public static List <Guid> check_access(Guid applicationId,
Guid?userId, List <Guid> objectIds, PrivacyObjectType objectType, PermissionType permission)
{
return(check_access(applicationId, userId, objectIds, objectType, new List <PermissionType>()
{
permission
})
.Keys.ToList());
}
public static bool check_access(Guid applicationId, Guid?userId, Guid objectId,
PrivacyObjectType objectType, PermissionType permission)
{
List <PermissionType> lst =
check_access(applicationId, userId, objectId, objectType, new List <PermissionType>()
{
permission
});
return(lst != null && lst.Count > 0);
}
public static List <PermissionType> check_access(Guid applicationId,
Guid?userId, Guid objectId, PrivacyObjectType objectType)
{
Dictionary <Guid, List <PermissionType> > dic =
check_access(applicationId, userId, new List <Guid>()
{
objectId
}, objectType);
return(dic.ContainsKey(objectId) ? dic[objectId] : new List <PermissionType>());
}
protected void get_audience(List <Guid> objectIds, PrivacyObjectType objectType, ref string responseText)
{
//Privacy Check: OK
if (!paramsContainer.GBEdit)
{
return;
}
bool accessDenied = objectIds.Count == 0 || !check_object_type(objectIds, objectType);
Dictionary <Guid, List <Audience> > audience = accessDenied ? new Dictionary <Guid, List <Audience> >() :
PrivacyController.get_audience(paramsContainer.Tenant.Id, objectIds);
Dictionary <Guid, List <DefaultPermission> > defaultPermissions = accessDenied ? new Dictionary <Guid, List <DefaultPermission> >() :
PrivacyController.get_default_permissions(paramsContainer.Tenant.Id, objectIds);
List <Privacy> settings = accessDenied ? new List <Privacy>() :
PrivacyController.get_settings(paramsContainer.Tenant.Id, objectIds);
objectIds.ForEach(u => {
if (!settings.Any(x => x.ObjectID == u))
{
settings.Add(new Privacy()
{
ObjectID = u
});
}
});
settings.ForEach(s => {
if (audience.ContainsKey(s.ObjectID.Value))
{
s.Audience = audience[s.ObjectID.Value];
}
if (defaultPermissions.ContainsKey(s.ObjectID.Value))
{
s.DefaultPermissions = defaultPermissions[s.ObjectID.Value];
}
});
List <ConfidentialityLevel> levels = PrivacyController.get_confidentiality_levels(paramsContainer.Tenant.Id);
responseText = "{\"ConfidentialityLevels\":[" + string.Join(",", levels.Select(x => x.toJson())) + "]" +
",\"Items\":{" + string.Join(",", settings.Where(x => x.ObjectID.HasValue)
.Select(u => "\"" + u.ObjectID.ToString() + "\":" + u.toJson())) + "}" +
(!accessDenied ? string.Empty : ",\"ErrorText\":\"" + Messages.AccessDenied + "\"") +
"}";
}
protected void set_audience(List <Privacy> items, PrivacyObjectType objectType, ref string responseText)
{
//Privacy Check: OK
if (!paramsContainer.GBEdit)
{
return;
}
if (items.Count != 0 &&
!check_object_type(items.Where(x => x.ObjectID.HasValue).Select(u => u.ObjectID.Value).ToList(), objectType))
{
responseText = "{\"ErrorText\":\"" + Messages.AccessDenied + "\"}";
if (items.Count == 1 && items[0].ObjectID.HasValue)
{
_save_error_log(Modules.Log.Action.SetPrivacyAudience_PermissionFailed, items[0].ObjectID);
}
return;
}
bool result = paramsContainer.CurrentUserID.HasValue &&
PrivacyController.set_audience(paramsContainer.Tenant.Id, items, paramsContainer.CurrentUserID.Value);
responseText = result ? "{\"Succeed\":\"" + Messages.OperationCompletedSuccessfully + "\"}" :
"{\"ErrorText\":\"" + Messages.OperationFailed + "\"}";
//Save Log
if (result && items.Count == 1)
{
LogController.save_log(paramsContainer.Tenant.Id, new Log()
{
UserID = paramsContainer.CurrentUserID.Value,
Date = DateTime.Now,
HostAddress = PublicMethods.get_client_ip(HttpContext.Current),
HostName = PublicMethods.get_client_host_name(HttpContext.Current),
Action = Modules.Log.Action.SetPrivacyAudience,
SubjectID = items[0].ObjectID,
Info = items[0].toJson(),
ModuleIdentifier = ModuleIdentifier.PRVC
});
}
//end of Save Log
}
protected void check_access(List <Guid> objectIds, PrivacyObjectType objectType,
List <PermissionType> permissions, ref string responseText)
{
//Privacy Check: OK
if (!paramsContainer.GBView)
{
return;
}
if (permissions.Count > 0)
{
permissions = permissions.Where(p => p != PermissionType.None).ToList();
}
Dictionary <Guid, List <PermissionType> > results = objectType == PrivacyObjectType.None ?
