/// <summary> Gets the <see cref="CommandInfo"/> for the command. </summary> /// <param name="postBackEvent"> /// The string executed upon the click on a command of types /// <see cref="CommandType.Event"/> or <see cref="CommandType.WxeFunction"/>. /// This string is usually the call to the <c>__doPostBack</c> script function used by ASP.net /// to force a post back. /// </param> /// <param name="parameters"> /// The strings inserted into the href attribute using <c>string.Format</c>. /// </param> /// <param name="onClick"> /// The string always rendered in the <c>onClick</c> tag of the anchor element. /// </param> /// <param name="securableObject"> /// The <see cref="ISecurableObject"/> for which security is evaluated. Use <see landword="null"/> if security is stateless or not evaluated. /// </param> /// <param name="additionalUrlParameters"> /// The <see cref="NameValueCollection"/> containing additional url parameters. /// Must not be <see langword="null"/>. /// </param> /// <param name="includeNavigationUrlParameters"> /// <see langword="true"/> to include URL parameters provided by <see cref="ISmartNavigablePage"/>. /// </param> public CommandInfo GetCommandInfo( string postBackEvent, string[] parameters, string onClick, ISecurableObject securableObject, NameValueCollection additionalUrlParameters, bool includeNavigationUrlParameters) { if (!HasAccess(securableObject)) { return(null); } switch (_type) { case CommandType.Href: return(GetCommandInfoForHrefCommand(parameters, onClick, additionalUrlParameters, includeNavigationUrlParameters)); case CommandType.Event: return(GetCommandInfoForEventCommand(postBackEvent, onClick)); case CommandType.WxeFunction: return(GetCommandInfoForWxeFunctionCommand(postBackEvent, onClick, additionalUrlParameters, includeNavigationUrlParameters)); case CommandType.None: return(null); default: throw new InvalidOperationException( string.Format("The CommandType '{0}' is not supported by the '{1}'.", _type, typeof(Command).FullName)); } }
/// <summary> /// Initializes a new instance of the Permission class with . /// </summary> /// <param name="securableObjectGuid">The securable object.</param> /// <param name="rightName">Name of the right.</param> public Permission(ISecurableObject securableObject, string[] rightNames) { foreach (string rightName in rightNames) { this.AddObjectRight(securableObject, rightName); } }
private void LoadObjectEventReceivers(ParentType parentType, string name) { switch (parentType) { case ParentType.Lists: case ParentType.Libraries: { this.m_SelectedObject = this.m_Web.Lists[name]; break; } //case ParentType.ContentTypes: // { // this.m_SelectedObject = this.m_Site.RootWeb.ContentTypes[name]; // break; // } case ParentType.Websites: { this.m_SelectedObject = this.m_Web.Webs[name]; break; } default: { MessageBox.Show(this, "The current type is not supported.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); break; } } this.LoadEventReceivers(); }
public ISecurableObject GetSecurableObject(WxeFunction function) { ArgumentUtility.CheckNotNullAndType("function", function, _functionType); WxeParameterDeclaration parameterDeclaration = GetParameterDeclaration(function.VariablesContainer.ParameterDeclarations); var tuple = GetActualParameterTypeAndValue(parameterDeclaration.Type, function.Variables[parameterDeclaration.Name]); var actualParameterType = tuple.Item1; var parameterValue = tuple.Item2; if (parameterValue == null) { throw new WxeException(string.Format( "The parameter '{1}' specified by the {0} applied to WxeFunction '{2}' is null.", _attribute.GetType().Name, parameterDeclaration.Name, _functionType.FullName)); } ISecurableObject securableObject = parameterValue as ISecurableObject; if (securableObject == null) { throw new WxeException(string.Format( "The parameter '{1}' specified by the {0} applied to WxeFunction '{2}' does not implement interface '{3}'.", _attribute.GetType().Name, parameterDeclaration.Name, _functionType.FullName, typeof(ISecurableObject).FullName)); } if (SecurableClass != null) { CheckParameterDeclarationMatchesSecurableClass(actualParameterType, parameterDeclaration.Name); } return(securableObject); }
