public static bool IsParentTypeForTree(QPModelDataContext context, string customerCode, int languageId, string entityTypeCode) { var entities = GetEntityTypes(context, customerCode, languageId); var id = entities.Single(n => n.Code == entityTypeCode).Id; return(entities.Any(n => n.ParentId == id && !n.Disabled)); }
public static int GetEntityAccessLevel(DbConnection sqlConnection, QPModelDataContext context, int userId, int groupId, string entityTypeCode, int entityId) { var actualEntityTypeCode = GetActualEntityTypeCode(entityTypeCode); if (!IsSecurityDefined(actualEntityTypeCode) || entityId == 0 || IsAdmin(sqlConnection, userId, groupId)) { return(PermissionLevel.FullAccess); } var predefinedLevel = GetPredefinedLevel(sqlConnection, context, userId, groupId, entityId, actualEntityTypeCode); if (predefinedLevel.HasValue) { return(predefinedLevel.Value); } var result = GetPermissionLevel(sqlConnection, entityId, userId, groupId, actualEntityTypeCode); if (!result.HasValue && actualEntityTypeCode == EntityTypeCode.OldSiteFolder) { return(GetFolderAccessLevel(sqlConnection, context, userId, groupId, actualEntityTypeCode, entityId)); } return(result ?? PermissionLevel.Deny); }
private static int?GetPredefinedLevel(DbConnection sqlConnection, QPModelDataContext context, int userId, int groupId, int entityId, string actualEntityTypeCode) { int?predefinedLevel = null; switch (actualEntityTypeCode) { case EntityTypeCode.Content: { predefinedLevel = GetPredefinedContentLevel(sqlConnection, context, userId, groupId, entityId); break; } case EntityTypeCode.ContentFolder: { predefinedLevel = GetPredefinedContentFolderLevel(sqlConnection, context, userId, groupId, entityId); break; } case EntityTypeCode.OldArticle: { predefinedLevel = GetPredefinedArticleLevel(sqlConnection, context, userId, groupId, entityId); break; } } return(predefinedLevel); }
public static string GetActionPermissionsAsQuery(QPModelDataContext context, decimal userId) { var databaseType = DatabaseTypeHelper.ResolveDatabaseType(context); var actionSecQuery = GetPermittedItemsAsQuery(context, userId, startLevel: 0, endLevel: 100, entityTypeName: "BACKEND_ACTION" ); var entitySecQuery = GetEntityPermissionAsQuery(context, userId); var query = $@" select AP.BACKEND_ACTION_ID, COALESCE(AP.PERMISSION_LEVEL, EP.PERMISSION_LEVEL, 0) AS PERMISSION_LEVEL from (select L.PERMISSION_LEVEL AS PERMISSION_LEVEL, T.ID AS BACKEND_ACTION_ID, T.ENTITY_TYPE_ID FROM ({actionSecQuery}) P1 LEFT JOIN backend_action_access_permlevel P2 ON P1.BACKEND_ACTION_ID = P2.BACKEND_ACTION_ID and P1.permission_level = p2.permission_level and P2.{SqlQuerySyntaxHelper.EscapeEntityName(databaseType, "USER_ID")} = {userId} RIGHT JOIN BACKEND_ACTION T ON P1.BACKEND_ACTION_ID = T.ID LEFT join PERMISSION_LEVEL L ON P1.PERMISSION_LEVEL = L.PERMISSION_LEVEL ) AP JOIN ({entitySecQuery}) EP ON AP.ENTITY_TYPE_ID = EP.ENTITY_TYPE_ID "; return(query); }
private static int GetFolderAccessLevel(DbConnection sqlConnection, QPModelDataContext context, int userId, int groupId, string entityTypeCode, int entityId) { var folder = context.SiteFolderSet.Single(n => n.Id == entityId); return(folder.ParentId.HasValue ? GetEntityAccessLevel(sqlConnection, context, userId, groupId, entityTypeCode, (int)folder.ParentId.Value) : GetEntityAccessLevel(sqlConnection, context, userId, groupId, EntityTypeCode.Site, (int)folder.SiteId)); }