new Dictionary <Guid, List <PermissionType> >() : (permissions.Count == 0 ?
PrivacyController.check_access(paramsContainer.Tenant.Id, paramsContainer.CurrentUserID, objectIds, objectType) :
PrivacyController.check_access(paramsContainer.Tenant.Id, paramsContainer.CurrentUserID, objectIds, objectType, permissions));
responseText = "{" + string.Join(",", results.Keys.Select(
k => "\"" + k + "\":[" + string.Join(",", results[k].Select(p => "\"" + p.ToString() + "\"")) + "]")) + "}";
}
public static Dictionary <Guid, List <PermissionType> > check_access(Guid applicationId,
Guid?userId, List <Guid> objectIds, PrivacyObjectType objectType)
{
return(check_access(applicationId, userId, objectIds, objectType, new List <PermissionType>()));
}
public static Dictionary <Guid, List <PermissionType> > check_access(Guid applicationId,
Guid?userId, List <Guid> objectIds, PrivacyObjectType objectType, List <PermissionType> permissions)
{
Dictionary <Guid, List <PermissionType> > ret = new Dictionary <Guid, List <PermissionType> >();
PublicMethods.split_list <Guid>(objectIds, 200, ids =>
{
DataProvider.CheckAccess(applicationId, userId, ids, objectType, permissions)
.ToList().ForEach(x => ret.Add(x.Key, x.Value));
});
return(ret);
}
protected bool check_object_type(List <Guid> objectIds, PrivacyObjectType objectType)
{
switch (objectType)
{
case PrivacyObjectType.None:
case PrivacyObjectType.Node:
case PrivacyObjectType.NodeType:
{
if (objectIds.Count != 1)
{
return(false);
}
bool isNodeType = objectType != PrivacyObjectType.Node &&
CNController.is_node_type(paramsContainer.Tenant.Id, objectIds).Count == objectIds.Count;
bool isNode = !isNodeType && objectType != PrivacyObjectType.NodeType &&
CNController.is_node(paramsContainer.Tenant.Id, objectIds).Count == objectIds.Count;
if (!isNodeType && !isNode)
{
return(false);
}
bool accessPermission =
AuthorizationManager.has_right(AccessRoleName.ManageOntology, paramsContainer.CurrentUserID);
if (!accessPermission)
{
accessPermission = CNController.is_service_admin(paramsContainer.Tenant.Id,
objectIds[0], paramsContainer.CurrentUserID.Value);
}
if (!accessPermission && isNode)
{
accessPermission = CNController.is_node_admin(paramsContainer.Tenant.Id,
paramsContainer.CurrentUserID.Value, objectIds[0], null, null, null) ||
PrivacyController.check_access(paramsContainer.Tenant.Id, paramsContainer.CurrentUserID,
objectIds[0], PrivacyObjectType.Node, PermissionType.Modify);
}
return(accessPermission);
}
case PrivacyObjectType.FAQCategory:
return(QAController.is_faq_category(paramsContainer.Tenant.Id, objectIds).Count == objectIds.Count &&
(AuthorizationManager.has_right(AccessRoleName.ManageQA, paramsContainer.CurrentUserID) ||
QAController.is_workflow_admin(paramsContainer.Tenant.Id, paramsContainer.CurrentUserID.Value, null)));
case PrivacyObjectType.QAWorkFlow:
return(QAController.is_workflow(paramsContainer.Tenant.Id, objectIds).Count == objectIds.Count &&
AuthorizationManager.has_right(AccessRoleName.ManageQA, paramsContainer.CurrentUserID));
case PrivacyObjectType.Poll:
return(FGController.is_poll(paramsContainer.Tenant.Id, objectIds).Count == objectIds.Count &&
AuthorizationManager.has_right(AccessRoleName.ManagePolls, paramsContainer.CurrentUserID));
case PrivacyObjectType.Report:
return(!objectIds.Any(u => !ReportUtilities.ReportIDs.Any(x => x.Value == u)) &&
PublicMethods.is_system_admin(paramsContainer.Tenant.Id, paramsContainer.CurrentUserID.Value));
case PrivacyObjectType.FormElement:
return(FGController.is_form_element(paramsContainer.Tenant.Id, objectIds).Count == objectIds.Count &&
AuthorizationManager.has_right(AccessRoleName.ManageForms, paramsContainer.CurrentUserID));