/// <summary> Renders the opening tag for the command. </summary> /// <param name="writer"> The <see cref="HtmlTextWriter"/> object to use. Must not be <see langword="null"/>. </param> /// <param name="renderingFeatures"> The rendering features to use. </param> /// <param name="postBackEvent"> /// The string executed upon the click on a command of types /// <see cref="CommandType.Event"/> or <see cref="CommandType.WxeFunction"/>. /// This string is usually the call to the <c>__doPostBack</c> script function used by ASP.net /// to force a post back. /// </param> /// <param name="parameters"> /// The strings inserted into the href attribute using <c>string.Format</c>. /// </param> /// <param name="onClick"> /// The string always rendered in the <c>onClick</c> tag of the anchor element. /// </param> /// <param name="securableObject"> /// The <see cref="ISecurableObject"/> for which security is evaluated. Use <see landword="null"/> if security is stateless or not evaluated. /// </param> /// <param name="additionalUrlParameters"> /// The <see cref="NameValueCollection"/> containing additional url parameters. /// Must not be <see langword="null"/>. /// </param> /// <param name="includeNavigationUrlParameters"> /// <see langword="true"/> to include URL parameters provided by <see cref="ISmartNavigablePage"/>. /// </param> /// <param name="style"> The style applied to the opening tag. </param> public virtual void RenderBegin( HtmlTextWriter writer, IRenderingFeatures renderingFeatures, string postBackEvent, string[] parameters, string onClick, ISecurableObject securableObject, NameValueCollection additionalUrlParameters, bool includeNavigationUrlParameters, Style style) { ArgumentUtility.CheckNotNull("writer", writer); ArgumentUtility.CheckNotNull("style", style); var commandInfo = GetCommandInfo(postBackEvent, parameters, onClick, securableObject, additionalUrlParameters, includeNavigationUrlParameters); if (commandInfo != null) { commandInfo.AddAttributesToRender(writer, renderingFeatures); } if (OwnerControl != null && !string.IsNullOrEmpty(OwnerControl.ClientID) && !string.IsNullOrEmpty(ItemID)) { var clientID = OwnerControl.ClientID + "_" + ItemID; writer.AddAttribute(HtmlTextWriterAttribute.Id, clientID); } style.AddAttributesToRender(writer); writer.RenderBeginTag(HtmlTextWriterTag.A); }
public void Setup() { _mocks = new MockRepository(); _mockWebSecurityAdapter = _mocks.StrictMock <IWebSecurityAdapter> (); _mockSecurableObject = _mocks.StrictMock <ISecurableObject> (); _mockCommand = _mocks.StrictMock <Command> (CommandType.None, _mockWebSecurityAdapter, (IWxeSecurityAdapter)null); }
public override bool HasAccess(ISecurableObject securableObject, ISecurityPrincipal principal, IReadOnlyList <AccessType> requiredAccessTypes) { ArgumentUtility.DebugCheckNotNull("securableObject", securableObject); ArgumentUtility.DebugCheckNotNull("principal", principal); ArgumentUtility.DebugCheckNotNullOrEmpty("requiredAccessTypes", requiredAccessTypes); return(true); }
public override bool HasPropertyWriteAccess(ISecurableObject securableObject, IMethodInformation methodInformation, ISecurityPrincipal principal) { ArgumentUtility.DebugCheckNotNull("securableObject", securableObject); ArgumentUtility.DebugCheckNotNull("methodInformation", methodInformation); ArgumentUtility.DebugCheckNotNull("principal", principal); return(true); }
private bool HasAccessForEventCommand(ISecurableObject securableObject) { if (_webSecurityAdapter == null) { return(true); } return(_webSecurityAdapter.HasAccess(securableObject, Click)); }
public bool HasPropertyWriteAccess(ISecurableObject securableObject, MethodInfo methodInfo, ISecurityPrincipal principal) { ArgumentUtility.CheckNotNull("securableObject", securableObject); ArgumentUtility.CheckNotNull("methodInfo", methodInfo); ArgumentUtility.DebugCheckNotNull("principal", principal); var methodInformation = _memberResolver.GetMethodInformation(securableObject.GetSecurableType(), methodInfo, MemberAffiliation.Instance); return(HasPropertyWriteAccess(securableObject, methodInformation, principal)); }