private static List <EntityTypeDAL> LoadEntityTypes(QPModelDataContext context) { return(context.EntityTypeSet .Include(x => x.Parent) .Include(x => x.CancelAction) .Include(x => x.DefaultAction) .Include(x => x.ContextMenu) .ToList()); }
private static List <decimal> GetParentGroupIds(QPModelDataContext context, ICollection <decimal> childGroups) { return(context .UserGroupSet .Where(x => childGroups.Contains(x.Id)) .Include(x => x.ParentGroupToGroupBinds) .SelectMany(x => x.ParentGroupToGroupBinds) .Select(x => x.ParentGroupId) .Distinct() .ToList()); }
private static int?GetPredefinedArticleLevel(DbConnection sqlConnection, QPModelDataContext context, int userId, int groupId, int entityId) { int?resultLevel = null; var contentId = context.ArticleSet.Include(n => n.Content) .Where(n => n.Id == entityId && n.Content.AllowItemsPermission == 0) .Select(n => n.ContentId).SingleOrDefault(); if (contentId != 0) { resultLevel = GetEntityAccessLevel(sqlConnection, context, userId, groupId, EntityTypeCode.Content, (int)contentId); } return(resultLevel); }
public static DatabaseType ResolveDatabaseType(QPModelDataContext context) { switch (context) { case SqlServerQPModelDataContext _: return(DatabaseType.SqlServer); case NpgSqlQPModelDataContext _: return(DatabaseType.Postgres); default: return(DatabaseType.Unknown); } }
public static void CreateComplexIndex(QPModelDataContext ctx, DbConnection cnn, ContentConstraintDAL constraint) { var dbType = GetDbType(cnn); var ids = constraint.Rules.Select(n => n.FieldId).ToArray(); var indexName = $"constraint_{constraint.Id}_ind"; var asyncIndexName = $"constraint_{constraint.Id}_async_ind"; var tableName = "content_" + constraint.ContentId; var asyncTableName = tableName + "_async"; var fields = ctx.FieldSet.Where(n => ids.Contains(n.Id)).OrderBy(n => n.Order) .Select(n => Escape(dbType, n.Name)).ToArray(); var indexTemplate = $"CREATE INDEX {{0}} on {{1}} ({String.Join(",", fields)});"; var sql = String.Format(indexTemplate, indexName, tableName); ExecuteSql(cnn, sql); var asyncSql = String.Format(indexTemplate, asyncIndexName, asyncTableName); ExecuteSql(cnn, asyncSql); }
public static List <EntityTypeDAL> GetEntityTypes(QPModelDataContext context, string customerCode, int userId) { var key = GetKey(customerCode, userId); if (!Cache.TryGetValue(key, out var types)) { lock (Locker) { if (!Cache.TryGetValue(key, out types)) { types = LoadEntityTypes(context); Cache[key] = types; } } } return(types); }
public static string GetEntityPermissionAsQuery(QPModelDataContext context, decimal userId) { var dbType = DatabaseTypeHelper.ResolveDatabaseType(context); var isPostgres = dbType == DatabaseType.Postgres; var entitySecQuery = GetPermittedItemsAsQuery(context, userId, startLevel: 0, endLevel: 100, entityTypeName: "entity_type"); var permissionTable = "entity_type_access_permlevel"; if (isPostgres) { permissionTable = permissionTable.ToSnakeCase(); } return($@" select COALESCE(L.PERMISSION_LEVEL, 0) AS PERMISSION_LEVEL, T.ID AS ENTITY_TYPE_ID, HIDE FROM ({entitySecQuery}) P1 LEFT JOIN {permissionTable} P2 ON P1.entity_type_id = P2.entity_type_id and P1.permission_level = p2.permission_level and P2.USER_ID = {userId} RIGHT JOIN ENTITY_TYPE T ON P1.ENTITY_TYPE_ID = T.ID LEFT join PERMISSION_LEVEL L ON P1.PERMISSION_LEVEL = L.PERMISSION_LEVEL" ); }