}
return(false);
}
public void ProcessRequest(HttpContext context)
{
paramsContainer = new ParamsContainer(context, nullTenantResponse: true);
if (!paramsContainer.ApplicationID.HasValue)
{
return;
}
string responseText = string.Empty;
string command = PublicMethods.parse_string(context.Request.Params["Command"], false);
switch (command)
{
case "CheckAuthority":
check_authority(ListMaker.get_string_items(context.Request.Params["Permissions"], '|'), ref responseText);
_return_response(ref responseText);
return;
case "CheckAccess":
{
PrivacyObjectType pType = PrivacyObjectType.None;
if (!Enum.TryParse <PrivacyObjectType>(context.Request.Params["Type"], out pType))
{
pType = PrivacyObjectType.None;
}
List <PermissionType> permissions = new List <PermissionType>();
check_access(ListMaker.get_guid_items(context.Request.Params["ObjectIDs"], '|'),
pType,
ListMaker.get_enum_items <PermissionType>(context.Request.Params["Permissions"], '|')
.Where(p => p != PermissionType.None).ToList(),
ref responseText);
_return_response(ref responseText);
}
return;
case "SetAudience":
{
PrivacyObjectType objectType = PrivacyObjectType.None;
if (!Enum.TryParse(context.Request.Params["ObjectType"], out objectType))
{
objectType = PrivacyObjectType.None;
}
Dictionary <string, object> data =
PublicMethods.fromJSON(PublicMethods.parse_string(context.Request.Params["Data"]));
List <Privacy> items = new List <Privacy>();
foreach (string k in data.Keys)
{
Guid objId = Guid.Empty;
if (!Guid.TryParse(k, out objId) || data[k].GetType() != typeof(Dictionary <string, object>))
{
continue;
}
Privacy p = Privacy.fromJson((Dictionary <string, object>)data[k]);
if (p != null)
{
p.ObjectID = objId;
items.Add(p);
}
}
set_audience(items, objectType, ref responseText);
_return_response(ref responseText);
return;
}
case "GetAudience":
{
PrivacyObjectType objectType = PrivacyObjectType.None;
if (!Enum.TryParse(context.Request.Params["ObjectType"], out objectType))
{
objectType = PrivacyObjectType.None;
}
get_audience(ListMaker.get_guid_items(context.Request.Params["ObjectIDs"], '|'),
objectType, ref responseText);
_return_response(ref responseText);
return;
}
case "AddConfidentialityLevel":
add_confidentiality_level(PublicMethods.parse_int(context.Request.Params["LevelID"]),
PublicMethods.parse_string(context.Request.Params["Title"]), ref responseText);
_return_response(ref responseText);
return;
case "ModifyConfidentialityLevel":
modify_confidentiality_level(PublicMethods.parse_guid(context.Request.Params["ConfidentialityID"]),
PublicMethods.parse_int(context.Request.Params["LevelID"]),
PublicMethods.parse_string(context.Request.Params["Title"]), ref responseText);
_return_response(ref responseText);
return;
case "RemoveConfidentialityLevel":
remove_confidentiality_level(PublicMethods.parse_guid(context.Request.Params["ConfidentialityID"]), ref responseText);
_return_response(ref responseText);
return;
case "GetConfidentialityLevels":
get_confidentiality_levels(ref responseText);
_return_response(ref responseText);
return;
case "SetConfidentialityLevel":
set_confidentiality_level(PublicMethods.parse_guid(context.Request.Params["ObjectID"]),
PublicMethods.parse_guid(context.Request.Params["ConfidentialityID"]), ref responseText);
_return_response(ref responseText);
return;
case "UnsetConfidentialityLevel":
unset_confidentiality_level(PublicMethods.parse_guid(context.Request.Params["ObjectID"]), ref responseText);
_return_response(ref responseText);
return;
case "GetConfidentialityLevel":
get_confidentiality_level(PublicMethods.parse_guid(context.Request.Params["ObjectID"]), ref responseText);
_return_response(ref responseText);