public bool HasPropertyReadAccess(ISecurableObject securableObject, string propertyName, ISecurityPrincipal principal) { ArgumentUtility.CheckNotNull("securableObject", securableObject); ArgumentUtility.CheckNotNullOrEmpty("propertyName", propertyName); ArgumentUtility.DebugCheckNotNull("principal", principal); var methodInformation = _memberResolver.GetMethodInformation(securableObject.GetSecurableType(), "get_" + propertyName, MemberAffiliation.Instance); return(HasPropertyReadAccess(securableObject, methodInformation, principal)); }
/// <summary> Renders the opening tag for the command. </summary> /// <param name="writer"> The <see cref="HtmlTextWriter"/> object to use. </param> /// <param name="renderingFeatures"> The rendering features to use. </param> /// <param name="postBackLink"> /// The string rendered in the <c>href</c> tag of the anchor element when the command type is <see cref="CommandType.Event"/> or /// <see cref="CommandType.WxeFunction"/>. This string is usually the call to the <c>__doPostBack</c> script function used by ASP.net /// to force a post back. /// </param> /// <param name="onClick"> /// The string rendered in the <c>onClick</c> tag of the anchor element. /// </param> /// <param name="businessObjectID"> /// An identifier for the <see cref="IBusinessObject"/> to which the rendered command is applied. /// </param> /// <param name="securableObject"> /// The <see cref="ISecurableObject"/> for which security is evaluated. Use <see landword="null"/> if security is stateless or not evaluated. /// </param> public void RenderBegin( HtmlTextWriter writer, IRenderingFeatures renderingFeatures, string postBackLink, string onClick, string businessObjectID, ISecurableObject securableObject) { RenderBegin(writer, renderingFeatures, postBackLink, new[] { businessObjectID }, onClick, securableObject); }
public CopyDialog(spevthkman parentForm, SPWeb web, ISecurableObject selectedObject) : base() { this.m_ParentForm = parentForm; InitializeComponent(); this.Web = web; this.SelectedObject = selectedObject; }
public void AddSecurableObject(ISecurableObject securableObject) { SecurableObject obj = new SecurableObject() { Application = securableObject.Application, SecurableObjectType = securableObject.SecurableObjectType, Guid = securableObject.SecurableObjectGuid }; GatekeeperFactory.SecurableObjectSvc.Add(obj); }
public void CheckAccess(ISecurableObject securableObject, ISecurityPrincipal principal, IReadOnlyList <AccessType> requiredAccessTypes) { ArgumentUtility.DebugCheckNotNull("securableObject", securableObject); ArgumentUtility.DebugCheckNotNull("principal", principal); ArgumentUtility.DebugCheckNotNull("requiredAccessTypes", requiredAccessTypes); if (!HasAccess(securableObject, principal, requiredAccessTypes)) { throw CreatePermissionDeniedException("Access has been denied."); } }
public void GetSecurableType() { OrganizationalStructureTestHelper testHelper = new OrganizationalStructureTestHelper(); using (testHelper.Transaction.EnterNonDiscardingScope()) { ISecurableObject position = testHelper.CreatePosition("PositionName"); Assert.That(position.GetSecurableType(), Is.SameAs(typeof(Position))); } }
/// <summary> /// Adds the specified securable object,inserts the ISecurableObject object. /// </summary> /// <param name="securableObject">The securable object.</param> public void Add(ISecurableObject securableObject) { SecurableObject obj = new SecurableObject() { Application = securableObject.Application, SecurableObjectType = securableObject.SecurableObjectType, Guid = securableObject.SecurableObjectGuid }; this.securableObjectDao.Add(obj); }
