/// <summary> /// Copies any auths for the original pages and blocks over to the copied pages and blocks. /// </summary> /// <param name="pageGuidDictionary">The dictionary containing the original page guids and the corresponding copied page guids.</param> /// <param name="blockGuidDictionary">The dictionary containing the original block guids and the corresponding copied block guids.</param> /// <param name="rockContext">The rock context.</param> /// <param name="currentPersonAliasId">The current person alias identifier.</param> private void GeneratePageBlockAuths(Dictionary <Guid, Guid> pageGuidDictionary, Dictionary <Guid, Guid> blockGuidDictionary, RockContext rockContext, int?currentPersonAliasId = null) { var authService = new AuthService(rockContext); var pageService = new PageService(rockContext); var blockService = new BlockService(rockContext); var pageGuid = Rock.SystemGuid.EntityType.PAGE.AsGuid(); var blockGuid = Rock.SystemGuid.EntityType.BLOCK.AsGuid(); Dictionary <Guid, int> pageIntDictionary = pageService.Queryable() .Where(p => pageGuidDictionary.Keys.Contains(p.Guid) || pageGuidDictionary.Values.Contains(p.Guid)) .ToDictionary(p => p.Guid, p => p.Id); Dictionary <Guid, int> blockIntDictionary = blockService.Queryable() .Where(p => blockGuidDictionary.Keys.Contains(p.Guid) || blockGuidDictionary.Values.Contains(p.Guid)) .ToDictionary(p => p.Guid, p => p.Id); var pageAuths = authService.Queryable().Where(a => a.EntityType.Guid == pageGuid && pageIntDictionary.Values.Contains(a.EntityId.Value)) .ToList(); var blockAuths = authService.Queryable().Where(a => a.EntityType.Guid == blockGuid && blockIntDictionary.Values.Contains(a.EntityId.Value)) .ToList(); foreach (var pageAuth in pageAuths) { var newPageAuth = pageAuth.Clone(false); newPageAuth.CreatedByPersonAlias = null; newPageAuth.CreatedByPersonAliasId = currentPersonAliasId; newPageAuth.CreatedDateTime = RockDateTime.Now; newPageAuth.ModifiedByPersonAlias = null; newPageAuth.ModifiedByPersonAliasId = currentPersonAliasId; newPageAuth.ModifiedDateTime = RockDateTime.Now; newPageAuth.Id = 0; newPageAuth.Guid = Guid.NewGuid(); newPageAuth.EntityId = pageIntDictionary[pageGuidDictionary[pageIntDictionary.Where(d => d.Value == pageAuth.EntityId.Value).FirstOrDefault().Key]]; authService.Add(newPageAuth); } foreach (var blockAuth in blockAuths) { var newBlockAuth = blockAuth.Clone(false); newBlockAuth.CreatedByPersonAlias = null; newBlockAuth.CreatedByPersonAliasId = currentPersonAliasId; newBlockAuth.CreatedDateTime = RockDateTime.Now; newBlockAuth.ModifiedByPersonAlias = null; newBlockAuth.ModifiedByPersonAliasId = currentPersonAliasId; newBlockAuth.ModifiedDateTime = RockDateTime.Now; newBlockAuth.Id = 0; newBlockAuth.Guid = Guid.NewGuid(); newBlockAuth.EntityId = blockIntDictionary[blockGuidDictionary[blockIntDictionary.Where(d => d.Value == blockAuth.EntityId.Value).FirstOrDefault().Key]]; authService.Add(newBlockAuth); } rockContext.SaveChanges(); }
/// <summary> /// Handles the Delete event of the gGroups control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param> protected void gGroups_Delete( object sender, RowEventArgs e ) { RockTransactionScope.WrapTransaction( () => { GroupService groupService = new GroupService(); AuthService authService = new AuthService(); Group group = groupService.Get( (int)e.RowKeyValue ); if ( group != null ) { string errorMessage; if ( !groupService.CanDelete( group, out errorMessage ) ) { mdGridWarning.Show( errorMessage, ModalAlertType.Information ); return; } bool isSecurityRoleGroup = group.IsSecurityRole; if ( isSecurityRoleGroup ) { foreach ( var auth in authService.Queryable().Where( a => a.GroupId.Equals( group.Id ) ).ToList() ) { authService.Delete( auth, CurrentPersonId ); authService.Save( auth, CurrentPersonId ); } } groupService.Delete( group, CurrentPersonId ); groupService.Save( group, CurrentPersonId ); if ( isSecurityRoleGroup ) { Rock.Security.Authorization.Flush(); Rock.Security.Role.Flush( group.Id ); } } } ); BindGrid(); }
