|
private GetGroupsPermissionLevel ( |
||
| glGroup | ||
| return | GlymaPermissionLevel | |
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="securableObject">An object that contains the Parent and Object ID's
/// SecurableParentUid: The ID of the securable parent (Guid.Empty for projects),
/// SecurableObjectUid: The ID of the securable object (root map UID or project UID if securing a project)</param>
/// <param name="checkProjectsChildren">If this is true when checking the access to a Project if there are any root maps under that project the user
/// has access to it returns true for the project as well (only true for when working out the filtered lists)</param>
/// <returns>True if the user belongs to a group that has access to the securable object</returns>
internal GetCurrentUserAccessToObjectResponse GetCurrentUserAccessToObject(GlymaSecurableObject securableObject, bool checkProjectsChildren = false)
{
GetCurrentUserAccessToObjectResponse result = new GetCurrentUserAccessToObjectResponse()
{
HasError = false,
HasAccess = false,
HighestPermissionLevel = GlymaPermissionLevel.None
};
try
{
using (SPSite site = new SPSite(Context.WebUrl))
{
using (SPWeb currentWeb = site.OpenWeb())
{
IGlymaPermission highestPermissionLevel = this.GetHighestPermissionLevel();
if (highestPermissionLevel.PermissionLevel == GlymaPermissionLevel.None)
{
result.HasAccess = false;
result.HighestPermissionLevel = GlymaPermissionLevel.None;
return(result); //an error occured so assume there is no access to the object
}
else
{
if (highestPermissionLevel.PermissionLevel == GlymaPermissionLevel.GlymaSecurityManager)
{
//The Glyma Security Manager permission exists for this user, they can access anything
result.HasAccess = true;
result.HighestPermissionLevel = GlymaPermissionLevel.GlymaSecurityManager;
return(result);
}
}
GetAllSecurityGroupsResponse allSPSecurityGroups = Context.GetAllGlymaSecurityGroups();
if (!allSPSecurityGroups.HasError)
{
//GlymaGroupCollection groups = new GlymaGroupCollection(allSPSecurityGroups.Result);
GlymaSecurityGroupCollection groups = new GlymaSecurityGroupCollection(Context, allSPSecurityGroups.Result);
//gets a sorted list of groups highest to lowest permission level
IList <GlymaSecurityGroup> usersGlymaGroups = groups.GetUsersGroups(currentWeb, CurrentSPUser);
SecurableContext securableContext = Context.GetSecurableContext();
//check each glyma group the person has associated with them for access to the maps
foreach (GlymaSecurityGroup glymaGroup in usersGlymaGroups)
{
GlymaSecurityAssociationContext securityAssociation = new GlymaSecurityAssociationContext(Context, glymaGroup, securableObject);
bool response = securityAssociation.HasAssociation(checkProjectsChildren);
if (response)
{
result.HasAccess = response;
result.HighestPermissionLevel = groups.GetGroupsPermissionLevel(glymaGroup);
return(result);
}
}
}
}
}
}
catch (Exception e)
{
result.HasError = true;
result.ErrorMessage = "Failed to read the users current access to the object. " + e.Message;
}
return(result); //if it gets all the way to here it's the default no access response
}
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="securableObject">An object that contains the Parent and Object ID's
/// SecurableParentUid: The ID of the securable parent (Guid.Empty for projects),
/// SecurableObjectUid: The ID of the securable object (root map UID or project UID if securing a project)</param>
/// <param name="checkProjectsChildren">If this is true when checking the access to a Project if there are any root maps under that project the user
/// has access to it returns true for the project as well (only true for when working out the filtered lists)</param>
/// <returns>True if the user belongs to a group that has access to the securable object</returns>
internal GetCurrentUserAccessToObjectResponse GetCurrentUserAccessToObject(GlymaSecurableObject securableObject, bool checkProjectsChildren = false)
{
GetCurrentUserAccessToObjectResponse result = new GetCurrentUserAccessToObjectResponse() {
HasError = false,
HasAccess = false,
HighestPermissionLevel = GlymaPermissionLevel.None
};
try
{
using (SPSite site = new SPSite(Context.WebUrl))
{
using (SPWeb currentWeb = site.OpenWeb())
{
IGlymaPermission highestPermissionLevel = this.GetHighestPermissionLevel();
if (highestPermissionLevel.PermissionLevel == GlymaPermissionLevel.None)
{
result.HasAccess = false;
result.HighestPermissionLevel = GlymaPermissionLevel.None;
return result; //an error occured so assume there is no access to the object
}
else
{
if (highestPermissionLevel.PermissionLevel == GlymaPermissionLevel.GlymaSecurityManager)
{
//The Glyma Security Manager permission exists for this user, they can access anything
result.HasAccess = true;
result.HighestPermissionLevel = GlymaPermissionLevel.GlymaSecurityManager;
return result;
}
}
GetAllSecurityGroupsResponse allSPSecurityGroups = Context.GetAllGlymaSecurityGroups();
if (!allSPSecurityGroups.HasError)
{
//GlymaGroupCollection groups = new GlymaGroupCollection(allSPSecurityGroups.Result);
GlymaSecurityGroupCollection groups = new GlymaSecurityGroupCollection(Context, allSPSecurityGroups.Result);
//gets a sorted list of groups highest to lowest permission level
IList<GlymaSecurityGroup> usersGlymaGroups = groups.GetUsersGroups(currentWeb, CurrentSPUser);
SecurableContext securableContext = Context.GetSecurableContext();
//check each glyma group the person has associated with them for access to the maps
foreach (GlymaSecurityGroup glymaGroup in usersGlymaGroups)
{
GlymaSecurityAssociationContext securityAssociation = new GlymaSecurityAssociationContext(Context, glymaGroup, securableObject);
bool response = securityAssociation.HasAssociation(checkProjectsChildren);
if (response)
{
result.HasAccess = response;
result.HighestPermissionLevel = groups.GetGroupsPermissionLevel(glymaGroup);
return result;
}
}
}
}
}
}
catch (Exception e)
{
result.HasError = true;
result.ErrorMessage = "Failed to read the users current access to the object. " + e.Message;
}
return result; //if it gets all the way to here it's the default no access response
}