/// <summary> Renders the opening tag for the command. </summary> /// <param name="writer"> The <see cref="HtmlTextWriter"/> object to use. </param> /// <param name="renderingFeatures"> The rendering features to use. </param> /// <param name="postBackLink"> /// The string rendered in the <c>href</c> tag of the anchor element when the command type is <see cref="CommandType.Event"/> or /// <see cref="CommandType.WxeFunction"/>. This string is usually the call to the <c>__doPostBack</c> script function used by ASP.net /// to force a post back. /// </param> /// <param name="onClick"> /// The string rendered in the <c>onClick</c> tag of the anchor element. /// </param> /// <param name="listIndex"> /// An index that indentifies the <see cref="IBusinessObject"/> on which the rendered command is applied on. /// </param> /// <param name="businessObjectID"> /// An identifier for the <see cref="IBusinessObject"/> to which the rendered command is applied. /// </param> /// <param name="securableObject"> /// The <see cref="ISecurableObject"/> for which security is evaluated. Use <see landword="null"/> if security is stateless or not evaluated. /// </param> public void RenderBegin( HtmlTextWriter writer, IRenderingFeatures renderingFeatures, string postBackLink, string onClick, int listIndex, string businessObjectID, ISecurableObject securableObject) { base.RenderBegin(writer, renderingFeatures, postBackLink, new string[] { listIndex.ToString(), businessObjectID }, onClick, securableObject); }
public AddDialog(spevthkman parentForm, SPWeb web, ISecurableObject selectedObject) : base() { this.m_ParentForm = parentForm; InitializeComponent(); this.m_TypeNames = new List <string>(); this.Web = web; this.SelectedObject = selectedObject; }
public void GetSecurityStrategy() { ISecurableObject tenant = TestHelper.CreateTenant("Tenant", "UID: Tenant"); IObjectSecurityStrategy objectSecurityStrategy = tenant.GetSecurityStrategy(); Assert.That(objectSecurityStrategy, Is.Not.Null); Assert.IsInstanceOf(typeof(DomainObjectSecurityStrategyDecorator), objectSecurityStrategy); DomainObjectSecurityStrategyDecorator domainObjectSecurityStrategyDecorator = (DomainObjectSecurityStrategyDecorator)objectSecurityStrategy; Assert.That(domainObjectSecurityStrategyDecorator.RequiredSecurityForStates, Is.EqualTo(RequiredSecurityForStates.None)); }
public void Setup() { _mocks = new MockRepository(); _mockWebSecurityAdapter = _mocks.StrictMock <IWebSecurityAdapter> (); _mockSecurableObject = _mocks.StrictMock <ISecurableObject> (); var serviceLocator = DefaultServiceLocator.Create(); serviceLocator.RegisterMultiple <IWebSecurityAdapter> (() => _mockWebSecurityAdapter); serviceLocator.RegisterMultiple <IWxeSecurityAdapter>(); _serviceLocatorScope = new ServiceLocatorScope(serviceLocator); }
public void GetSecurityStrategy() { ISecurableObject group = CreateGroup(); IObjectSecurityStrategy objectSecurityStrategy = group.GetSecurityStrategy(); Assert.That(objectSecurityStrategy, Is.Not.Null); Assert.IsInstanceOf(typeof(DomainObjectSecurityStrategyDecorator), objectSecurityStrategy); DomainObjectSecurityStrategyDecorator domainObjectSecurityStrategyDecorator = (DomainObjectSecurityStrategyDecorator)objectSecurityStrategy; Assert.That(domainObjectSecurityStrategyDecorator.RequiredSecurityForStates, Is.EqualTo(RequiredSecurityForStates.None)); }
public virtual bool HasMethodAccess(ISecurableObject securableObject, IMethodInformation methodInformation, ISecurityPrincipal principal) { ArgumentUtility.CheckNotNull("securableObject", securableObject); ArgumentUtility.CheckNotNull("methodInformation", methodInformation); ArgumentUtility.DebugCheckNotNull("principal", principal); var requiredAccessTypeEnums = _permissionProvider.GetRequiredMethodPermissions(securableObject.GetSecurableType(), methodInformation); Assertion.DebugIsNotNull(requiredAccessTypeEnums, "IPermissionProvider.GetRequiredMethodPermissions evaluated and returned null."); return(HasAccess(securableObject, methodInformation, requiredAccessTypeEnums, principal)); }
private bool HasAccess( ISecurableObject securableObject, IMemberInformation memberInformation, IReadOnlyList <Enum> requiredAccessTypeEnums, ISecurityPrincipal principal) { if (requiredAccessTypeEnums.Count == 0) { throw new ArgumentException(string.Format("The member '{0}' does not define required permissions.", memberInformation.Name), "requiredAccessTypeEnums"); } return(HasAccess(securableObject, principal, ConvertRequiredAccessTypeEnums(requiredAccessTypeEnums))); }
