public bool Update(RolePrivilege roleprivilege, int old_rolePrivilegeId)
{
RolePrivilegeDAC roleprivilegeComponent = new RolePrivilegeDAC();
roleprivilege.HasAccess = true;
return(roleprivilegeComponent.UpdateRolePrivilege(roleprivilege.RoleId, roleprivilege.ContentEntityId, roleprivilege.SystemFunctionId, roleprivilege.HasAccess, DateTime.Now, old_rolePrivilegeId));
}
private Account CreateAccountWithPrivilegeFor(String area, String controller, String action)
{
Account account = ObjectFactory.CreateAccount();
Role role = ObjectFactory.CreateRole();
account.RoleId = role.Id;
context.Set <Account>().Add(account);
role.RolePrivileges = new List <RolePrivilege>();
RolePrivilege rolePrivilege = ObjectFactory.CreateRolePrivilege();
Privilege privilege = ObjectFactory.CreatePrivilege();
rolePrivilege.PrivilegeId = privilege.Id;
rolePrivilege.Privilege = privilege;
rolePrivilege.RoleId = role.Id;
rolePrivilege.Role = role;
privilege.Area = area;
privilege.Controller = controller;
privilege.Action = action;
role.RolePrivileges.Add(rolePrivilege);
context.Set <Role>().Add(role);
context.SaveChanges();
provider.Refresh();
return(account);
}
private Account CreateAccountWithPrivilegeFor(String area, String controller, String action, Boolean isLocked = false)
{
using (TestingContext context = new TestingContext())
{
Account account = ObjectFactory.CreateAccount();
Role role = ObjectFactory.CreateRole();
account.IsLocked = isLocked;
account.RoleId = role.Id;
account.Role = role;
role.RolePrivileges = new List <RolePrivilege>();
RolePrivilege rolePrivilege = ObjectFactory.CreateRolePrivilege();
Privilege privilege = ObjectFactory.CreatePrivilege();
rolePrivilege.PrivilegeId = privilege.Id;
rolePrivilege.Privilege = privilege;
rolePrivilege.RoleId = role.Id;
rolePrivilege.Role = role;
privilege.Controller = controller;
privilege.Action = action;
privilege.Area = area;
role.RolePrivileges.Add(rolePrivilege);
context.Set <Account>().Add(account);
context.SaveChanges();
SetUpDependencyResolver();
provider.Refresh();
return(account);
}
}
private Role CreateRoleWithPrivileges()
{
String[] actions = { "Edit", "Delete" };
String[] controllers = { "Roles", "Profile" };
Int32 privilegeNumber = 1;
Role role = ObjectFactory.CreateRole();
role.RolePrivileges = new List <RolePrivilege>();
foreach (String controller in controllers)
{
foreach (String action in actions)
{
RolePrivilege rolePrivilege = ObjectFactory.CreateRolePrivilege(privilegeNumber++);
rolePrivilege.Privilege = new Privilege {
Controller = controller, Action = action
};
rolePrivilege.Privilege.Area = controller != "Roles" ? "Administration" : null;
rolePrivilege.Privilege.Id = rolePrivilege.Id;
rolePrivilege.PrivilegeId = rolePrivilege.Id;
rolePrivilege.RoleId = role.Id;
rolePrivilege.Role = role;
role.RolePrivileges.Add(rolePrivilege);
}
}
return(role);
}
public ActionResult EditPrivileges(int RoleId, int[] SelectedGroups)
{
if (ModelState.IsValid)
{
List <int> RolePrivileges = (from s in db.Privileges join ur in db.RolePrivileges on s.Id equals ur.PrivilegeId where ur.RoleId == RoleId select s.Id).ToList();
foreach (int i in SelectedGroups)
{
if (!RolePrivileges.Contains(i))
{
RolePrivilege ur = new RolePrivilege();
ur.RoleId = RoleId;
ur.PrivilegeId = i;
ur.Id = db.RolePrivileges.OrderByDescending(c => c.Id).Select(c => c.Id).FirstOrDefault() + 1;
db.RolePrivileges.Add(ur);
db.SaveChanges();
}
}
foreach (int j in RolePrivileges)
{
if (!SelectedGroups.Contains(j))
{
RolePrivilege ur = db.RolePrivileges.Where(c => c.RoleId == RoleId && c.PrivilegeId == j).FirstOrDefault();
db.RolePrivileges.Remove(ur);
db.SaveChanges();
}
}
//db.Entry(user).State = EntityState.Modified;
//db.SaveChanges();
//return RedirectToAction("Index");
}
return(RedirectToAction("Index"));
}
public int Save(RolePrivilege obj)
{
var result = 0;
try
{
var row = _context.db.GetAll <RolePrivilege>()
.Where(f => f.menu_id == obj.menu_id && f.role_id == obj.role_id && f.grant_id == obj.grant_id)
.Count();
var sql = string.Empty;
if (row == 0)
{
sql = @"INSERT INTO m_role_privilege (role_id, menu_id, grant_id, is_grant)
VALUES (@role_id, @menu_id, @grant_id, @is_grant)";
}
else
{
sql = @"UPDATE m_role_privilege SET is_grant = @is_grant
WHERE role_id = @role_id AND menu_id = @menu_id AND grant_id = @grant_id";
}
_context.db.Execute(sql, obj);
result = 1;
}
catch (Exception ex)
{
_log.Error("Error:", ex);
}
return(result);
}
/// <summary>
/// Add a existing <c>Privilege</c> with name (<c>prv</c> prefix) to a <c>Role</c>.
