nodeIds, true).ToArray(); return(CalculatePermissionsForPathForUser(groupPermissions, nodeIds)); }
/// <summary> /// Assigns permissions to an entity for multiple users/permission entries /// </summary> /// <param name="permissionSet"> /// </param> /// <remarks> /// This will first clear the permissions for this entity then re-create them /// </remarks> public void ReplaceEntityPermissions(EntityPermissionSet permissionSet) { var db = _unitOfWork.Database; db.Execute("DELETE FROM umbracoUser2NodePermission WHERE nodeId=@nodeId", new { nodeId = permissionSet.EntityId }); var actions = permissionSet.UserPermissionsSet.Select(p => new User2NodePermissionDto { NodeId = permissionSet.EntityId, Permission = p.Permission, UserId = p.UserId }).ToArray(); _unitOfWork.Database.BulkInsertRecords(actions, _sqlSyntax); //Raise the event _unitOfWork.Events.Dispatch(AssignedPermissions, this, new SaveEventArgs <EntityPermission>(ConvertToPermissionList(actions), false)); }
private bool CheckPermissionsPath(string?path, IUser user, IReadOnlyList <char>?permissionsToCheck = null) { if (permissionsToCheck == null) { permissionsToCheck = Array.Empty <char>(); } // get the implicit/inherited permissions for the user for this path, // if there is no content item for this id, than just use the id as the path (i.e. -1 or -20) EntityPermissionSet permission = _userService.GetPermissionsForPath(user, path); var allowed = true; foreach (var p in permissionsToCheck) { if (permission == null || permission.GetAllPermissions().Contains(p.ToString(CultureInfo.InvariantCulture)) == false) { allowed = false; } } return(allowed); }
/// <summary> /// Assigns permissions to an entity for multiple users/permission entries /// </summary> /// <param name="permissionSet"> /// </param> /// <remarks> /// This will first clear the permissions for this entity then re-create them /// </remarks> public void ReplaceEntityPermissions(EntityPermissionSet permissionSet) { var db = _unitOfWork.Database; using (var trans = db.GetTransaction()) { db.Execute("DELETE FROM umbracoUser2NodePermission WHERE nodeId=@nodeId", new { nodeId = permissionSet.EntityId }); var actions = permissionSet.UserPermissionsSet.Select(p => new User2NodePermissionDto { NodeId = permissionSet.EntityId, Permission = p.Permission, UserId = p.UserId }).ToArray(); _unitOfWork.Database.BulkInsertRecords(actions, trans); trans.Complete(); //Raise the event AssignedPermissions.RaiseEvent( new SaveEventArgs <EntityPermission>(ConvertToPermissionList(actions), false), this); } }
public void ReplaceContentPermissions(EntityPermissionSet permissionSet) { var repo = new PermissionRepository <IContent>(UnitOfWork, _cacheHelper, SqlSyntax); repo.ReplaceEntityPermissions(permissionSet); }
public void SetPermissions(EntityPermissionSet permissionSet) { inner.SetPermissions(permissionSet); }
public void Calculate_Permissions_For_User_For_Path() { // see: http://issues.umbraco.org/issue/U4-10075#comment=67-40085 // for an overview of what this is testing const string path = "-1,1,2,3,4"; int[] pathIds = path.GetIdsFromPathReversed(); const int groupA = 7; const int groupB = 8; const int groupC = 9; var userGroups = new Dictionary <int, string[]> { { groupA, new[] { "S", "D", "F" } }, { groupB, new[] { "S", "D", "G", "K" } }, { groupC, new[] { "F", "G" } } }; EntityPermission[] permissions = new[] { new EntityPermission(groupA, 1, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupA, 2, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupA, 3, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupA, 4, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupB, 1, userGroups[groupB], isDefaultPermissions: true), new EntityPermission(groupB, 2, new[] { "F", "R" }, isDefaultPermissions: false), new EntityPermission(groupB, 3, userGroups[groupB], isDefaultPermissions: true), new EntityPermission(groupB, 4, userGroups[groupB], isDefaultPermissions: true), new EntityPermission(groupC, 1, userGroups[groupC], isDefaultPermissions: true), new EntityPermission(groupC, 2, userGroups[groupC], isDefaultPermissions: true), new EntityPermission(groupC, 3, new[] { "Q", "Z" }, isDefaultPermissions: false), new EntityPermission(groupC, 4, userGroups[groupC], isDefaultPermissions: true), }; // Permissions for Id 4 EntityPermissionSet result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds); Assert.AreEqual(4, result.EntityId); string[] allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(6, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "R", "Q", "Z" })); // Permissions for Id 3 result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(1).ToArray()); Assert.AreEqual(3, result.EntityId); allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(6, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "R", "Q", "Z" })); // Permissions for Id 2 result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(2).ToArray()); Assert.AreEqual(2, result.EntityId); allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(5, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "G", "R" })); // Permissions for Id 1 result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(3).ToArray()); Assert.AreEqual(1, result.EntityId); allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(5, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "G", "K" })); }