// methods and properties public bool HasAccess(ISecurableObject securableObject, Delegate handler) { if (handler == null) { return(true); } if (SecurityFreeSection.IsActive) { return(true); } List <DemandTargetPermissionAttribute> attributes = GetPermissionAttributes(handler.GetInvocationList()); bool hasAccess = true; foreach (DemandTargetPermissionAttribute attribute in attributes) { switch (attribute.PermissionSource) { case PermissionSource.WxeFunction: hasAccess &= WxeFunction.HasAccess(attribute.FunctionType); break; case PermissionSource.SecurableObject: SecurityClient securityClient = SecurityClient.CreateSecurityClientFromConfiguration(); if (securableObject == null) { hasAccess &= securityClient.HasStatelessMethodAccess(attribute.SecurableClass, attribute.MethodName); } else { hasAccess &= securityClient.HasMethodAccess(securableObject, attribute.MethodName); } break; default: throw new InvalidOperationException(string.Format( "Value '{0}' is not supported by the PermissionSource property of the DemandTargetPermissionAttribute.", attribute.PermissionSource)); } if (!hasAccess) { break; } } return(hasAccess); }
public void CheckMethodAccess(ISecurableObject securableObject, string methodName, ISecurityPrincipal principal) { ArgumentUtility.DebugCheckNotNull("securableObject", securableObject); ArgumentUtility.DebugCheckNotNullOrEmpty("methodName", methodName); ArgumentUtility.DebugCheckNotNull("principal", principal); if (!HasMethodAccess(securableObject, methodName, principal)) { ArgumentUtility.CheckNotNull("securableObject", securableObject); throw CreatePermissionDeniedException( "Access to method '{0}' on type '{1}' has been denied.", methodName, securableObject.GetSecurableType().FullName); } }
public void GetSecurityStrategy() { OrganizationalStructureTestHelper testHelper = new OrganizationalStructureTestHelper(); using (testHelper.Transaction.EnterNonDiscardingScope()) { ISecurableObject position = testHelper.CreatePosition("PositionName"); IObjectSecurityStrategy objectSecurityStrategy = position.GetSecurityStrategy(); Assert.That(objectSecurityStrategy, Is.Not.Null); Assert.IsInstanceOf(typeof(DomainObjectSecurityStrategyDecorator), objectSecurityStrategy); DomainObjectSecurityStrategyDecorator domainObjectSecurityStrategyDecorator = (DomainObjectSecurityStrategyDecorator)objectSecurityStrategy; Assert.That(domainObjectSecurityStrategyDecorator.RequiredSecurityForStates, Is.EqualTo(RequiredSecurityForStates.None)); } }
// construction and disposing public CommandTestHelper() { _httpContext = HttpContextHelper.CreateHttpContext("GET", "default.html", null); _httpContext.Response.ContentEncoding = Encoding.UTF8; _functionType = typeof(TestFunction); _functionTypeName = TypeUtility.GetPartialAssemblyQualifiedName(_functionType); _mocks = new MockRepository(); _mockWebSecurityAdapter = _mocks.StrictMock <IWebSecurityAdapter>(); _mockWxeSecurityAdapter = _mocks.StrictMock <IWxeSecurityAdapter>(); _mockSecurableObject = _mocks.StrictMock <ISecurableObject>(); _htmlWriter = new HtmlTextWriterSingleTagMock(); }
public virtual bool HasAccess(ISecurableObject securableObject, ISecurityPrincipal principal, IReadOnlyList <AccessType> requiredAccessTypes) { ArgumentUtility.CheckNotNull("securableObject", securableObject); ArgumentUtility.CheckNotNull("principal", principal); ArgumentUtility.CheckNotNull("requiredAccessTypes", requiredAccessTypes); if (SecurityFreeSection.IsActive) { return(true); } var objectSecurityStrategy = securableObject.GetSecurityStrategy(); Assertion.DebugIsNotNull(objectSecurityStrategy, "The securableObject did not return an IObjectSecurityStrategy."); return(objectSecurityStrategy.HasAccess(_securityProvider, principal, requiredAccessTypes)); }
public void CheckPropertyWriteAccess(ISecurableObject securableObject, IMethodInformation methodInformation, ISecurityPrincipal principal) { ArgumentUtility.DebugCheckNotNull("securableObject", securableObject); ArgumentUtility.DebugCheckNotNull("methodInformation", methodInformation); ArgumentUtility.DebugCheckNotNull("principal", principal); if (!HasPropertyWriteAccess(securableObject, methodInformation, principal)) { ArgumentUtility.CheckNotNull("securableObject", securableObject); ArgumentUtility.CheckNotNull("methodInformation", methodInformation); throw CreatePermissionDeniedException( "Access to set-accessor of property '{0}' on type '{1}' has been denied.", methodInformation.Name, securableObject.GetSecurableType().FullName); } }
