private SnAccessControlEntry CreateEntry(int principalId, bool propagates)
{
var entry = SnAccessControlEntry.CreateEmpty(principalId, propagates); //TODO: CreateEmpty(principal);
var list = acl.Entries.ToList();
list.Add(entry);
acl.Entries = list;
return(entry);
}
internal SnAccessControlList BuildAcl(SnAccessControlList acl)
{
//var principals = GetEffectedPrincipals();
var aces = new Dictionary <int, SnAccessControlEntry>();
var localOnlyAces = new List <SnAccessControlEntry>();
if (this.Path == acl.Path)
{
foreach (var permSet in this.PermissionSets)
{
if (permSet.Propagates)
{
continue;
}
var princ = permSet.PrincipalId;
SnAccessControlEntry ace;
ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
localOnlyAces.Add(ace);
// get permissions and paths
int mask = 1;
for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
{
var permission = ace.Permissions.ElementAt(i);
if ((permSet.DenyBits & mask) != 0)
{
permission.Deny = true;
permission.DenyFrom = null;
}
var allow = (permSet.AllowBits & mask) != 0;
if ((permSet.AllowBits & mask) != 0)
{
permission.Allow = true;
permission.AllowFrom = null;
}
mask = mask << 1;
}
}
}
for (var permInfo = this; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null)
{
foreach (var permSet in permInfo.PermissionSets)
{
if (!permSet.Propagates)
{
continue;
}
var localEntry = acl.Path == permInfo.Path;
// get ace by princ
var princ = permSet.PrincipalId;
SnAccessControlEntry ace;
if (!aces.TryGetValue(princ, out ace))
{
ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
aces.Add(princ, ace);
}
// get permissions and paths
int mask = 1;
for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
{
var permission = ace.Permissions.ElementAt(i);
if (!permission.Deny)
{
if ((permSet.DenyBits & mask) != 0)
{
permission.Deny = true;
permission.DenyFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, true);
}
}
if (!permission.Allow)
{
var allow = (permSet.AllowBits & mask) != 0;
if ((permSet.AllowBits & mask) != 0)
{
permission.Allow = true;
permission.AllowFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, false);
}
}
mask = mask << 1;
}
}
}
acl.Inherits = acl.Path == this.Path ? this.Inherits : true;
localOnlyAces.AddRange(aces.Values);
acl.Entries = localOnlyAces.ToArray();
return(acl);
}