/// <summary> /// Load the static Authorizations object /// </summary> public static void Load() { Authorizations = new Dictionary<int, Dictionary<int, Dictionary<string, List<AuthRule>>>>(); AuthService authService = new AuthService(); foreach ( Auth auth in authService.Queryable(). OrderBy( A => A.EntityTypeId ).ThenBy( A => A.EntityId ).ThenBy( A => A.Action ).ThenBy( A => A.Order ) ) { if ( !Authorizations.ContainsKey( auth.EntityTypeId ) ) Authorizations.Add( auth.EntityTypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() ); Dictionary<int, Dictionary<string, List<AuthRule>>> entityAuths = Authorizations[auth.EntityTypeId]; if ( !entityAuths.ContainsKey( auth.EntityId ?? 0 ) ) entityAuths.Add( auth.EntityId ?? 0, new Dictionary<string, List<AuthRule>>() ); Dictionary<string, List<AuthRule>> instanceAuths = entityAuths[auth.EntityId ?? 0]; if ( !instanceAuths.ContainsKey( auth.Action ) ) instanceAuths.Add( auth.Action, new List<AuthRule>() ); List<AuthRule> actionPermissions = instanceAuths[auth.Action]; actionPermissions.Add( new AuthRule( auth ) ); } }
/// <summary> /// Copies any auths for the original pages and blocks over to the copied pages and blocks. /// </summary> /// <param name="pageGuidDictionary">The dictionary containing the original page guids and the corresponding copied page guids.</param> /// <param name="blockGuidDictionary">The dictionary containing the original block guids and the corresponding copied block guids.</param> /// <param name="rockContext">The rock context.</param> /// <param name="currentPersonAliasId">The current person alias identifier.</param> private void GeneratePageBlockAuths( Dictionary<Guid, Guid> pageGuidDictionary, Dictionary<Guid, Guid> blockGuidDictionary, RockContext rockContext, int? currentPersonAliasId = null ) { var authService = new AuthService( rockContext ); var pageService = new PageService( rockContext ); var blockService = new BlockService( rockContext ); var pageGuid = Rock.SystemGuid.EntityType.PAGE.AsGuid(); var blockGuid = Rock.SystemGuid.EntityType.BLOCK.AsGuid(); Dictionary<Guid, int> pageIntDictionary = pageService.Queryable() .Where( p => pageGuidDictionary.Keys.Contains( p.Guid ) || pageGuidDictionary.Values.Contains( p.Guid ) ) .ToDictionary( p => p.Guid, p => p.Id ); Dictionary<Guid, int> blockIntDictionary = blockService.Queryable() .Where( p => blockGuidDictionary.Keys.Contains( p.Guid ) || blockGuidDictionary.Values.Contains( p.Guid ) ) .ToDictionary( p => p.Guid, p => p.Id ); var pageAuths = authService.Queryable().Where( a => a.EntityType.Guid == pageGuid && pageIntDictionary.Values.Contains( a.EntityId.Value ) ) .ToList(); var blockAuths = authService.Queryable().Where( a => a.EntityType.Guid == blockGuid && blockIntDictionary.Values.Contains( a.EntityId.Value ) ) .ToList(); foreach ( var pageAuth in pageAuths ) { var newPageAuth = pageAuth.Clone( false ); newPageAuth.CreatedByPersonAlias = null; newPageAuth.CreatedByPersonAliasId = currentPersonAliasId; newPageAuth.CreatedDateTime = RockDateTime.Now; newPageAuth.ModifiedByPersonAlias = null; newPageAuth.ModifiedByPersonAliasId = currentPersonAliasId; newPageAuth.ModifiedDateTime = RockDateTime.Now; newPageAuth.Id = 0; newPageAuth.Guid = Guid.NewGuid(); newPageAuth.EntityId = pageIntDictionary[pageGuidDictionary[pageIntDictionary.Where( d => d.Value == pageAuth.EntityId.Value ).FirstOrDefault().Key]]; authService.Add( newPageAuth ); } foreach ( var blockAuth in blockAuths ) { var newBlockAuth = blockAuth.Clone( false ); newBlockAuth.CreatedByPersonAlias = null; newBlockAuth.CreatedByPersonAliasId = currentPersonAliasId; newBlockAuth.CreatedDateTime = RockDateTime.Now; newBlockAuth.ModifiedByPersonAlias = null; newBlockAuth.ModifiedByPersonAliasId = currentPersonAliasId; newBlockAuth.ModifiedDateTime = RockDateTime.Now; newBlockAuth.Id = 0; newBlockAuth.Guid = Guid.NewGuid(); newBlockAuth.EntityId = blockIntDictionary[blockGuidDictionary[blockIntDictionary.Where( d => d.Value == blockAuth.EntityId.Value ).FirstOrDefault().Key]]; authService.Add( newBlockAuth ); } rockContext.SaveChanges(); }
/// <summary> /// Handles the Delete event of the gGroups control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param> protected void gGroups_Delete( object sender, RowEventArgs e ) { var rockContext = new RockContext(); GroupService groupService = new GroupService( rockContext ); AuthService authService = new AuthService( rockContext ); Group group = groupService.Get( e.RowKeyId ); if ( group != null ) { if ( !group.IsAuthorized( Authorization.EDIT, this.CurrentPerson ) ) { mdGridWarning.Show( "You are not authorized to delete this group", ModalAlertType.Information ); return; } string errorMessage; if ( !groupService.CanDelete( group, out errorMessage ) ) { mdGridWarning.Show( errorMessage, ModalAlertType.Information ); return; } bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() ); if ( isSecurityRoleGroup ) { Rock.Security.Role.Flush( group.Id ); foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() ) { authService.Delete( auth ); } } groupService.Delete( group ); rockContext.SaveChanges(); if ( isSecurityRoleGroup ) { Rock.Security.Authorization.Flush(); } } BindGrid(); }
/// <summary> /// Handles the Click event of the btnDelete control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param> protected void btnDelete_Click( object sender, EventArgs e ) { int? parentGroupId = null; RockContext rockContext = new RockContext(); GroupService groupService = new GroupService( rockContext ); AuthService authService = new AuthService( rockContext ); Group group = groupService.Get( int.Parse( hfGroupId.Value ) ); if ( group != null ) { if ( !group.IsAuthorized( Authorization.EDIT, this.CurrentPerson ) ) { mdDeleteWarning.Show( "You are not authorized to delete this group.", ModalAlertType.Information ); return; } parentGroupId = group.ParentGroupId; string errorMessage; if ( !groupService.CanDelete( group, out errorMessage ) ) { mdDeleteWarning.Show( errorMessage, ModalAlertType.Information ); return; } bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() ); if ( isSecurityRoleGroup ) { Rock.Security.Role.Flush( group.Id ); foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() ) { authService.Delete( auth ); } } groupService.Delete( group ); rockContext.SaveChanges(); if ( isSecurityRoleGroup ) { Rock.Security.Authorization.Flush(); } } // reload page, selecting the deleted group's parent var qryParams = new Dictionary<string, string>(); if ( parentGroupId != null ) { qryParams["GroupId"] = parentGroupId.ToString(); } NavigateToPage( RockPage.Guid, qryParams ); }