/// </summary>
/// <param name="roleName">Role name</param>
/// <param name="privilegeName">Privilege name with <c>prv</c> prefix</param>
/// <param name="depth"><see cref="PrivilegeDepth"/></param>
/// <returns><see cref="AddPrivilegesRoleResponse"/></returns>
public AddPrivilegesRoleResponse AddPrivilege(string roleName, string privilegeName, PrivilegeDepth depth)
{
ExceptionThrow.IfNullOrEmpty(privilegeName, "privilegeName");
ExceptionThrow.IfNullOrEmpty(roleName, "roleName");
Guid id = GetId(roleName);
ExceptionThrow.IfGuidEmpty(id, "id", string.Format("'{0}' not found", roleName));
PrivilegeHelper privilegeHelper = new PrivilegeHelper(this.OrganizationService);
var privilegeList = privilegeHelper.GetPredefinedPrivileges();
ExceptionThrow.IfNull(privilegeList, "privilegeList", "System pre-defined privileges not found (001)");
ExceptionThrow.IfNullOrEmpty(privilegeList.Entities, "privilegeList.Entities", "System pre-defined privileges not found (002)");
var existingRole = privilegeList.Entities.Where(d => d["name"].Equals(privilegeName)).SingleOrDefault();
ExceptionThrow.IfNull(existingRole, "Privilege", string.Format("'{0}' privilege not found", privilegeName));
RolePrivilege privilege = new RolePrivilege()
{
Depth = depth, PrivilegeId = existingRole.Id
};
return(AddPrivilege(id, privilege));
}
private void SetUpData()
{
Account account = ObjectFactory.CreateAccount();
role = ObjectFactory.CreateRole();
account.RoleId = role.Id;
context.Set <Account>().Add(account);
role.RolePrivileges = new List <RolePrivilege>();
Int32 privilegeNumber = 1;
IEnumerable <String> controllers = new[] { "Accounts", "Roles" };
IEnumerable <String> actions = new[] { "Index", "Create", "Details", "Edit", "Delete" };
foreach (String controller in controllers)
{
foreach (String action in actions)
{
RolePrivilege rolePrivilege = ObjectFactory.CreateRolePrivilege(privilegeNumber++);
rolePrivilege.Privilege = new Privilege {
Area = "Administration", Controller = controller, Action = action
};
rolePrivilege.Privilege.Id = rolePrivilege.Id;
rolePrivilege.PrivilegeId = rolePrivilege.Id;
rolePrivilege.RoleId = role.Id;
rolePrivilege.Role = role;
role.RolePrivileges.Add(rolePrivilege);
}
}
context.Set <Role>().Add(role);
context.SaveChanges();
}
public string SaveUpdateRolePrivilege(RolePrivilege objRolePrivilege, SqlConnection con, SqlTransaction trans)
{
SqlCommand com = null;
try
{
com = new SqlCommand("spSaveOrUpdateRolePrivilege", con, trans);
com.CommandType = CommandType.StoredProcedure;
com.Parameters.Add("@Role", SqlDbType.VarChar, 50).Value = objRolePrivilege.Role;
com.Parameters.Add("@FriendlyName", SqlDbType.VarChar, 100).Value = objRolePrivilege.FriendlyName;
com.Parameters.Add("@CanEdit", SqlDbType.TinyInt).Value = objRolePrivilege.CanEdit;
com.Parameters.Add("@CanDelete", SqlDbType.TinyInt).Value = objRolePrivilege.CanDelete;
com.Parameters.Add("@CanAdd", SqlDbType.TinyInt).Value = objRolePrivilege.CanAdd;
com.Parameters.Add("@CanView", SqlDbType.TinyInt).Value = objRolePrivilege.CanView;
com.Parameters.Add("@CompanyID", SqlDbType.Int).Value = LogInInfo.CompanyID;
com.ExecuteNonQuery();
}
catch (Exception Ex)
{
throw new Exception(Ex.Message);
}
return(objRolePrivilege.Role);
}
private void Revoke(String privilege, String user)
{
RolePrivilegeBuilder builder = new RolePrivilegeBuilder(this.currentPrivilege);
RolePrivilege pri = builder.Grantee(new GranteeClauseBuilder().Grantee(user))
.Build();
this.privilegeBLL.RevokeRolePrivilege(pri);
}
public ActionResult DeleteConfirmed(int id)
{
RolePrivilege rolePrivilege = db.RolePrivileges.Find(id);
db.RolePrivileges.Remove(rolePrivilege);
db.SaveChanges();
return(RedirectToAction("Index"));
}
/// <summary>Insert or Update RolesPrivilege.</summary>
/// <param name="privilegeList">The List of IntegerColumn Object.</param>
/// <param name="role">The RolePrivilege Object.</param>
/// <returns>Boolean Object.</returns>
public bool RolePrivilegeUpsert(List <IntegerColumn> privilegeList, RolePrivilege role)
{
Logging.LogDebugMessage("Method: RolePrivilegeUpsert, MethodType: Post, Layer: SecurityDAL, Parameters: privilegeList = " + JsonConvert.SerializeObject(privilegeList) + ",role = " + JsonConvert.SerializeObject(role));
bool checkRolePrivilege = false;
DataSet dataSet = new DataSet();
var res = new List <IntegerColumn>();
DataTable dataTable = new DataTable();
dataTable = EntityCollectionHelper.ConvertTo <IntegerColumn>(privilegeList);
try
{
using (var command = new SqlCommand())
{