return;
case "GetConfidentialityLevelUsers":
get_confidentiality_level_users(PublicMethods.parse_guid(context.Request.Params["ConfidentialityID"]),
PublicMethods.parse_string(context.Request.Params["SearchText"]),
PublicMethods.parse_int(context.Request.Params["Count"]),
PublicMethods.parse_long(context.Request.Params["LowerBoundary"]),
ref responseText);
_return_response(ref responseText);
return;
}
paramsContainer.return_response(PublicConsts.BadRequestResponse);
}
public void ProcessRequest(HttpContext context)
{
//Privacy Check: OK
paramsContainer = new ParamsContainer(context, nullTenantResponse: true);
if (!paramsContainer.ApplicationID.HasValue)
{
return;
}
string responseText = string.Empty;
string command = PublicMethods.parse_string(context.Request.Params["Command"], false);
if (string.IsNullOrEmpty(command))
{
return;
}
Guid currentUserId = paramsContainer.CurrentUserID.HasValue ? paramsContainer.CurrentUserID.Value : Guid.Empty;
Guid fileId = string.IsNullOrEmpty(context.Request.Params["FileID"]) ? Guid.Empty : Guid.Parse(context.Request.Params["FileID"]);
DocFileInfo file = DocumentsController.get_file(paramsContainer.Tenant.Id, fileId);
if (file == null)
{
paramsContainer.return_response(PublicConsts.BadRequestResponse);
return;
}
bool isTemporary =
PublicMethods.parse_string(HttpContext.Current.Request.Params["Category"], false).ToLower() == "temporary";
bool hasAccess = isTemporary || PublicMethods.is_system_admin(paramsContainer.Tenant.Id, currentUserId);
PrivacyObjectType pot = file.OwnerType == FileOwnerTypes.Node ? PrivacyObjectType.Node : PrivacyObjectType.None;
hasAccess = hasAccess || PrivacyController.check_access(paramsContainer.Tenant.Id,
paramsContainer.CurrentUserID, file.OwnerID.Value, pot, PermissionType.View);
if (!hasAccess && currentUserId != Guid.Empty &&
CNController.is_node(paramsContainer.Tenant.Id, file.OwnerID.Value))
{
bool isCreator = false, isContributor = false, isExpert = false, isMember = false, isAdminMember = false,
isServiceAdmin = false, isAreaAdmin = false, perCreatorLevel = false;
CNController.get_user2node_status(paramsContainer.Tenant.Id, paramsContainer.CurrentUserID.Value,
file.OwnerID.Value, ref isCreator, ref isContributor, ref isExpert, ref isMember, ref isAdminMember,
ref isServiceAdmin, ref isAreaAdmin, ref perCreatorLevel);
hasAccess = isServiceAdmin || isAreaAdmin || isCreator || isContributor || isExpert || isMember;
}
if (!hasAccess)
{
paramsContainer.return_response("{\"ErrorText\":\"" + Messages.AccessDenied.ToString() + "\"}");
}
if (isTemporary)
{
file.FolderName = FolderNames.TemporaryFiles;
}
else
{
file.refresh_folder_name();
}
if (!file.exists(paramsContainer.Tenant.Id))
{
_return_response(ref responseText);
}
DocFileInfo destFile = new DocFileInfo()
{
FileID = file.FileID, FolderName = FolderNames.PDFImages
};
switch (command)
{
case "Convert2Image":
convert2image(file,
PublicMethods.parse_string(context.Request.Params["PS"]),
destFile,
PublicMethods.parse_bool(context.Request.Params["Repair"]), ref responseText);
_return_response(ref responseText);
return;
case "GetPagesCount":
get_pages_count(file,
PublicMethods.parse_string(context.Request.Params["PS"]),
destFile, ref responseText);
_return_response(ref responseText);
return;
case "GetPage":
get_page(PublicMethods.parse_int(context.Request.Params["Page"], 1), destFile);
return;
}
paramsContainer.return_response(PublicConsts.BadRequestResponse);
}
public void ProcessRequest(HttpContext context)
{
//Privacy Check: OK
paramsContainer = new ParamsContainer(context, nullTenantResponse: false);
Guid fileId = string.IsNullOrEmpty(context.Request.Params["FileID"]) ?