/// <summary> /// Updates the bulk update security. /// </summary> private static void UpdateBulkUpdateSecurity() { var rockContext = new RockContext(); var authService = new Rock.Model.AuthService(rockContext); var bulkUpdateBlockType = BlockTypeCache.Get(Rock.SystemGuid.BlockType.BULK_UPDATE.AsGuid()); var bulkUpdateBlocks = new BlockService(rockContext).Queryable().Where(a => a.BlockTypeId == bulkUpdateBlockType.Id).ToList(); foreach (var bulkUpdateBlock in bulkUpdateBlocks) { var alreadyUpdated = authService.Queryable().Where(a => (a.Action == "EditConnectionStatus" || a.Action == "EditRecordStatus") && a.EntityTypeId == bulkUpdateBlock.TypeId && a.EntityId == bulkUpdateBlock.Id).Any(); if (alreadyUpdated) { // EditConnectionStatus and/or EditRecordStatus has already been set, so don't copy VIEW auth to it continue; } var groupIdAuthRules = new HashSet <int>(); var personIdAuthRules = new HashSet <int>(); var specialRoleAuthRules = new HashSet <SpecialRole>(); var authRulesToAdd = new List <AuthRule>(); Dictionary <ISecured, List <AuthRule> > parentAuthRulesList = new Dictionary <ISecured, List <AuthRule> >(); ISecured secured = bulkUpdateBlock; while (secured != null) { var entityType = secured.TypeId; List <AuthRule> authRules = Authorization.AuthRules(secured.TypeId, secured.Id, Authorization.VIEW).OrderBy(a => a.Order).ToList(); foreach (var rule in authRules) { if (rule.GroupId.HasValue) { if (!groupIdAuthRules.Contains(rule.GroupId.Value)) { groupIdAuthRules.Add(rule.GroupId.Value); authRulesToAdd.Add(rule); } } else if (rule.PersonId.HasValue) { if (!personIdAuthRules.Contains(rule.PersonId.Value)) { personIdAuthRules.Add(rule.PersonId.Value); authRulesToAdd.Add(rule); } } else if (rule.SpecialRole != SpecialRole.None) { if (!specialRoleAuthRules.Contains(rule.SpecialRole)) { specialRoleAuthRules.Add(rule.SpecialRole); authRulesToAdd.Add(rule); } } } secured = secured.ParentAuthority; } List <Auth> authsToAdd = new List <Auth>(); foreach (var auth in authRulesToAdd) { authsToAdd.Add(AddAuth(bulkUpdateBlock, auth, "EditConnectionStatus")); authsToAdd.Add(AddAuth(bulkUpdateBlock, auth, "EditRecordStatus")); } int authOrder = 0; authsToAdd.ForEach(a => a.Order = authOrder++); authService.AddRange(authsToAdd); Authorization.RefreshAction(bulkUpdateBlock.TypeId, bulkUpdateBlock.Id, "EditConnectionStatus"); Authorization.RefreshAction(bulkUpdateBlock.TypeId, bulkUpdateBlock.Id, "EditRecordStatus"); } rockContext.SaveChanges(); }
/// <summary> /// Handles the Click event of the btnDelete control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param> protected void btnDelete_Click( object sender, EventArgs e ) { int? parentGroupId = null; // NOTE: Very similar code in GroupList.gGroups_Delete RockTransactionScope.WrapTransaction( () => { GroupService groupService = new GroupService(); AuthService authService = new AuthService(); Group group = groupService.Get( int.Parse( hfGroupId.Value ) ); if ( group != null ) { parentGroupId = group.ParentGroupId; string errorMessage; if ( !groupService.CanDelete( group, out errorMessage ) ) { mdDeleteWarning.Show( errorMessage, ModalAlertType.Information ); return; } bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() ); if ( isSecurityRoleGroup ) { Rock.Security.Role.Flush( group.Id ); foreach ( var auth in authService.Queryable().Where( a => a.GroupId.Equals( group.Id ) ).ToList() ) { authService.Delete( auth, CurrentPersonId ); authService.Save( auth, CurrentPersonId ); } } groupService.Delete( group, CurrentPersonId ); groupService.Save( group, CurrentPersonId ); if ( isSecurityRoleGroup ) { Rock.Security.Authorization.Flush(); } } } ); // reload page, selecting the deleted group's parent var qryParams = new Dictionary<string, string>(); if ( parentGroupId != null ) { qryParams["groupId"] = parentGroupId.ToString(); } NavigateToPage( RockPage.Guid, qryParams ); }
