private SnAccessControlEntry CreateEntry(int principalId, bool propagates) { var entry = SnAccessControlEntry.CreateEmpty(principalId, propagates); //TODO: CreateEmpty(principal); var list = acl.Entries.ToList(); list.Add(entry); acl.Entries = list; return(entry); }
internal void AddEntry(SnAccessControlEntry entry) { var newEntry = CreateEntry(entry.Identity.NodeId, entry.Propagates); uint allowBits, denyBits; entry.GetPermissionBits(out allowBits, out denyBits); PermissionBits.SetBits(ref allowBits, ref denyBits); newEntry.SetPermissionsBits(allowBits, denyBits); var list = acl.Entries.ToList(); list.Add(newEntry); acl.Entries = list.ToArray(); }
internal SnAccessControlList BuildAcl(SnAccessControlList acl) { //var principals = GetEffectedPrincipals(); var aces = new Dictionary <int, SnAccessControlEntry>(); var localOnlyAces = new List <SnAccessControlEntry>(); if (this.Path == acl.Path) { foreach (var permSet in this.PermissionSets) { if (permSet.Propagates) { continue; } var princ = permSet.PrincipalId; SnAccessControlEntry ace; ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates); localOnlyAces.Add(ace); // get permissions and paths int mask = 1; for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++) { var permission = ace.Permissions.ElementAt(i); if ((permSet.DenyBits & mask) != 0) { permission.Deny = true; permission.DenyFrom = null; } var allow = (permSet.AllowBits & mask) != 0; if ((permSet.AllowBits & mask) != 0) { permission.Allow = true; permission.AllowFrom = null; } mask = mask << 1; } } } for (var permInfo = this; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null) { foreach (var permSet in permInfo.PermissionSets) { if (!permSet.Propagates) { continue; } var localEntry = acl.Path == permInfo.Path; // get ace by princ var princ = permSet.PrincipalId; SnAccessControlEntry ace; if (!aces.TryGetValue(princ, out ace)) { ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates); aces.Add(princ, ace); } // get permissions and paths int mask = 1; for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++) { var permission = ace.Permissions.ElementAt(i); if (!permission.Deny) { if ((permSet.DenyBits & mask) != 0) { permission.Deny = true; permission.DenyFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, true); } } if (!permission.Allow) { var allow = (permSet.AllowBits & mask) != 0; if ((permSet.AllowBits & mask) != 0) { permission.Allow = true; permission.AllowFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, false); } } mask = mask << 1; } } } acl.Inherits = acl.Path == this.Path ? this.Inherits : true; localOnlyAces.AddRange(aces.Values); acl.Entries = localOnlyAces.ToArray(); return(acl); }
private void RemoveEntry(SnAccessControlEntry entry) { acl.Entries = acl.Entries.Except(new SnAccessControlEntry[] { entry }).ToList(); }
private SnPermission GetSnPerm(SnAccessControlEntry entry, PermissionType permType) { return(entry.Permissions.Where(p => p.Name == permType.Name).First()); }