command.Connection = new SqlConnection(this.connectionString);
command.CommandText = "USP_RolePrivilegeUpsert";
command.CommandType = CommandType.StoredProcedure;
command.Parameters.Add(new SqlParameter()
{
ParameterName = "@RoleID", Value = role.RoleId
});
// command.Parameters.Add(new SqlParameter() { ParameterName = "@PrivilegeTable", Value = dataTable });
SqlParameter structuredParam = new SqlParameter("@PrivilegeTable", SqlDbType.Structured);
structuredParam.Value = dataTable;
command.Parameters.Add(structuredParam);
command.Parameters.Add(new SqlParameter()
{
ParameterName = "@UpdatedByUserID", Value = role.UpdateUserId
});
using (SqlDataAdapter adapter = new SqlDataAdapter(command))
{
adapter.Fill(dataSet);
if (dataSet != null)
{
checkRolePrivilege = true;
}
else
{
checkRolePrivilege = false;
}
}
}
}
catch (SqlException sqlEx)
{
Logging.LogErrorMessage("Method: RolePrivilegeUpsert, Layer: SecurityDAL, Stack Trace: " + sqlEx.ToString());
throw;
}
catch (Exception ex)
{
Logging.LogErrorMessage("Method: RolePrivilegeUpsert, Layer: SecurityDAL, Stack Trace: " + ex.ToString());
throw;
}
return(checkRolePrivilege);
}
private void CheckRecursive(TreeNodeAdv treeNode, bool isSave)
{
var nodeParent = treeNode.Parent;
if (isSave)
{
if (!base.IsSelectedItem(this.gridList.SelectedIndex, this.Text))
{
return;
}
var obj = _listOfRole[this.gridList.SelectedIndex];
if (nodeParent.Tag != null)
{
var rolePrivilege = new RolePrivilege
{
role_id = obj.role_id,
menu_id = nodeParent.Tag.ToString(),
grant_id = Convert.ToInt32(treeNode.Tag),
is_grant = treeNode.CheckState == CheckState.Checked
};
IRolePrivilegeBll rolePrivilegeBll = new RolePrivilegeBll(_log);
var result = rolePrivilegeBll.Save(rolePrivilege);
}
}
else
{
treeNode.CheckState = CheckState.Unchecked;
if (_listOfRolePrivilege != null)
{
if (nodeParent.Tag != null)
{
if (treeNode.Tag != null)
{
var role = _listOfRole[this.gridList.SelectedIndex];
var rolePrivilege = _listOfRolePrivilege.Where(f => f.role_id == role.role_id && f.menu_id == nodeParent.Tag.ToString() &&
f.grant_id == Convert.ToInt32(treeNode.Tag))
.SingleOrDefault();
if (rolePrivilege != null)
{
treeNode.CheckState = rolePrivilege.is_grant ? CheckState.Checked : CheckState.Unchecked;
}
}
}
}
}
// Print each node recursively.
foreach (TreeNodeAdv tn in treeNode.Nodes)
{
CheckRecursive(tn, isSave);
}
}
public void Delete_RolePrivileges()
{
RolePrivilege rolePrivilege = ObjectFactory.CreateRolePrivilege();
context.Set <RolePrivilege>().Add(rolePrivilege);
context.SaveChanges();
service.Delete(rolePrivilege.RoleId);
Assert.Empty(context.Set <RolePrivilege>());
}
public static void CreateRolePrivileges(IOrganizationService svc, Guid roleid, Guid privilegeid, int privilegeDepthMask)
{
var rolePrivilege = new RolePrivilege(privilegeDepthMask, privilegeid);
RolePrivilege[] rolePrivileges = { rolePrivilege };
AddPrivilegesRoleRequest addPrivs = new AddPrivilegesRoleRequest();
addPrivs.Privileges = rolePrivileges;
addPrivs.RoleId = roleid;
svc.Execute(addPrivs);
}
public int Save(RolePrivilege obj)
{
var result = 0;
using (IDapperContext context = new DapperContext())
{
_unitOfWork = new UnitOfWork(context, _log);
result = _unitOfWork.RolePrivilegeRepository.Save(obj);
}
return(result);
}
public bool RolePrivilegeUpsert(PrivilegeObj privilegeObj)
{
Logging.LogDebugMessage("Method: RolePrivilegeUpsert, MethodType: Post, Layer: SecurityController, Parameters: privilegeObj = " + JsonConvert.SerializeObject(privilegeObj));
using (SecurityBL rolePrivilegeUpsert = new SecurityBL())
{
RolePrivilege roleobj = new RolePrivilege();
roleobj = privilegeObj.roleslist;
List <IntegerColumn> privilegelist = new List <IntegerColumn>();
privilegelist = privilegeObj.privilegelist;
return(rolePrivilegeUpsert.RolePrivilegeUpsert(privilegelist, roleobj));
}
}
public ActionResult Edit([Bind(Include = "Id,RoleId,PrivilegeId")] RolePrivilege rolePrivilege)
{
if (ModelState.IsValid)
{
db.Entry(rolePrivilege).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.PrivilegeId = new SelectList(db.Privileges, "Id", "Name", rolePrivilege.PrivilegeId);
ViewBag.RoleId = new SelectList(db.Roles, "Id", "Name", rolePrivilege.RoleId);
return(View(rolePrivilege));
}
/// <summary>
/// Add a existing <c>Privilege</c> to a <c>Role</c>.
/// </summary>
/// <param name="roleId">Role Id</param>
/// <param name="privilegeId">
/// <c>Privilege Id</c>.
/// If you don't know <c>Privilege Id</c>, you can call <see cref="PrivilegeHelper.GetId(string)"/> method.