public static DataRow GetDefaultArticleRow(QPModelDataContext context, DbConnection connection, int contentId) { var databaseType = DatabaseTypeHelper.ResolveDatabaseType(connection); var sql = "qp_get_default_article"; if (databaseType == DatabaseType.Postgres) { var fields = context.FieldSet.Where(n => n.ContentId == contentId).OrderBy(n => n.Name).ToArray(); var fieldNames = fields.Select(n => n.Name.ToLower()).ToArray(); var fieldNameResults = String.Join(",", fieldNames.Select(n => $@"""{n}"" TEXT")); var fieldSelects = String.Join(",", fields.Select(n => $@"""{n.Name.ToLower()}""::{PgSelectType((int)n.TypeId)}")); sql = $@" SELECT {fieldSelects} FROM crosstab(' select 0::numeric as content_item_id, lower(ca.attribute_name), case when ca.attribute_type_id in (9, 10) then coalesce(ca.default_value, ca.default_blob_value) else qp_correct_data(ca.default_value::text, ca.attribute_type_id, ca.attribute_size, ca.default_value)::text end as value from content_attribute ca inner join content c on ca.content_id = c.content_id where c.content_id = {contentId} order by 1,2 ') AS final_result(content_item_id numeric, {fieldNameResults})" ; } using (var cmd = DbCommandFactory.Create(sql, connection)) { if (databaseType == DatabaseType.Postgres) { cmd.CommandType = CommandType.Text; } else { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@content_id", contentId); } var ds = new DataSet(); DataAdapterFactory.Create(cmd).Fill(ds); return(0 == ds.Tables.Count || 0 == ds.Tables[0].Rows.Count ? null : ds.Tables[0].Rows[0]); } }
private static int?GetPredefinedContentLevel(DbConnection sqlConnection, QPModelDataContext context, int userId, int groupId, int entityId) { int?resultLevel = null; var classifierId = context.FieldSet.Where(n => n.ContentId == entityId) .Where(n => n.ClassifierId != null) .Select(n => n.ClassifierId) .SingleOrDefault(); if (classifierId.HasValue) { var baseContentId = context.FieldSet.Where(n => n.Id == classifierId.Value) .Select(n => n.ContentId) .SingleOrDefault(); if (baseContentId != 0) { resultLevel = GetEntityAccessLevel(sqlConnection, context, userId, groupId, EntityTypeCode.Content, (int)baseContentId); } } return(resultLevel); }
public static IEnumerable <DataRow> GetMenuStatusList( DbConnection sqlConnection, QPModelDataContext efContext, int userId, bool isAdmin, string menuCode, int entityId) { var useSecurity = !isAdmin; var databaseType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); var menuId = efContext.ContextMenuSet.First(x => x.Code == menuCode).Id; string query; if (!useSecurity) { query = $@" SELECT ba.CODE, {SqlQuerySyntaxHelper.ToBoolSql(databaseType, true)} as visible FROM CONTEXT_MENU_ITEM cmi INNER JOIN BACKEND_ACTION ba on ba.ID = cmi.ACTION_ID WHERE cmi.context_menu_id = {menuId} "; } else { var level = GetEntityAccessLevel(sqlConnection, efContext, userId, 0, menuCode, entityId); var secQuery = PermissionHelper.GetActionPermissionsAsQuery(efContext, userId); var least = SqlQuerySyntaxHelper.Least(databaseType, "SEC.PERMISSION_LEVEL", level.ToString()); query = $@" SELECT ba.CODE, CAST(( CASE WHEN {least} >= PL.PERMISSION_LEVEL THEN 1 ELSE 0 END ) AS BIT) as visible FROM CONTEXT_MENU_ITEM cmi INNER JOIN BACKEND_ACTION ba on ba.ID = cmi.ACTION_ID INNER JOIN ACTION_TYPE at on ba.TYPE_ID = at.ID INNER JOIN PERMISSION_LEVEL PL ON PL.PERMISSION_LEVEL_ID = AT.REQUIRED_PERMISSION_LEVEL_ID INNER JOIN ({secQuery}) SEC ON SEC.BACKEND_ACTION_ID = ba.ID WHERE cmi.context_menu_id = {menuId} "; } return(Common.GetDataTableForQuery(sqlConnection, query)); }
