コード例 #1
0
ファイル: AclEditor.cs プロジェクト: kimduquan/DMIS
        private SnAccessControlEntry CreateEntry(int principalId, bool propagates)
        {
            var entry = SnAccessControlEntry.CreateEmpty(principalId, propagates); //TODO: CreateEmpty(principal);
            var list  = acl.Entries.ToList();

            list.Add(entry);
            acl.Entries = list;
            return(entry);
        }
コード例 #2
0
ファイル: AclEditor.cs プロジェクト: kimduquan/DMIS
        internal void AddEntry(SnAccessControlEntry entry)
        {
            var  newEntry = CreateEntry(entry.Identity.NodeId, entry.Propagates);
            uint allowBits, denyBits;

            entry.GetPermissionBits(out allowBits, out denyBits);
            PermissionBits.SetBits(ref allowBits, ref denyBits);
            newEntry.SetPermissionsBits(allowBits, denyBits);
            var list = acl.Entries.ToList();

            list.Add(newEntry);
            acl.Entries = list.ToArray();
        }
コード例 #3
0
        internal SnAccessControlList BuildAcl(SnAccessControlList acl)
        {
            //var principals = GetEffectedPrincipals();
            var aces          = new Dictionary <int, SnAccessControlEntry>();
            var localOnlyAces = new List <SnAccessControlEntry>();

            if (this.Path == acl.Path)
            {
                foreach (var permSet in this.PermissionSets)
                {
                    if (permSet.Propagates)
                    {
                        continue;
                    }

                    var princ = permSet.PrincipalId;
                    SnAccessControlEntry ace;

                    ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
                    localOnlyAces.Add(ace);

                    // get permissions and paths
                    int mask = 1;
                    for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
                    {
                        var permission = ace.Permissions.ElementAt(i);
                        if ((permSet.DenyBits & mask) != 0)
                        {
                            permission.Deny     = true;
                            permission.DenyFrom = null;
                        }
                        var allow = (permSet.AllowBits & mask) != 0;
                        if ((permSet.AllowBits & mask) != 0)
                        {
                            permission.Allow     = true;
                            permission.AllowFrom = null;
                        }
                        mask = mask << 1;
                    }
                }
            }
            for (var permInfo = this; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null)
            {
                foreach (var permSet in permInfo.PermissionSets)
                {
                    if (!permSet.Propagates)
                    {
                        continue;
                    }

                    var localEntry = acl.Path == permInfo.Path;
                    // get ace by princ
                    var princ = permSet.PrincipalId;
                    SnAccessControlEntry ace;
                    if (!aces.TryGetValue(princ, out ace))
                    {
                        ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
                        aces.Add(princ, ace);
                    }

                    // get permissions and paths
                    int mask = 1;
                    for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
                    {
                        var permission = ace.Permissions.ElementAt(i);
                        if (!permission.Deny)
                        {
                            if ((permSet.DenyBits & mask) != 0)
                            {
                                permission.Deny     = true;
                                permission.DenyFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, true);
                            }
                        }
                        if (!permission.Allow)
                        {
                            var allow = (permSet.AllowBits & mask) != 0;
                            if ((permSet.AllowBits & mask) != 0)
                            {
                                permission.Allow     = true;
                                permission.AllowFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, false);
                            }
                        }
                        mask = mask << 1;
                    }
                }
            }

            acl.Inherits = acl.Path == this.Path ? this.Inherits : true;
            localOnlyAces.AddRange(aces.Values);
            acl.Entries = localOnlyAces.ToArray();
            return(acl);
        }
コード例 #4
0
ファイル: AclEditor.cs プロジェクト: kimduquan/DMIS
 private void RemoveEntry(SnAccessControlEntry entry)
 {
     acl.Entries = acl.Entries.Except(new SnAccessControlEntry[] { entry }).ToList();
 }
コード例 #5
0
ファイル: AclEditor.cs プロジェクト: kimduquan/DMIS
 private SnPermission GetSnPerm(SnAccessControlEntry entry, PermissionType permType)
 {
     return(entry.Permissions.Where(p => p.Name == permType.Name).First());
 }