/// </param>
/// <param name="depth"><see cref="PrivilegeDepth"/></param>
/// <returns>
/// <see cref="AddPrivilegesRoleResponse"/>
/// </returns>
public AddPrivilegesRoleResponse AddPrivilege(Guid roleId, Guid privilegeId, PrivilegeDepth depth)
{
ExceptionThrow.IfGuidEmpty(roleId, "roleId");
ExceptionThrow.IfGuidEmpty(privilegeId, "privilegeId");
RolePrivilege privilege = new RolePrivilege()
{
Depth = depth, PrivilegeId = privilegeId
};
return(AddPrivilege(roleId, privilege));
}
public ActionResult Create([Bind(Include = "RoleId,PrivilegeId")] RolePrivilege rolePrivilege)
{
if (ModelState.IsValid)
{
db.RolePrivileges.Add(rolePrivilege);
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.PrivilegeId = new SelectList(db.Privileges, "Id", "Name", rolePrivilege.PrivilegeId);
ViewBag.RoleId = new SelectList(db.Roles, "Id", "Name", rolePrivilege.RoleId);
return(View(rolePrivilege));
}
/// <summary>
/// Add a existing <c>Privilege</c> to a <c>Role</c>.
/// <para>
/// For more information look at https://msdn.microsoft.com/en-us/library/microsoft.crm.sdk.messages.addprivilegesrolerequest(v=crm.8).aspx
/// </para>
/// </summary>
/// <param name="roleId"></param>
/// <param name="privilege"></param>
/// <returns><see cref="AddPrivilegesRoleResponse"/></returns>
public AddPrivilegesRoleResponse AddPrivilege(Guid roleId, RolePrivilege privilege)
{
ExceptionThrow.IfGuidEmpty(roleId, "roleId");
ExceptionThrow.IfNull(privilege, "privilege");
AddPrivilegesRoleRequest request = new AddPrivilegesRoleRequest()
{
RoleId = roleId,
Privileges = new RolePrivilege[] { privilege }
};
return((AddPrivilegesRoleResponse)this.OrganizationService.Execute(request));
}
public RolePrivilege CreateRolePrivilege(RolePrivilege entity)
{
DataCommand dc = DataCommandManager.GetDataCommand("External_Insert_RolePrivilege");
dc.SetParameterValue("@SysNo", entity.SysNo);
dc.SetParameterValue("@RoleSysNo", entity.RoleSysNo);
dc.SetParameterValue("@PrivilegeSysNo", entity.PrivilegeSysNo);
dc.ExecuteNonQuery();
entity.SysNo = Convert.ToInt32(dc.GetParameterValue("@SysNo"));
return(entity);
}
public JsonResult Update(UpdateRoleModel model, string pIds)
{
JsonResult json = new JsonResult();
if (string.IsNullOrEmpty(model.roleName))
{
return(Json(new { success = false, msg = "角色名称不为空" }, "text/json"));
}
List <Role> mrRole = db.Role.Where(m => m.roleName == model.roleName).ToList();
if (mrRole != null & mrRole.Count > 1)
{
return(Json(new { success = false, msg = "角色名称已经存在" }, "text/json"));
}
using (TransactionScope scope = new TransactionScope())
{
try
{
Role role = db.Role.FirstOrDefault(m => m.roleName == model.roleName);
if (role != null)
{
role.roleName = model.roleName;
role.roleNote = model.roleNote;
}
db.Entry(role).State = EntityState.Modified;
RolePrivilege rolePrivilege =
db.RolePrivilege.Where(m => m.roleId == model.roleId).FirstOrDefault();
if (rolePrivilege != null)
{
rolePrivilege.privilegeIds = pIds;
rolePrivilege.roleId = model.roleId;
}
db.Entry(rolePrivilege).State = EntityState.Modified;
if (db.SaveChanges() > 0)
{
json.Data = new { success = true, msg = "修改成功!" };
}
else
{
json.Data = new { success = false, msg = "修改失败!" };
}
}
catch (DbEntityValidationException ex)
{
throw;
}
scope.Complete();
}
return(json);
}
private RolePrivilege toRolePrivilege(Entity e)
{
var rp = new RolePrivilege()
{
CanBeGlobal = e.GetAttributeValue <bool>("canbeglobal"),
CanBeDeep = e.GetAttributeValue <bool>("canbedeep"),
CanBeLocal = e.GetAttributeValue <bool>("canbelocal"),
CanBeBasic = e.GetAttributeValue <bool>("canbebasic"),
AccessRight = e.GetAttributeValue <AccessRights>("accessright"),
PrivilegeDepth = PrivilegeDepthToEnum((int)e.GetAttributeValue <AliasedValue>(PRIVILEGE_ROLEPRIVILEGE_ALIAS + ".privilegedepthmask").Value)
};
return(rp);
}
public bool Insert(RolePrivilege roleprivilege)
{
int autonumber = 0;
RolePrivilegeDAC roleprivilegeComponent = new RolePrivilegeDAC();
roleprivilege.HasAccess = true;
bool endedSuccessfuly = roleprivilegeComponent.InsertNewRolePrivilege(ref autonumber, roleprivilege.RoleId, roleprivilege.ContentEntityId, roleprivilege.SystemFunctionId, roleprivilege.HasAccess, DateTime.Now);
if (endedSuccessfuly)
{
roleprivilege.RolePrivilegeId = autonumber;
}
return(endedSuccessfuly);
}
public void SaveUpdateTest()
{
var obj = new RolePrivilege
{
role_id = "11dc1faf-2c66-4525-932d-a90e24da8987",
menu_id = "a138abfd-73da-438e-a0fe-aa3e6c6ddce9",
grant_id = 0,
is_grant = false
};
var result = _bll.Save(obj);
Assert.IsTrue(result != 0);
}
private void ExecuteGrant(List <String> roles, String grantee, Boolean isAdmin)
{
if (roles.Count > 0)
{
foreach (String role in roles)
{
RolePrivilegeBuilder builder = new RolePrivilegeBuilder(role);
RolePrivilege rolePrivilege = builder