/// <summary> /// Handles the Click event of the btnDelete control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param> protected void btnDelete_Click( object sender, EventArgs e ) { int? parentGroupId = null; RockContext rockContext = new RockContext(); GroupService groupService = new GroupService( rockContext ); AuthService authService = new AuthService( rockContext ); Group group = groupService.Get( hfGroupId.Value.AsInteger() ); if ( group != null ) { if ( !group.IsAuthorized( Authorization.EDIT, this.CurrentPerson ) ) { mdDeleteWarning.Show( "You are not authorized to delete this group.", ModalAlertType.Information ); return; } parentGroupId = group.ParentGroupId; string errorMessage; if ( !groupService.CanDelete( group, out errorMessage ) ) { mdDeleteWarning.Show( errorMessage, ModalAlertType.Information ); return; } bool isSecurityRoleGroup = group.IsActive && ( group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() ) ); if ( isSecurityRoleGroup ) { Rock.Security.Role.Flush( group.Id ); foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() ) { authService.Delete( auth ); } } // If group has a non-named schedule, delete the schedule record. if ( group.ScheduleId.HasValue ) { var scheduleService = new ScheduleService( rockContext ); var schedule = scheduleService.Get( group.ScheduleId.Value ); if ( schedule != null && schedule.ScheduleType != ScheduleType.Named ) { // Make sure this is the only group trying to use this schedule. if ( !groupService.Queryable().Where( g => g.ScheduleId == schedule.Id && g.Id != group.Id ).Any() ) { scheduleService.Delete( schedule ); } } } groupService.Delete( group ); rockContext.SaveChanges(); if ( isSecurityRoleGroup ) { Rock.Security.Authorization.Flush(); } } // reload page, selecting the deleted group's parent var qryParams = new Dictionary<string, string>(); if ( parentGroupId != null ) { qryParams["GroupId"] = parentGroupId.ToString(); } qryParams["ExpandedIds"] = PageParameter( "ExpandedIds" ); NavigateToPage( RockPage.Guid, qryParams ); }
/// <summary> /// Handles the Delete event of the gGroups control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param> protected void gGroups_Delete( object sender, RowEventArgs e ) { // NOTE: Very similar code in GroupDetail.btnDelete_Click RockTransactionScope.WrapTransaction( () => { GroupService groupService = new GroupService(); AuthService authService = new AuthService(); Group group = groupService.Get( (int)e.RowKeyValue ); if ( group != null ) { string errorMessage; if ( !groupService.CanDelete( group, out errorMessage ) ) { mdGridWarning.Show( errorMessage, ModalAlertType.Information ); return; } bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() ); if (isSecurityRoleGroup) { Rock.Security.Role.Flush( group.Id ); foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() ) { authService.Delete( auth, CurrentPersonId ); authService.Save( auth, CurrentPersonId ); } } groupService.Delete( group, CurrentPersonId ); groupService.Save( group, CurrentPersonId ); if ( isSecurityRoleGroup ) { Rock.Security.Authorization.Flush(); } } } ); BindGrid(); }