public static IEnumerable <DataRow> GetActionStatusList(QPModelDataContext efContext, DbConnection sqlConnection, int userId, string actionCode, int?actionId, int entityId, string entityCode, bool isAdmin) { var useSecurity = !isAdmin; var databaseType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); string query; if (!useSecurity) { query = $@" SELECT ba.CODE, {SqlQuerySyntaxHelper.ToBoolSql(databaseType, true)} as visible FROM ACTION_TOOLBAR_BUTTON atb INNER JOIN BACKEND_ACTION ba on ba.ID = atb.ACTION_ID INNER JOIN ACTION_TYPE at on ba.TYPE_ID = at.ID WHERE atb.PARENT_ACTION_ID = {actionId} AND at.items_affected = 1 "; } else { var level = GetEntityAccessLevel(sqlConnection, efContext, userId, 0, entityCode, entityId); var least = SqlQuerySyntaxHelper.Least(databaseType, "SEC.PERMISSION_LEVEL", level.ToString()); var secQuery = PermissionHelper.GetActionPermissionsAsQuery(efContext, userId); query = $@" SELECT ba.CODE, CAST(( CASE WHEN {least} >= PL.PERMISSION_LEVEL THEN 1 ELSE 0 END ) AS BIT) as visible FROM ACTION_TOOLBAR_BUTTON atb INNER JOIN BACKEND_ACTION ba on ba.ID = atb.ACTION_ID INNER JOIN ACTION_TYPE at on ba.TYPE_ID = at.ID INNER JOIN PERMISSION_LEVEL PL ON PL.PERMISSION_LEVEL_ID = AT.REQUIRED_PERMISSION_LEVEL_ID INNER JOIN ({secQuery}) SEC ON SEC.BACKEND_ACTION_ID = ba.ID WHERE atb.PARENT_ACTION_ID = {actionId} AND at.items_affected = 1 "; } return(Common.GetDataTableForQuery(sqlConnection, query)); }
public static IEnumerable <DataRow> GetChildFoldersList(DbConnection sqlConnection, QPModelDataContext context, bool isAdmin, int userId, int id, bool isSite, int?folderId, int permissionLevel, bool countOnly, out int totalRecords) { totalRecords = -1; var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); var entityTypeName = isSite ? EntityTypeCode.OldSiteFolder : EntityTypeCode.ContentFolder; var parentEntityTypeName = isSite ? EntityTypeCode.Site : EntityTypeCode.Content; var blockFilter = string.Empty; var useSecurity = !isAdmin; int parentLevel; if (entityTypeName == EntityTypeCode.ContentFolder) { useSecurity = false; parentLevel = CommonSecurity.GetEntityAccessLevel(sqlConnection, context, userId, 0, parentEntityTypeName, id); if (parentLevel == 0) { blockFilter += " AND 1 = 0 "; } } else { parentLevel = folderId.HasValue ? CommonSecurity.GetEntityAccessLevel(sqlConnection, context, userId, 0, EntityTypeCode.SiteFolder, folderId.Value) : CommonSecurity.GetEntityAccessLevel(sqlConnection, context, userId, 0, parentEntityTypeName, id); } var securitySql = useSecurity ? PermissionHelper.GetPermittedItemsAsQuery( context, userId, 0, PermissionLevel.Deny, PermissionLevel.FullAccess, entityTypeName, parentEntityTypeName, id ) : string.Empty; var childrenParam = SqlQuerySyntaxHelper.CastToBool(dbType, $@" CASE WHEN ( SELECT COUNT(FOLDER_ID) FROM {entityTypeName} WHERE PARENT_FOLDER_ID = c.FOLDER_ID ) > 0 THEN 1 ELSE 0 END "); var query = $@" SELECT {(countOnly ? "COUNT(c.FOLDER_ID) " : $@" c.FOLDER_ID, c.NAME, c.CREATED, c.MODIFIED, c.LAST_MODIFIED_BY, {childrenParam} AS HAS_CHILDREN, mu.{Escape(dbType, "USER_ID")} as MODIFIER_USER_ID, mu.FIRST_NAME as MODIFIER_FIRST_NAME, mu.LAST_NAME AS MODIFIER_LAST_NAME, mu.EMAIL AS MODIFIER_EMAIL, mu.{Escape(dbType, "LOGIN")} AS MODIFIER_LOGIN {(useSecurity ? $", COALESCE(pi.permission_level, {parentLevel}) as EFFECTIVE_PERMISSION_LEVEL" : string.Empty )} " )} ";