.Grantee(new GranteeClauseBuilder().Grantee(grantee))
.AdminOption(isAdmin).Build();
this.privilegeBLL.GrantRolePrivilege(rolePrivilege);
}
}
}
private RolePrivilege ToRolePrivilege(Entity e1, Entity e2)
{
var rp = new RolePrivilege()
{
CanBeGlobal = e1.GetAttributeValue <bool>("canbeglobal"),
CanBeDeep = e1.GetAttributeValue <bool>("canbedeep"),
CanBeLocal = e1.GetAttributeValue <bool>("canbelocal"),
CanBeBasic = e1.GetAttributeValue <bool>("canbebasic"),
AccessRight = e1.GetAttributeValue <AccessRights>("accessright"),
PrivilegeDepth = PrivilegeDepthToEnum((int)e2["privilegedepthmask"])
};
return(rp);
}
// GET: RolePrivileges/Details/5
public ActionResult Details(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
RolePrivilege rolePrivilege = db.RolePrivileges.Find(id);
if (rolePrivilege == null)
{
return(HttpNotFound());
}
return(View(rolePrivilege));
}
public void AddRolePrivilege(int roleId, int privilegeId)
{
RolePrivilege entity = new RolePrivilege
{
PrivilegeId = privilegeId,
RoleId = roleId
};
using (var reps = PrivilegeContextProvider.GetRepository())
{
reps.Use <RolePrivilege>().Add(entity);
reps.SaveChanges();
}
}
public List<RolePrivilege> ActionsToRolePrivilegeList()
{
var list = new List<RolePrivilege>();
foreach (PrivilegeAction pAction in Actions)
{
var rp = new RolePrivilege { PrivilegeId = pAction.PrivilegeId };
switch (pAction.Level)
{
case PrivilegeLevel.User:
{
rp.Depth = PrivilegeDepth.Local;
}
break;
case PrivilegeLevel.BusinessUnit:
{
rp.Depth = PrivilegeDepth.Basic;
}
break;
case PrivilegeLevel.ParentChildBusinessUnit:
{
rp.Depth = PrivilegeDepth.Deep;
}
break;
case PrivilegeLevel.Organization:
{
rp.Depth = PrivilegeDepth.Global;
}
break;
}
list.Add(rp);
}
return list;
}
public void AssignRolePrivileges()
{
mForm.AddMessage(MessageType.Info, "-------------------- Assigning Role Privileges --------------------");
List<Role> roles = (from x in mCee.Roles select x).ToList();
List<Privilege> privileges = (from x in mCee.Privileges select x).ToList();
List<SecurityObject> securityObjects = (from x in mCee.SecurityObjects select x).ToList();
foreach (var role in roles)
{
foreach (var privilege in privileges)
{
foreach (var securityObject in securityObjects)
{
var rolePrivilegeExist = (from x in mCee.RolePrivileges
where x.RoleId == role.Id
&& x.PrivilegeId == privilege.Id
&& x.SecObjectId == securityObject.Id
select x).FirstOrDefault();
if (rolePrivilegeExist == null)
{
RolePrivilege rolePrivilege = new RolePrivilege();
rolePrivilege.RoleId = role.Id;
rolePrivilege.PrivilegeId = privilege.Id;
rolePrivilege.SecObjectId = securityObject.Id;
mCee.RolePrivileges.AddObject(rolePrivilege);
}
}
}
mCee.SaveChanges();
}
}
/// <summary>
/// This method first connects to the Organization service. Afterwards, an
/// authorization profile is created, and associated to a team. Then an entity
/// is created and permissions for the entity are assigned to the profile. These
/// permissions are then retrieved.
/// </summary>
/// <param name="serverConfig">Contains server connection information.</param>
/// <param name="promptforDelete">When True, the user will be prompted to delete all
/// created entities.</param>
public void Run(ServerConnection.Configuration serverConfig, bool promptforDelete)
{
try
{
//<snippetRetrieveSecuredFieldsForAUser1>
// Connect to the Organization service.
// The using statement assures that the service proxy will be properly disposed.
using (_serviceProxy = new OrganizationServiceProxy(serverConfig.OrganizationUri, serverConfig.HomeRealmUri,serverConfig.Credentials, serverConfig.DeviceCredentials))
{
// This statement is required to enable early-bound type support.
_serviceProxy.EnableProxyTypes();
CreateRequiredRecords();
// Create Field Security Profile.
FieldSecurityProfile managersProfile = new FieldSecurityProfile();
managersProfile.Name = "Managers";
_profileId = _serviceProxy.Create(managersProfile);
Console.Write("Created Profile, ");
// Add team to profile.
AssociateRequest teamToProfile = new AssociateRequest()
{
Target = new EntityReference(FieldSecurityProfile.EntityLogicalName,
_profileId),
RelatedEntities = new EntityReferenceCollection()
{
new EntityReference(Team.EntityLogicalName, _teamId)
},
Relationship = new Relationship("teamprofiles_association")
};
_serviceProxy.Execute(teamToProfile);
// Add user to the profile.
AssociateRequest userToProfile = new AssociateRequest()
{
Target = new EntityReference(FieldSecurityProfile.EntityLogicalName,
_profileId),
RelatedEntities = new EntityReferenceCollection()
{
new EntityReference(SystemUser.EntityLogicalName, _userId)
},
Relationship = new Relationship("systemuserprofiles_association")
};
_serviceProxy.Execute(userToProfile);
// Create custom activity entity.