Guid.Empty : Guid.Parse(context.Request.Params["FileID"]);
if (fileId == Guid.Empty && !Guid.TryParse(context.Request.Params["ATTFID"], out fileId))
{
fileId = Guid.Empty;
}
string category = PublicMethods.parse_string(context.Request.Params["Category"], false);
bool isTemporary = category.ToLower() == FolderNames.TemporaryFiles.ToString().ToLower();
bool? addFooter = PublicMethods.parse_bool(context.Request.Params["Meta"]);
Guid? coverId = PublicMethods.parse_guid(context.Request.Params["CoverID"]);
string pdfPassword = PublicMethods.parse_string(context.Request.Params["PS"]);
List <FolderNames> freeFolders = new[] {
FolderNames.ProfileImages,
FolderNames.HighQualityProfileImage,
FolderNames.CoverPhoto,
FolderNames.HighQualityCoverPhoto,
FolderNames.Icons,
FolderNames.HighQualityIcon,
FolderNames.ApplicationIcons,
FolderNames.HighQualityApplicationIcon,
FolderNames.Pictures
}.ToList();
bool isFreeFolder = !string.IsNullOrEmpty(category) && freeFolders.Any(f => f.ToString().ToLower() == category.ToLower());
if (isFreeFolder)
{
FolderNames fn = freeFolders.Where(u => u.ToString().ToLower() == category.ToLower()).FirstOrDefault();
DocFileInfo pic =
new DocFileInfo()
{
FileID = fileId, Extension = "jpg", FileName = fileId.ToString(), FolderName = fn
};
send_file(pic, false);
}
if (!paramsContainer.ApplicationID.HasValue)
{
paramsContainer.return_response(PublicConsts.NullTenantResponse);
return;
}
if (isTemporary)
{
string ext = PublicMethods.parse_string(context.Request.Params["Extension"]);
DocFileInfo temp = new DocFileInfo()
{
FileID = fileId,
Extension = ext,
FileName = fileId.ToString(),
FolderName = FolderNames.TemporaryFiles
};
send_file(temp, false);
}
else
{
DocFileInfo AttachFile = DocumentsController.get_file(paramsContainer.Tenant.Id, fileId);
if (AttachFile == null)
{
paramsContainer.return_response("{\"ErrorText\":\"" + Messages.AccessDenied + "\"}");
return;
}
PrivacyObjectType pot = AttachFile.OwnerType == FileOwnerTypes.Node ?
PrivacyObjectType.Node : PrivacyObjectType.None;
DocFileInfo ownerNode = !AttachFile.FileID.HasValue ? null :
DocumentsController.get_file_owner_node(paramsContainer.Tenant.Id, AttachFile.FileID.Value);
if (ownerNode != null)
{
AttachFile.OwnerNodeID = ownerNode.OwnerNodeID;
AttachFile.OwnerNodeName = ownerNode.OwnerNodeName;
AttachFile.OwnerNodeType = ownerNode.OwnerNodeType;
}
bool accessDenied =
!PrivacyController.check_access(paramsContainer.Tenant.Id,
paramsContainer.CurrentUserID, AttachFile.OwnerID.Value, pot, PermissionType.View) &&
!(
paramsContainer.CurrentUserID.HasValue &&
new CNAPI()
{
paramsContainer = this.paramsContainer
}
._is_admin(paramsContainer.Tenant.Id, AttachFile.OwnerID.Value,
paramsContainer.CurrentUserID.Value, CNAPI.AdminLevel.Creator, false)
);
if (accessDenied)
{
//Save Log
try
{
LogController.save_log(paramsContainer.Tenant.Id, new Log()
{
UserID = paramsContainer.CurrentUserID,
HostAddress = PublicMethods.get_client_ip(HttpContext.Current),
HostName = PublicMethods.get_client_host_name(HttpContext.Current),
Action = Modules.Log.Action.Download_AccessDenied,
SubjectID = fileId,
Info = "{\"Error\":\"" + Base64.encode(Messages.AccessDenied.ToString()) + "\"}",
ModuleIdentifier = ModuleIdentifier.DCT
});
}
catch { }
//end of Save Log
paramsContainer.return_response("{\"ErrorText\":\"" + Messages.AccessDenied + "\"}");
return;
}
AttachFile.refresh_folder_name();
string ext = AttachFile == null || string.IsNullOrEmpty(AttachFile.Extension) ? string.Empty :
AttachFile.Extension.ToLower();