public static IEnumerable <DataRow> GetTreeChildNodes(QPModelDataContext context, DbConnection connection, string entityTypeCode, int?parentEntityId, bool isFolder, bool isGroup, string groupItemCode, int entityId, int userId, bool isAdmin, string customerCode, bool enableContentGrouping) { var query = GetSqlQuery(context, connection, entityTypeCode, parentEntityId, isFolder, isGroup, groupItemCode, entityId, userId, isAdmin, customerCode, enableContentGrouping, false); return(string.IsNullOrWhiteSpace(query) ? Enumerable.Empty <DataRow>() : Common.GetDataRows(connection, query)); }
public static string GetPermittedItemsAsQuery( QPModelDataContext context, decimal userId = 0, decimal groupId = 0, int startLevel = 2, int endLevel = 4, string entityTypeName = "content_item", string parentEntityTypeName = "", decimal parentEntityId = 0) { var dbType = DatabaseTypeHelper.ResolveDatabaseType(context); var isPostgres = dbType == DatabaseType.Postgres; var level = 0; var entityIdField = $"{entityTypeName}_id"; var parentEntityIdField = $"{parentEntityTypeName}_id"; var permissionTable = $"{entityTypeName}_access_permlevel"; var whereParentEntity = ""; if (!string.IsNullOrWhiteSpace(parentEntityTypeName) && parentEntityId != 0) { permissionTable += $"_{parentEntityTypeName}"; whereParentEntity += $" and {parentEntityIdField} = {parentEntityId}"; } if (isPostgres) { permissionTable = permissionTable.ToSnakeCase(); } var hide = entityTypeName.Equals("content", StringComparison.InvariantCultureIgnoreCase) ? isPostgres ? "MIN(hide::int) as hide " : "MIN(CONVERT(int, hide)) as hide " : "0 as hide "; var hint = isPostgres ? string.Empty : " with(nolock) "; var selectUser = $@" select {entityIdField} as id, max(permission_level) as pl, {hide}, 0 as level from {permissionTable} {hint} where user_id = {userId} {whereParentEntity} group by {entityIdField} "; var selectGroup = $@" select {entityIdField} as id, max(permission_level) as pl, {hide}, {{0}} as level from {permissionTable} {hint} where group_id in ({{1}}) {whereParentEntity} group by {entityIdField} "; var defaultSql = $" select {entityIdField}, 0 as permission_level, 0 as hide from {entityTypeName} where 1 = 1 {whereParentEntity}"; var sbSql = new StringBuilder(); var groupsToProcess = new List <decimal>(); var usedGroups = new List <decimal>(); if (userId > 0) { sbSql.Append(selectUser); var user = GetUserPropertiesById(context, userId); groupsToProcess = user?.Groups?.Select(x => x.Id).Distinct().ToList() ?? new List <decimal>(); } else if (groupId > 0) { groupsToProcess.Add(groupId); } while (groupsToProcess.Any()) { level += 1; if (level > 1 || sbSql.Length > 0) { sbSql.Append(" UNION ALL "); } sbSql.AppendFormat(selectGroup, level, string.Join(", ", groupsToProcess)); usedGroups.AddRange(groupsToProcess); var parentGroupIds = GetParentGroupIds(context, groupsToProcess); groupsToProcess = parentGroupIds .Where(x => !groupsToProcess.Contains(x) && !usedGroups.Contains(x)) .ToList(); } if (sbSql.Length == 0) { return(defaultSql); } return ($@"select id as {entityIdField}, pl as permission_level, hide from ( select id, pl, hide, ROW_NUMBER() OVER(PARTITION BY id ORDER BY level) as num from ( {sbSql} ) as united_permissions ) as priority_permissions where priority_permissions.num = 1 and pl between {startLevel} and {endLevel}"); }