CreateEntityRequest req = new CreateEntityRequest()
{
Entity = new EntityMetadata
{
LogicalName = "new_tweet",
DisplayName = new Label("Tweet", 1033),
DisplayCollectionName = new Label("Tweet", 1033),
OwnershipType = OwnershipTypes.UserOwned,
SchemaName = "New_Tweet",
IsActivity = true,
IsAvailableOffline = true,
IsAuditEnabled = new BooleanManagedProperty(true),
IsMailMergeEnabled = new BooleanManagedProperty(false),
},
HasActivities = false,
HasNotes = true,
PrimaryAttribute = new StringAttributeMetadata()
{
SchemaName = "Subject",
LogicalName = "subject",
RequiredLevel = new AttributeRequiredLevelManagedProperty(
AttributeRequiredLevel.None),
MaxLength = 100,
DisplayName = new Label("Subject", 1033)
}
};
_serviceProxy.Execute(req);
Console.Write("Entity Created, ");
// Add privileges for the Tweet entity to the Marketing Role.
RolePrivilege[] privileges = new RolePrivilege[3];
// SDK: prvCreateActivity
privileges[0] = new RolePrivilege();
privileges[0].PrivilegeId = new Guid("{091DF793-FE5E-44D4-B4CA-7E3F580C4664}");
privileges[0].Depth = PrivilegeDepth.Global;
// SDK: prvReadActivity
privileges[1] = new RolePrivilege();
privileges[1].PrivilegeId = new Guid("{650C14FE-3521-45FE-A000-84138688E45D}");
privileges[1].Depth = PrivilegeDepth.Global;
// SDK: prvWriteActivity
privileges[2] = new RolePrivilege();
privileges[2].PrivilegeId = new Guid("{0DC8F72C-57D5-4B4D-8892-FE6AAC0E4B81}");
privileges[2].Depth = PrivilegeDepth.Global;
// Create and execute the request.
AddPrivilegesRoleRequest request = new AddPrivilegesRoleRequest()
{
RoleId = _roleId,
Privileges = privileges
};
AddPrivilegesRoleResponse response =
(AddPrivilegesRoleResponse)_serviceProxy.Execute(request);
// Create custom identity attribute.
CreateAttributeRequest attrReq = new CreateAttributeRequest()
{
Attribute = new StringAttributeMetadata()
{
LogicalName = "new_identity",
DisplayName = new Label("Identity", 1033),
SchemaName = "New_Identity",
MaxLength = 500,
RequiredLevel = new AttributeRequiredLevelManagedProperty(
AttributeRequiredLevel.Recommended),
IsSecured = true
},
EntityName = "new_tweet"
};
CreateAttributeResponse identityAttributeResponse =
(CreateAttributeResponse)_serviceProxy.Execute(attrReq);
_identityId = identityAttributeResponse.AttributeId;
Console.Write("Identity Created, ");
// Create custom message attribute.
attrReq = new CreateAttributeRequest()
{
Attribute = new StringAttributeMetadata()
{
LogicalName = "new_message",
DisplayName = new Label("Message", 1033),
SchemaName = "New_Message",
MaxLength = 140,
RequiredLevel = new AttributeRequiredLevelManagedProperty(
AttributeRequiredLevel.Recommended),
IsSecured = true
},
EntityName = "new_tweet"
};
CreateAttributeResponse messageAttributeResponse =
(CreateAttributeResponse)_serviceProxy.Execute(attrReq);
_messageId = messageAttributeResponse.AttributeId;
Console.Write("Message Created, ");
// Create field permission object for Identity.
FieldPermission identityPermission = new FieldPermission();
identityPermission.AttributeLogicalName = "new_identity";
identityPermission.EntityName = "new_tweet";
identityPermission.CanRead = new OptionSetValue(FieldPermissionType.Allowed);
identityPermission.FieldSecurityProfileId = new EntityReference(
FieldSecurityProfile.EntityLogicalName, _profileId);
_identityPermissionId = _serviceProxy.Create(identityPermission);
Console.Write("Permission Created, ");
// Create list for storing retrieved profiles.
List<Guid> profileIds = new List<Guid>();
// Build query to obtain the field security profiles.
QueryExpression qe = new QueryExpression()
{
EntityName = FieldSecurityProfile.EntityLogicalName,
ColumnSet = new ColumnSet("fieldsecurityprofileid"),
LinkEntities =
{
new LinkEntity
{
LinkFromEntityName = FieldSecurityProfile.EntityLogicalName,
LinkToEntityName = SystemUser.EntityLogicalName,
LinkCriteria =
{
Conditions =
{
new ConditionExpression("systemuserid", ConditionOperator.Equal, _userId)
}
}
}
}
};
// Execute the query and obtain the results.
RetrieveMultipleRequest rmRequest = new RetrieveMultipleRequest()
{
Query = qe
};
EntityCollection bec = ((RetrieveMultipleResponse)_serviceProxy.Execute(
rmRequest)).EntityCollection;
// Extract profiles from query result.
foreach (FieldSecurityProfile profileEnt in bec.Entities)
{
profileIds.Add(profileEnt.FieldSecurityProfileId.Value);
}
Console.Write("Profiles Retrieved, ");
// Retrieve attribute permissions of a FieldSecurityProfile.
DataCollection<Entity> dc;
// Retrieve the attributes.
QueryByAttribute qba = new QueryByAttribute(FieldPermission.EntityLogicalName);
qba.AddAttributeValue("fieldsecurityprofileid", _profileId);
qba.ColumnSet = new ColumnSet("attributelogicalname");
dc = _serviceProxy.RetrieveMultiple(qba).Entities;
Console.Write("Attributes Retrieved. ");
DeleteRequiredRecords(promptforDelete);
}
//</snippetRetrieveSecuredFieldsForAUser1>
}
// Catch any service fault exceptions that Microsoft Dynamics CRM throws.
catch (FaultException<Microsoft.Xrm.Sdk.OrganizationServiceFault>)
{
// You can handle an exception here or pass it back to the calling method.
throw;
}
}
/// <summary>
/// This method creates any entity records that this sample requires.