public IRepositoryResult Create(ISecurableObject obj) { if (_db?.Employees == null) { var message = "Database is not available at the moment"; var exception = new TaskTrackerException("DB context is null", new NullReferenceException()); _erResult = new EmployeeRepositoryResult(message, exception); return _erResult; } var newEmployee = obj as AttEmployee; if (newEmployee == null) { var message = "Please specify valid data for Employee"; var exception = new TaskTrackerException("object cannot be cast to Employee", new ArgumentException()); _erResult = new EmployeeRepositoryResult(message, exception); return _erResult; } var emp = new Employee() { EUID = new Guid(), Name = newEmployee.Name, Surname = newEmployee.Surname }; var dbEmp = _db.Employees.Add(emp); _db.SaveChanges(); newEmployee = new AttEmployee(dbEmp.ID) { Name = dbEmp.Name, Surname = dbEmp.Surname, EUID = dbEmp.EUID }; var objects = new List<ISecurableObject>() { newEmployee }; _erResult = new EmployeeRepositoryResult(objects); return _erResult; }
public virtual bool HasAccess(ISecurableObject securableObject) { switch (_type) { case CommandType.Href: return(true); case CommandType.Event: return(HasAccessForEventCommand(securableObject)); case CommandType.WxeFunction: return(HasAccessForWxeFunctionCommand()); case CommandType.None: return(true); default: throw new InvalidOperationException( string.Format("The CommandType '{0}' is not supported by the '{1}'.", _type, typeof(Command).FullName)); } }
private void OnObjectSelected() { try { if ((this.ObjectsTreeView.SelectedNode != null) && (this.ObjectsTreeView.SelectedNode.Parent != null)) { this.EventReceiverTreeView.Nodes.Clear(); this.EventReceiverPropertyGrid.SelectedObject = null; this.m_SelectedObject = null; if (this.ObjectsTreeView.SelectedNode != null) { ParentType parentType = (ParentType)Enum.Parse(typeof(ParentType), this.ObjectsTreeView.SelectedNode.Parent.Name, false); this.LoadObjectEventReceivers(parentType, this.ObjectsTreeView.SelectedNode.Text); } } } catch (Exception ex) { this.HandleException(ex); } }
private void DeleteEventReceiverHook(Guid guid, ISecurableObject eventContiner) { SPEventReceiverDefinitionCollection definitions = null; if (typeof(SPWeb).IsAssignableFrom(eventContiner.GetType())) { SPWeb web = (SPWeb)eventContiner; definitions = web.EventReceivers; } else if (typeof(SPList).IsAssignableFrom(eventContiner.GetType())) { SPList list = (SPList)eventContiner; definitions = list.EventReceivers; } else { MessageBox.Show(this, "The current type is not supported.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } if (definitions != null) { foreach (SPEventReceiverDefinition definition in definitions) { if (guid == definition.Id) { string type = definition.Type.ToString(); string name = definition.Class; definition.Delete(); MessageBox.Show(this, string.Format("The event hook [{0}] to class [{1}] was deleted.", type, name), "Information", MessageBoxButtons.OK, MessageBoxIcon.Information); break; } } } }
private static bool DoesPrincipalHasPermissions(ISecurableObject item, SPPrincipal principal, SPBasePermissions permissions) { SPRoleAssignment roleAssignment = null; try { roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal); } catch { //if the user has no permission on the item (SPPrincipal is not in permissionlist -> item.RoleAssignments is empty), an exception is thrown. return false; } foreach (SPRoleDefinition definition in roleAssignment.RoleDefinitionBindings) { if ((definition.BasePermissions & permissions) == permissions) { return true; } } return false; }
public void AddObjectRight(ISecurableObject securableObject, string rightName) { securableObject.SecurableObjectId = GatekeeperFactory.SecurableObjectSvc.Get(securableObject.SecurableObjectGuid).Id; this.ObjectRights.Add(new ObjectRight(securableObject, rightName)); }