public static long GetTreeChildNodesCount(QPModelDataContext context, DbConnection connection, string entityTypeCode, int?parentEntityId, bool isFolder, bool isGroup, string groupItemCode, int entityId, int userId, bool isAdmin, string customerCode, bool enableContentGrouping) { var query = GetSqlQuery(context, connection, entityTypeCode, parentEntityId, isFolder, isGroup, groupItemCode, entityId, userId, isAdmin, customerCode, enableContentGrouping, true); return(string.IsNullOrWhiteSpace(query) ? 0 : Common.ExecuteScalarLong(connection, query)); }
private static UserDAL GetUserPropertiesById(QPModelDataContext context, decimal userId) { return(context.UserSet .Include(x => x.UserGroupBinds).ThenInclude(y => y.UserGroup) .SingleOrDefault(u => u.Id == userId)); }
private static string GetSqlQuery(QPModelDataContext context, DbConnection connection, string entityTypeCode, int?parentEntityId, bool isFolder, bool isGroup, string groupItemCode, int entityId, int userId, bool isAdmin, string customerCode, bool enableContentGrouping, bool countOnly = false) { var entityTypes = EntityTypeCache.GetEntityTypes(context, customerCode, userId); var entityType = entityTypes.FirstOrDefault(x => x.Code.Equals(entityTypeCode, StringComparison.InvariantCultureIgnoreCase)); var parentGroupCode = entityType == null || !enableContentGrouping ? null : entityTypes.FirstOrDefault(x => x.Id == entityType.GroupParentId)?.Code; var realParentId = isGroup ? GetParentEntityId(context, connection, (decimal)parentEntityId, entityTypeCode, customerCode, userId) : parentEntityId; var currentIsGroup = false; string currentGroupItemCode = null; var newEntityTypeCode = entityTypeCode; var newIsFolder = isFolder; if (!string.IsNullOrWhiteSpace(parentGroupCode)) { if (isFolder) { currentGroupItemCode = entityTypeCode; newEntityTypeCode = parentGroupCode; currentIsGroup = true; } } else if (!string.IsNullOrWhiteSpace(groupItemCode)) { if (!isFolder) { newIsFolder = true; newEntityTypeCode = groupItemCode; } } var newEntityType = entityTypes.FirstOrDefault(x => x.Code.Equals(newEntityTypeCode, StringComparison.InvariantCultureIgnoreCase)); var realParentIdStr = realParentId.HasValue ? realParentId.ToString() : "NULL"; var iconField = newEntityType?.IconField ?? "NULL"; var iconModifierField = newEntityType?.IconModifierField ?? "NULL"; var parentIdField = newEntityType?.ParentIdField; string realParentIdField = null; if (isGroup) { realParentIdField = parentIdField; parentIdField = newEntityType?.GroupParentIdField; } var sqlSb = new StringBuilder(); var selectSb = new StringBuilder(); var whereSb = new StringBuilder(); var orderSb = new StringBuilder(); string sql; var databaseType = DatabaseTypeHelper.ResolveDatabaseType(context); var useSecurity = UseSecurity(isAdmin, databaseType); if (newIsFolder || !string.IsNullOrWhiteSpace(newEntityType?.RecurringIdField)) { if (newEntityType?.HasItemNodes ?? false) { var orderColumn = (string.IsNullOrWhiteSpace(newEntityType.OrderField) ? newEntityType.TitleField : newEntityType.OrderField).FixColumnName(databaseType); selectSb.AppendLine($@" {newEntityType.Source}.{newEntityType.IdField} AS id, {newEntityType.TitleField} AS title, {iconField} as icon, {iconModifierField} as icon_modifier, {orderColumn} as sortorder "); whereSb.AppendLine("1 = 1"); if (!string.IsNullOrWhiteSpace(parentIdField) && parentEntityId != 0) { whereSb.AppendLine($" AND {parentIdField} = {parentEntityId}"); } if (!string.IsNullOrWhiteSpace(newEntityType.RecurringIdField)) { whereSb.AppendLine($" AND {newEntityType.RecurringIdField} {(newIsFolder ? " is null" : $" = {parentEntityId}")}"); } if (entityId != 0) { whereSb.AppendLine($" AND {newEntityType.Source}.