/// Creates a team and a role.
/// </summary>
public void CreateRequiredRecords()
{
// Retrieve the default business unit needed to create the team and role.
QueryExpression query = new QueryExpression
{
EntityName = BusinessUnit.EntityLogicalName,
ColumnSet = new ColumnSet("businessunitid"),
Criteria =
{
Conditions =
{
new ConditionExpression("parentbusinessunitid",
ConditionOperator.Null)
}
}
};
BusinessUnit defaultBusinessUnit = _service.RetrieveMultiple(query)
.Entities.Cast<BusinessUnit>().FirstOrDefault();
// Instantiate a team entity record and set its property values.
// See the Entity Metadata topic in the SDK documentation
// to determine which attributes must be set for each entity.
Team setupTeam = new Team
{
Name = "An Example Team",
BusinessUnitId = new EntityReference(BusinessUnit.EntityLogicalName,
defaultBusinessUnit.Id)
};
// Create a team record.
_teamId = _service.Create(setupTeam);
Console.WriteLine("Created team '{0}'", setupTeam.Name);
// Instantiate a role entity record and set its property values.
// See the Entity Metadata topic in the SDK documentation
// to determine which attributes must be set for each entity.
Role setupRole = new Role
{
Name = _roleName,
BusinessUnitId = new EntityReference(BusinessUnit.EntityLogicalName,
defaultBusinessUnit.Id)
};
// Create the role record.
_roleId = _service.Create(setupRole);
Console.WriteLine("Created role '{0}'", setupRole.Name);
// Define an array listing the privileges that we want to add to the role
String[] privilegesToAdd = new string[] { "prvReadContact",
"prvCreateContact", "prvReadAccount", "prvCreateAccount" };
// Query for the privileges we want to add to the role
QueryExpression queryPrivileges = new QueryExpression
{
EntityName = Privilege.EntityLogicalName,
ColumnSet = new ColumnSet("privilegeid", "name"),
Criteria = new FilterExpression()
};
queryPrivileges.Criteria.AddCondition("name", ConditionOperator.In,
privilegesToAdd);
DataCollection<Entity> returnedPrivileges = _service.RetrieveMultiple(
queryPrivileges).Entities;
Console.WriteLine("Retrieved privileges to add to role");
// Define a list to hold the RolePrivileges we'll need to add
List<RolePrivilege> rolePrivileges = new List<RolePrivilege>();
foreach (Privilege privilege in returnedPrivileges)
{
RolePrivilege rolePrivilege = new RolePrivilege(
(int)PrivilegeDepth.Local, privilege.PrivilegeId.Value);
rolePrivileges.Add(rolePrivilege);
}
// Add the retrieved privileges to the example role.
AddPrivilegesRoleRequest addPrivilegesRequest = new AddPrivilegesRoleRequest
{
RoleId = _roleId,
Privileges = rolePrivileges.ToArray()
};
_service.Execute(addPrivilegesRequest);
Console.WriteLine("Added privileges to role");
}
/// <summary>
/// This method creates any entity records that this sample requires.
/// Create a queue record.
/// Create a team record.
/// Create a role and add queue privileges.
/// Assign role to team.
/// </summary>
public void CreateRequiredRecords()
{
var QueueViewType = new
{
Public = 0,
Private = 1
};
// Create a queue instance and set its property values.
Queue newQueue = new Queue
{
Name = "Example Queue",
Description = "This is an example queue.",
QueueViewType = new OptionSetValue(QueueViewType.Private)
};
// Create a new queue and store its returned GUID in a variable for later use.
_queueId = _serviceProxy.Create(newQueue);
Console.WriteLine("Created {0}", newQueue.Name);
// Retrieve the default business unit for the creation of the team and role.
QueryExpression queryDefaultBusinessUnit = new QueryExpression
{
EntityName = BusinessUnit.EntityLogicalName,
ColumnSet = new ColumnSet("businessunitid"),
Criteria = new FilterExpression
{
Conditions =
{
new ConditionExpression
{
AttributeName = "parentbusinessunitid",
Operator = ConditionOperator.Null
}
}
}
};
BusinessUnit defaultBusinessUnit =
(BusinessUnit)_serviceProxy.RetrieveMultiple(
queryDefaultBusinessUnit).Entities[0];
// Create a new example team.
Team setupTeam = new Team
{
Name = "Example Team",
BusinessUnitId = new EntityReference(BusinessUnit.EntityLogicalName,
defaultBusinessUnit.BusinessUnitId.Value)
};
_teamId = _serviceProxy.Create(setupTeam);
Console.WriteLine("Created {0}", setupTeam.Name);
// Create a new example role.
Role setupRole = new Role
{
Name = "Example Role",
BusinessUnitId = new EntityReference(BusinessUnit.EntityLogicalName,
defaultBusinessUnit.BusinessUnitId.Value)
};
_roleId = _serviceProxy.Create(setupRole);
Console.WriteLine("Created {0}", setupRole.Name);
// Retrieve the prvReadQueue and prvAppendToQueue privileges.
