public void GetRoleDetail(List <Privilege> privList, User user, Guid recordId, EntityInfo entity)
{
///Check Team access
///
if (user.Teams == null)
{
user.Teams = GetTeams(user.Id);
}
foreach (var team in user.Teams)
{
var csc = connectionDetail.GetCrmServiceClient();
Dictionary <string, List <string> > ODataHeaders = new Dictionary <string, List <string> >()
{
{ "Accept", new List <string>()
{
"application/json"
} },
{ "OData-MaxVersion", new List <string>()
{
"4.0"
} },
{ "OData-Version", new List <string>()
{
"4.0"
} }
};
if (csc.IsReady)
{
string queryString = $@"teams({team.Id})/Microsoft.Dynamics.CRM.RetrievePrincipalAccessInfo(ObjectId={recordId},EntityName='{entity.LogicalName}')";
HttpResponseMessage respMsg = csc.ExecuteCrmWebRequest(HttpMethod.Get, queryString, string.Empty, ODataHeaders, "application/json");
if (respMsg.IsSuccessStatusCode)
{
PopulateRights(respMsg.Content.ReadAsStringAsync().Result, privList, team.Name, AccessCheck.Team);
}
}
}
/// Check role Access
string privName = string.Join("", privList.Where(prv => prv.HasAccess).Select(prv => "<value>" + prv.PrivilegeType + entity.LogicalName + "</value>"));
var fetchXml = $@"<fetch>
<entity name='privilege' >
<attribute name='accessright' />
<attribute name='name' />
<filter>
<condition attribute='name' operator='in' >{privName}
</condition>
</filter>
<link-entity name='roleprivileges' from='privilegeid' to='privilegeid' >
<attribute name='privilegedepthmask' alias='depth' />
<link-entity name='role' from='parentrootroleid' to='roleid' >
<attribute name='name' alias='roleName'/>
<attribute name='businessunitid' />
<link-entity name='systemuserroles' from='roleid' to='roleid' >
<filter>
<condition attribute='systemuserid' operator='eq' value='{user.Id}' />
</filter>
</link-entity>
</link-entity>
</link-entity>
</entity>
</fetch>";
Guid ownerId = service.Retrieve(entity.LogicalName, recordId, new ColumnSet("ownerid")).GetAttributeValue <EntityReference>("ownerid").Id;
var request = new FetchExpression(fetchXml);
var response = service.RetrieveMultiple(request);
foreach (var priv in response.Entities)
{
privName = priv.GetAttributeValue <string>("name");
Privilege privilege = privList.FirstOrDefault(prv => (prv.PrivilegeType + entity.LogicalName).ToLower() == privName.ToLower());
if (privilege == null)
{
continue;
}
int depth = (int)priv.GetAttributeValue <AliasedValue>("depth").Value;
if (depth == 1 && ownerId != user.Id)
{
}
else
{
privilege.Permissions.Add(new Permission {
PermissionType = PermissionType.UserRole, Name = priv.GetAttributeValue <AliasedValue>("roleName").Value.ToString()
});
}
// if (priv.GetAttributeValue<int>("privilegedepthmask") == 1) privilege.Permissions
}
// throw new NotImplementedException();
}
internal void GetShareDetail(List <Privilege> privList, User user, Guid recordId, EntityInfo entity)
{
// Check POA for Teams
var fetchXml = $@"
<fetch version='1.0' mapping='logical' distinct='true'>
<entity name='principalobjectaccess'>
<attribute name='accessrightsmask' />
<attribute name='inheritedaccessrightsmask' />
<filter type='and'>
<condition attribute='objecttypecode' operator='eq' value='{entity.Metadata.ObjectTypeCode}'/>
</filter>
<filter type='and'>
<condition attribute='objectid' operator='eq' value='{recordId}'/>
</filter>
<filter type='and'>
<condition attribute='principaltypecode' operator='eq' value='9'/>
</filter>
<link-entity name='team' from='teamid' to='principalid'>
<attribute name='name' alias='teamName' />
<attribute name='teamid' alias='teamId'/>
<attribute name='businessunitid' alias='teamBUId'/>
<link-entity name='businessunit' from='businessunitid' to='businessunitid'>
<attribute name='name' alias='teamBUName' />
</link-entity>
<link-entity name='teammembership' from='teamid' to='teamid'>
<filter type='and'>
<condition attribute='systemuserid' operator='eq' value='{user.Id}'/>
</filter>
</link-entity>
</link-entity>
</entity>
</fetch>";
var request = new FetchExpression(fetchXml);
var response = service.RetrieveMultiple(request);
foreach (Entity teamAcc in response.Entities)
{
Permission permission = new Permission();
permission.PermissionType = (teamAcc.GetAttributeValue <int>("accessrightsmask") > 0) ? PermissionType.TeamShared : PermissionType.TeamRelated;
permission.AccessRights = (AccessRights)((permission.PermissionType == PermissionType.TeamShared)
? teamAcc.GetAttributeValue <int>("accessrightsmask")
: teamAcc.GetAttributeValue <int>("inheritedaccessrightsmask"));
permission.Name = teamAcc.GetAttributeValue <AliasedValue>("teamName").Value.ToString();
permission.BUName = teamAcc.GetAttributeValue <AliasedValue>("teamBUName").Value.ToString();
/*
* privSet.Privileges.First(priv => priv.AccessRight = permission.AccessRights)
* if (teamAcc.GetAttributeValue<int>("accessrightsmask") > 0)
* privilege.Permissions.Add(new Permission { AccessRights = teamAcc[""] })
*/
if (permission.PermissionType == PermissionType.TeamRelated)
{
GetRelatedRecord(permission, recordId, (Guid)teamAcc.GetAttributeValue <AliasedValue>("teamId").Value, entity.LogicalName);
}
privList.Where(pv => (pv.AccessRight & permission.AccessRights) == pv.AccessRight).ForEach(pv => pv.Permissions.Add(permission));
}
fetchXml = $@"
<fetch version='1.0' mapping='logical' distinct='true'>
<entity name='principalobjectaccess'>
<attribute name='accessrightsmask' />
<attribute name='inheritedaccessrightsmask' />
<filter type='and'>
<condition attribute='objecttypecode' operator='eq' value='{entity.Metadata.ObjectTypeCode}'/>
</filter>
<filter type='and'>
<condition attribute='objectid' operator='eq' value='{recordId}'/>
<condition attribute='principalid' operator='eq' value='{user.Id}'/>
</filter>
</entity>
</fetch>";
request = new FetchExpression(fetchXml);
response = service.RetrieveMultiple(request);
foreach (Entity userAcc in response.Entities)
{
Permission permission = new Permission();
permission.PermissionType = (userAcc.GetAttributeValue <int>("accessrightsmask") > 0) ? PermissionType.UserShared : PermissionType.UserRelated;
permission.AccessRights = (AccessRights)((permission.PermissionType == PermissionType.UserShared)
? userAcc.GetAttributeValue <int>("accessrightsmask")
: userAcc.GetAttributeValue <int>("inheritedaccessrightsmask"));
permission.Name = "UserShared";
if (permission.PermissionType == PermissionType.UserRelated)
{
GetRelatedRecord(permission, recordId, user.Id, entity.LogicalName);
}
privList.Where(pv => (pv.AccessRight & permission.AccessRights) == pv.AccessRight).ForEach(pv => pv.Permissions.Add(permission));
}
//check roles
}