{newEntityType.IdField} = {entityId}"); } orderSb.AppendLine(orderColumn); } if (string.IsNullOrWhiteSpace(newEntityType.SourceSP)) { if (!string.IsNullOrWhiteSpace(selectSb.ToString()) && !string.IsNullOrWhiteSpace(newEntityType.Source) && !string.IsNullOrWhiteSpace(whereSb.ToString())) { sqlSb.AppendLine($"select {selectSb} from {newEntityType.Source} where {whereSb}"); } } else { decimal?siteId; switch (newEntityType.SourceSP) { case "qp_sites_list": sqlSb.AppendLine(GetSitesListSql(context, selectSb.ToString(), whereSb.ToString(), orderSb.ToString(), false, userId, useSecurity)); break; case "qp_real_content_list": siteId = !string.IsNullOrWhiteSpace(realParentIdField) ? (decimal?)realParentId.Value : parentEntityId; sqlSb.AppendLine(GetContentListSql(context, selectSb.ToString(), whereSb.ToString(), orderSb.ToString(), false, siteId, userId, useSecurity)); break; case "qp_virtual_content_list": siteId = realParentId.HasValue ? (decimal?)realParentId.Value : parentEntityId; sqlSb.AppendLine(GetContentListSql(context, selectSb.ToString(), whereSb.ToString(), orderSb.ToString(), true, siteId, userId, useSecurity)); break; case "qp_site_folder_list": siteId = realParentId.HasValue ? (decimal?)realParentId.Value : parentEntityId; var parentFolderId = newIsFolder ? 0 : parentEntityId.Value; sqlSb.AppendLine(GetSiteFolderList(context, selectSb.ToString(), whereSb.ToString(), orderSb.ToString(), siteId, parentFolderId, userId, useSecurity)); break; } } if (countOnly) { return(string.IsNullOrWhiteSpace(sqlSb.ToString()) ? null : $"SELECT COUNT(ID) FROM ({sqlSb}) as innerSql"); } if (string.IsNullOrWhiteSpace(sqlSb.ToString())) { return(null); } sql = " SELECT\n" + $"{realParentIdStr} as parent_id,\n" + $"{(isGroup ? $"{parentEntityId}" : "NULL")} as parent_group_id,\n" + $"'{newEntityTypeCode}' as code,\n" + $"{SqlQuerySyntaxHelper.ToBoolSql(databaseType, false)} as is_folder,\n" + $"{SqlQuerySyntaxHelper.ToBoolSql(databaseType, currentIsGroup)} as is_group,\n" + $"{(!string.IsNullOrWhiteSpace(currentGroupItemCode) ? $"'{currentGroupItemCode}'" : "NULL")} as group_item_code,\n" + "CASE WHEN i.ICON is not null THEN i.ICON\n" + $"WHEN i.ICON_MODIFIER is not null THEN {SqlQuerySyntaxHelper.ConcatStrValues(databaseType, $"'{newEntityTypeCode}'", SqlQuerySyntaxHelper.CastToString(databaseType, "i.ICON_MODIFIER"), "'.gif'")}\n" + $"ELSE {SqlQuerySyntaxHelper.ConcatStrValues(databaseType, $"'{newEntityTypeCode}'", "'.gif'")} END\n" + "AS icon,\n" + $"{SqlQuerySyntaxHelper.NullableDbValue(databaseType, newEntityType?.DefaultActionId)} AS default_action_id,\n" + $"{SqlQuerySyntaxHelper.NullableDbValue(databaseType, newEntityType?.ContextMenuId)} as context_menu_id,\n" + $"{SqlQuerySyntaxHelper.ToBoolSql(databaseType, !string.IsNullOrWhiteSpace(newEntityType?.RecurringIdField))} as is_recurring,\n" + "i.id,\n" + "i.title,\n" + "i.sortorder\n" + $"FROM ( {sqlSb} ) as i\n"; }
private static int?GetPredefinedContentFolderLevel(DbConnection sqlConnection, QPModelDataContext context, int userId, int groupId, int entityId) { int?resultLevel = null; var contentId = context.ContentFolderSet.Where(n => n.Id == entityId) .Select(n => n.ContentId) .SingleOrDefault(); if (contentId != 0) { resultLevel = GetEntityAccessLevel(sqlConnection, context, userId, groupId, EntityTypeCode.Content, (int)contentId); } return(resultLevel); }
private static DatabaseType GetDbType(QPModelDataContext context) => DatabaseTypeHelper.ResolveDatabaseType(context);