QueryExpression queryQueuePrivileges = new QueryExpression
{
EntityName = Privilege.EntityLogicalName,
ColumnSet = new ColumnSet("privilegeid", "name"),
Criteria = new FilterExpression
{
Conditions =
{
new ConditionExpression
{
AttributeName = "name",
Operator = ConditionOperator.In,
Values = { "prvReadQueue", "prvAppendToQueue" }
}
}
}
};
DataCollection<Entity> retrievedQueuePrivileges =
_serviceProxy.RetrieveMultiple(queryQueuePrivileges).Entities;
Console.WriteLine("Retrieved prvReadQueue and prvAppendToQueue privileges.");
// Define a list to hold the RolePrivileges we'll need to add
List<RolePrivilege> rolePrivileges = new List<RolePrivilege>();
foreach (Privilege privilege in retrievedQueuePrivileges)
{
RolePrivilege rolePrivilege = new RolePrivilege(
(int)PrivilegeDepth.Local, privilege.PrivilegeId.Value);
rolePrivileges.Add(rolePrivilege);
}
// Add the prvReadQueue and prvAppendToQueue privileges to the example role.
AddPrivilegesRoleRequest addPrivilegesRequest = new AddPrivilegesRoleRequest
{
RoleId = _roleId,
Privileges = rolePrivileges.ToArray()
};
_serviceProxy.Execute(addPrivilegesRequest);
Console.WriteLine("Retrieved privileges are added to {0}.", setupRole.Name);
// Add the example role to the example team.
_serviceProxy.Associate(
Team.EntityLogicalName,
_teamId,
new Relationship("teamroles_association"),
new EntityReferenceCollection() { new EntityReference(Role.EntityLogicalName, _roleId) });
// It takes some time for the privileges to propogate to the team.
// Verify this is complete before continuing.
bool teamLacksPrivilege = true;
while (teamLacksPrivilege)
{
RetrieveTeamPrivilegesRequest retrieveTeamPrivilegesRequest =
new RetrieveTeamPrivilegesRequest
{
TeamId = _teamId
};
RetrieveTeamPrivilegesResponse retrieveTeamPrivilegesResponse =
(RetrieveTeamPrivilegesResponse)_serviceProxy.Execute(
retrieveTeamPrivilegesRequest);
if (retrieveTeamPrivilegesResponse.RolePrivileges.Any(
rp => rp.PrivilegeId == rolePrivileges[0].PrivilegeId) &&
retrieveTeamPrivilegesResponse.RolePrivileges.Any(
rp => rp.PrivilegeId == rolePrivileges[1].PrivilegeId))
{
teamLacksPrivilege = false;
}
else
{
Thread.Sleep(1000);
}
}
Console.WriteLine("{0} has been added to {1}",
setupRole.Name, setupTeam.Name);
return;
}
public void AddPrivilegeToRole(List<RolePrivilege> privileges, PrivilegeAction pAction)
{
var itemToUpdate = privileges.FirstOrDefault(rp => rp.PrivilegeId == pAction.PrivilegeId);
if (itemToUpdate != null)
{
itemToUpdate.Depth = GetDepthFromLevel(pAction.Level);
}
else
{
itemToUpdate = new RolePrivilege
{
PrivilegeId = pAction.PrivilegeId,
Depth = GetDepthFromLevel(pAction.Level)
};
privileges.Add(itemToUpdate);
}
}
public RolePrivilegeViewModel(RolePrivilege rolePrivilege)
{
mRolePrivilege = rolePrivilege;
}
private void RenderPrivileges(SecurityObject secObject, RadTabItem tabItem)
{
int rowHeight = 20;
int rowIndex = 0;
tabItem.Style = (Style)Application.Current.Resources["InnerTabItem"];
ScrollViewer sv = new ScrollViewer();
sv.VerticalScrollBarVisibility = ScrollBarVisibility.Auto;
sv.HorizontalScrollBarVisibility = ScrollBarVisibility.Hidden;
//sv.Margin = new Thickness(3);
sv.Background = (SolidColorBrush)Application.Current.Resources["PanelDarkBackground"];
sv.BorderBrush = (SolidColorBrush)Application.Current.Resources["PanelDarkBackground"];
Grid grid = new Grid();
grid.Background = (SolidColorBrush)Application.Current.Resources["PanelDarkBackground"];
sv.Content = grid;
tabItem.Content = sv;
foreach (var privilege in mPrivileges)
{
grid.RowDefinitions.Add(new RowDefinition() { Height = new GridLength(rowHeight) });
CheckBox checkBox = new CheckBox();
grid.Children.Add(checkBox);
checkBox.Content = privilege.Name;
Grid.SetRow(checkBox, rowIndex);
Grid.SetColumn(checkBox, 0);
rowIndex++;
RolePrivilegeViewModel rolePrivilegeViewModel;
//Check set privileges
var rolePrivilege = mRole.RolePrivileges.FirstOrDefault(x => x.SecObjectId == secObject.Id && x.PrivilegeId == privilege.Id);
if (rolePrivilege != null)
{
rolePrivilegeViewModel = new RolePrivilegeViewModel(rolePrivilege);
rolePrivilegeViewModel.HasAccess = true;
}
else
{
rolePrivilege = new RolePrivilege();
rolePrivilege.RoleId = mRoleId;
rolePrivilege.SecObjectId = secObject.Id;
rolePrivilege.PrivilegeId = privilege.Id;
rolePrivilegeViewModel = new RolePrivilegeViewModel(rolePrivilege);
rolePrivilegeViewModel.HasAccess = false;
}
mRolePrivilegesViewModel.Add(rolePrivilegeViewModel);
//Bind
System.Windows.Data.Binding checkBoxBinding = new System.Windows.Data.Binding("HasAccess");
checkBoxBinding.Mode = System.Windows.Data.BindingMode.TwoWay;
checkBoxBinding.Source = rolePrivilegeViewModel;
checkBox.SetBinding(CheckBox.IsCheckedProperty, checkBoxBinding);
}
}
