public ActionResult SetACL(SnAccessControlList acl)
{
var node = Node.LoadNode(acl.Path);
node.Security.SetAcl(acl);
return(null);
}
protected void ButtonRemoveBreak_Click(object sender, EventArgs e)
{
if (this.Acl.Inherits)
{
return;
}
var context = Node.LoadNode(ContextInfo.Path);
if (context == null)
{
return;
}
context.Security.RemoveBreakInheritance();
// refresh local data and gui
this.Acl = SnAccessControlList.GetAcl(context.Id);
this.Isi.RebuildAceVisiblityList(this.Acl);
_customEntryIds = null;
RebuildEntryIdList();
RefreshListView();
RefreshInheritanceControls();
}
protected void ButtonSave_Click(object sender, EventArgs e)
{
try
{
ClearEveryoneDeny();
ValidateAcl();
var context = Node.LoadNode(ContextInfo.Path);
SnAccessControlList.SetAcl(context, this.Acl);
var p = Page as PageBase;
if (p != null)
{
p.Done(false);
}
}
catch (Exception ex)
{
SnLog.WriteException(ex);
// show error
PanelError.Visible = true;
PanelError.Controls.Add(new LiteralControl(ex.Message));
}
}
public static object GetAcl(Content content)
{
if (!content.Security.HasPermission(PermissionType.SeePermissions))
{
throw new AccessDeniedException("Access denied.", content.Path, content.Id, User.Current,
new PermissionTypeBase[] { PermissionType.SeePermissions });
}
var isPublic = content.Security.HasPermission(User.Visitor, PermissionType.Open);
var acl = SnAccessControlList.GetAcl(content.Id);
var entries = acl.Entries
.Where(e => e.Identity.NodeId != Identifiers.SomebodyUserId)
.Select(CreateAce)
.ToList();
var result = new Dictionary <string, object>()
{
{ "id", content.Id },
{ "path", content.Path },
{ "inherits", acl.Inherits },
{ "isPublic", isPublic },
{ "entries", entries }
};
return(result);
}
internal void RebuildAceVisiblityList(SnAccessControlList acl)
{
this.AceVisiblityList.Clear();
foreach (var entry in acl.Entries)
{
this.AceVisiblityList.Add(Guid.NewGuid().ToString().Replace("-", ""), "0");
}
}
internal static Dictionary<string, object>[] GetOverviewAce(Content content, User user)
{
var relatedIdentities = SecurityHandler.GetGroupsWithOwnership(content.Id, user).ToList();
relatedIdentities.Add(user.Id);
var acl = SnAccessControlList.GetAcl(content.Id);
var relatedEntries = acl.Entries.Where(e => relatedIdentities.Contains(e.Identity.NodeId)).ToArray();
return CreateOverviewAce(user, relatedEntries);
}
internal static Dictionary <string, object>[] GetAce(Content content, string identityPath)
{
var acl = SnAccessControlList.GetAcl(content.Id);
var entries =
acl.Entries.Where(
e => string.Compare(e.Identity.Path, identityPath, StringComparison.InvariantCultureIgnoreCase) == 0)
.Select(CreateAce)
.ToArray();
return(entries.Length == 0
? new[] { GetEmptyEntry(identityPath) }
: entries);
}
private static bool HasCustomPermissions(Node node)
{
if (node == null)
{
return(false);
}
if (node.Id == Identifiers.PortalRootId)
{
return(true);
}
var currentSec = node.Security;
var expEntries = currentSec.GetExplicitEntries(EntryType.Normal);
if (expEntries.Count == 0)
{
return(false);
}
if (!SnAccessControlList.GetAcl(node.Id).Inherits)
{
return(true);
}
// We need to do this manual check because after a break + unbreak
// operation the explicit entries still exist on the content!
using (new SystemAccount())
{
var parentSec = node.Parent.Security;
var parentEntries = parentSec.GetEffectiveEntries(EntryType.Normal);
if (expEntries.Count != parentEntries.Count)
{
return(true);
}
foreach (var entry in expEntries)
{
var parentEntry = parentEntries.FirstOrDefault(pe => pe.IdentityId == entry.IdentityId);
if (parentEntry == null || parentEntry.BitsToString().CompareTo(entry.BitsToString()) != 0)
{
return(true);
}
}
}
return(false);
}
internal static object GetAcl(Content content)
{
var acl = SnAccessControlList.GetAcl(content.Id);
var entries = acl.Entries.Select(CreateAce).ToList();
var aclout = new Dictionary <string, object>()
{
{ "id", content.Id },
{ "path", content.Path },
{ "inherits", acl.Inherits },
{ "entries", entries }
};
return(aclout);
}
protected override void OnInit(EventArgs e)
{
Page.RegisterRequiresControlState(this);
base.OnInit(e);
if (!this.Page.IsPostBack)
{
var context = Node.LoadNode(ContextInfo.Path);
Acl = SnAccessControlList.GetAcl(context.Id);
this.Isi.RebuildAceVisiblityList(this.Acl);
}
RebuildEntryIdList();
if (ListViewAcl != null)
{
ListViewAcl.ItemDataBound += ListViewAcl_ItemDataBound;
}
RefreshInheritanceControls();
try
{
if (this.ContextNode.Id == Identifiers.PortalRootId)
{
if (BreakedPermission != null)
{
BreakedPermission.Visible = false;
}
if (ButtonBreak != null)
{
ButtonBreak.Visible = false;
}
}
else
{
// Start the permission tree from this or parent node
//TODO: Consider elevated mode
var currentNode = this.ContextNode.Parent;
while (!HasCustomPermissions(currentNode) && currentNode.Id != Identifiers.PortalRootId)
{
//TODO: Consider elevated mode
currentNode = currentNode.Parent;
}
ParentLink.Text = HttpUtility.HtmlEncode(ContentRepository.Content.Create(currentNode).DisplayName);
ParentLink.NavigateUrl = ActionFramework.GetActionUrl(currentNode.Path, "SetPermissions",
PortalContext.Current.BackUrl);
}
}
catch (Exception)
{
// there is a node in the tree where we can't see the permission settings
if (InheritedPermission != null)
{
InheritedPermission.Visible = false;
}
}
if (PanelError != null)
{
PanelError.Visible = false;
PanelError.Controls.Clear();
}
RefreshListView();
RefreshAddEntryPanel();
}