/// <summary> /// Initializes a new instance of the Permission class with . /// </summary> /// <param name="securableObject">The securable object.</param> /// <param name="rightName">Name of the right.</param> public Permission(ISecurableObject securableObject, string rightName) { this.AddObjectRight(securableObject, rightName); }
public IRepositoryResult Get(ISecurableObject obj) { if (_db?.Employees == null) { var message = "Database is not available at the moment"; var exception = new TaskTrackerException("DB context is null", new NullReferenceException()); _erResult = new EmployeeRepositoryResult(message, exception); return _erResult; } var dbEmp = _db.Employees.ToList(); if (dbEmp.Count == 0) { var message = "No employees were found"; var exception = new TaskTrackerObjectNotFoundException("Employees not found"); _erResult = new EmployeeRepositoryResult(message, exception); return _erResult; } var employees = dbEmp.Select(employee => new AttEmployee(employee.ID) { Name = employee.Name, Surname = employee.Surname, EUID = employee.EUID }); _erResult = new EmployeeRepositoryResult(employees); return _erResult; }
/// <summary> /// Determines whether the specified securable object has right. /// </summary> /// <param name="securableObject">The securable object.</param> /// <param name="rightName">Name of the right.</param> /// <returns> /// <c>true</c> if the specified securable object has right; otherwise, <c>false</c>. /// </returns> public virtual bool HasRight(ISecurableObject securableObject, string rightName) { return this.HasRight(securableObject.SecurableObjectId, rightName); }
private SushiSecurable findRoleAssignmentsForMember(ISecurableObject webOrList, SPUser user, List<string> userSharepointGroups, List<string> userADgroups) { SushiSecurable secSiteOrList = new SushiSecurable(); if (!webOrList.HasUniqueRoleAssignments && !chkShowOnlyUnique.Checked) return secSiteOrList; foreach (SPRoleAssignment ra in webOrList.RoleAssignments) { string raName = ra.Member.Name.ToUpper(); if (raName == user.Name.ToUpper() || userSharepointGroups.Contains(raName) || userADgroups.Contains(raName)) { UorG uOrG = new UorG(ra.Member.Name, userADgroups.Contains(raName)); if (ra.Member.Name.ToUpper() == user.Name.ToUpper()) uOrG.Name = user.LoginName; secSiteOrList.UorGs.Add(uOrG); foreach (SPRoleDefinition rd in ra.RoleDefinitionBindings) uOrG.RoleNames.Add(rd.Name); secSiteOrList.AtLeastOnePermission = true; } } if (user.IsSiteAdmin) { UorG uOrG = new UorG("Site Collection Admins", false); secSiteOrList.UorGs.Add(uOrG); uOrG.RoleNames.Add("Full Control"); secSiteOrList.AtLeastOnePermission = true; } return secSiteOrList; }
public void Save(Application application, User user, Role role, ISecurableObject securableObject) { SecurableObject sObj = GatekeeperFactory.SecurableObjectSvc.Get(securableObject.SecurableObjectGuid); this.Save(application, user, role, sObj); }
/// <summary> /// Initializes a new instance of the ObjectRight class with two parameters. /// </summary> /// <param name="securableObject">The securable object.</param> /// <param name="right">The right.</param> public ObjectRight(ISecurableObject securableObject, Right right) : this(securableObject.SecurableObjectId, right) { }
/// <summary> /// Initializes a new instance of the ObjectRight class with parameters. /// </summary> /// <param name="securableObject">The securable object.</param> /// <param name="rightName">Name of the right.</param> public ObjectRight(ISecurableObject securableObject, string rightName) : this(securableObject.SecurableObjectId, rightName) { }
public IRepositoryResult Delete(ISecurableObject obj) { throw new NotImplementedException(); }
/// <summary> /// Initializes a new instance of the UserRightAssignment class. /// </summary> /// <param name="user">The user of the application.</param> /// <param name="securableObject">The securable object.</param> /// <param name="right">The right.</param> public UserRightAssignment(User user, ISecurableObject securableObject, Right right) : base(securableObject, right) { this.User = user; }