bool isImage = ext == "jpg" || ext == "jpeg" || ext == "png" || ext == "gif" || ext == "bmp";
if (string.IsNullOrEmpty(AttachFile.Extension) || AttachFile.Extension.ToLower() != "pdf")
{
coverId = null;
}
bool dl = !isImage || PublicMethods.parse_bool(context.Request.Params["dl"], defaultValue: true) == true;
string contentType = !dl && isImage?PublicMethods.get_mime_type_by_extension(ext) : null;
send_file(AttachFile, !isImage, addPDFCover: true,
addPDFFooter: addFooter.HasValue && addFooter.Value,
coverId: coverId,
pdfPassword: pdfPassword,
contentType: contentType,
isAttachment: dl);
}
}
public static Dictionary <Guid, List <PermissionType> > CheckAccess(Guid applicationId,
Guid?userId, List <Guid> objectIds, PrivacyObjectType objectType, List <PermissionType> permissions)
{
if (!userId.HasValue)
{
userId = Guid.NewGuid();
}
if (objectIds.Count == 0)
{
return(new Dictionary <Guid, List <PermissionType> >());
}
if (permissions.Count == 0)
{
foreach (string s in Enum.GetNames(typeof(PermissionType)))
{
PermissionType pt = PermissionType.None;
if (Enum.TryParse <PermissionType>(s, out pt) && pt != PermissionType.None)
{
permissions.Add(pt);
}
}
}
SqlConnection con = new SqlConnection(ProviderUtil.ConnectionString);
SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
//Add ObjectIDs
DataTable objectIdsTable = new DataTable();
objectIdsTable.Columns.Add("Value", typeof(Guid));
foreach (Guid id in objectIds)
{
objectIdsTable.Rows.Add(id);
}
SqlParameter objectIdsParam = new SqlParameter("@ObjectIDs", SqlDbType.Structured);
objectIdsParam.TypeName = "[dbo].[GuidTableType]";
objectIdsParam.Value = objectIdsTable;
//end of Add ObjectIDs
//Add Permissions
DataTable permissionsTable = new DataTable();
permissionsTable.Columns.Add("GuidValue", typeof(string));
permissionsTable.Columns.Add("FirstValue", typeof(string));
foreach (PermissionType p in permissions)
{
if (p == PermissionType.None)
{
continue;
}
List <PermissionType> defaultItems = new List <PermissionType>()
{
PermissionType.Create,
PermissionType.View,
PermissionType.ViewAbstract,
PermissionType.ViewRelatedItems,
PermissionType.Download
};
string defaultPrivacy = defaultItems.Any(d => d == p) ? RaaiVanSettings.DefaultPrivacy(applicationId) : string.Empty;
permissionsTable.Rows.Add(p.ToString(), defaultPrivacy);
}
SqlParameter permissionsParam = new SqlParameter("@Permissions", SqlDbType.Structured);
permissionsParam.TypeName = "[dbo].[StringPairTableType]";
permissionsParam.Value = permissionsTable;
//end of Add Permissions
cmd.Parameters.AddWithValue("@ApplicationID", applicationId);
cmd.Parameters.AddWithValue("@UserID", userId);
if (objectType != PrivacyObjectType.None)
{
cmd.Parameters.AddWithValue("@ObjectType", objectType.ToString());
}
cmd.Parameters.Add(objectIdsParam);
cmd.Parameters.Add(permissionsParam);
cmd.Parameters.AddWithValue("@Now", DateTime.Now);
string spName = GetFullyQualifiedName("CheckAccess");
string sep = ", ";
string arguments = "@ApplicationID" + sep + "@UserID" + sep +
(objectType == PrivacyObjectType.None ? "null" : "@ObjectType") + sep +
"@ObjectIDs" + sep + "@Permissions" + sep + "@Now";
cmd.CommandText = ("EXEC" + " " + spName + " " + arguments);
con.Open();
try
{
IDataReader reader = (IDataReader)cmd.ExecuteReader();
return(_parse_access_checked_items(ref reader));
}
catch (Exception ex)
{
LogController.save_error_log(applicationId, null, spName, ex, ModuleIdentifier.PRVC);
return(new Dictionary <Guid, List <PermissionType> >());
}
finally { con.Close(); }
}
