public static SetPermissionForDirectory ( AuthStatus status, IFilesStorageProviderV30 provider, string directory, string action, UserGroup group ) : bool | ||
status | AuthStatus | The authorization status. |
provider | IFilesStorageProviderV30 | The provider that handles the directory. |
directory | string | The directory. |
action | string | The action of which to modify the authorization status. |
group | UserGroup | The group subject of the authorization change. |
return | bool |
/// <summary> /// Adds some ACL entries for a subject. /// </summary> /// <param name="subject">The subject.</param> /// <param name="provider">The provider.</param> /// <param name="directory">The directory.</param> /// <param name="grants">The granted actions.</param> /// <param name="denials">The denies actions.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private bool AddAclEntriesForDirectory(string subject, IFilesStorageProviderV40 provider, string directory, string[] grants, string[] denials) { bool isGroup = subject.StartsWith("G."); subject = subject.Substring(2); UserGroup group = null; UserInfo user = null; if (isGroup) { group = Users.FindUserGroup(currentWiki, subject); } else { user = Users.FindUser(currentWiki, subject); } AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki)); foreach (string action in grants) { bool done = false; if (isGroup) { done = authWriter.SetPermissionForDirectory(AuthStatus.Grant, provider, directory, action, group); } else { done = authWriter.SetPermissionForDirectory(AuthStatus.Grant, provider, directory, action, user); } if (!done) { return(false); } } foreach (string action in denials) { bool done = false; if (isGroup) { done = authWriter.SetPermissionForDirectory(AuthStatus.Deny, provider, directory, action, group); } else { done = authWriter.SetPermissionForDirectory(AuthStatus.Deny, provider, directory, action, user); } if (!done) { return(false); } } return(true); }
/// <summary> /// Sets file management permissions for the users or anonymous users group in the given wiki, importing version 2.0 values. /// </summary> /// <param name="wiki">The wiki.</param> /// <param name="group">The group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private static bool SetupFileManagementPermissions(string wiki, UserGroup group) { bool done = true; AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki)); if (Settings.GetUsersCanViewFiles(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, group); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, group); } } if (Settings.GetUsersCanUploadFiles(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.UploadAttachments, group); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.UploadFiles, group); done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.CreateDirectories, group); } } if (Settings.GetUsersCanDeleteFiles(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DeleteAttachments, group); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteFiles, group); done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteDirectories, group); } } return(done); }
/// <summary> /// Sets file management permissions for the users or anonymous users group, importing version 2.0 values. /// </summary> /// <param name="group">The group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> private static bool SetupFileManagementPermissions(UserGroup group) { bool done = true; if (Settings.UsersCanViewFiles) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, group); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, group); } } if (Settings.UsersCanUploadFiles) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.UploadAttachments, group); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.UploadFiles, group); done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.CreateDirectories, group); } } if (Settings.UsersCanDeleteFiles) { done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DeleteAttachments, group); foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders) { done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteFiles, group); done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteDirectories, group); } } return(done); }
/// <summary> /// Sets the default permissions for the anonymous users group in the given wiki, properly importing version 2.0 values. /// </summary> /// <param name="wiki">The wiki.</param> /// <param name="anonymous">The anonymous users group.</param> /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns> public static bool SetAnonymousGroupDefaultPermissions(string wiki, UserGroup anonymous) { bool done = true; AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki)); // Properly import Private/Public Mode wiki if (Settings.GetPrivateAccess(wiki)) { // Nothing to do, because without any explicit grant, Anonymous users cannot do anything } else if (Settings.GetPublicAccess(wiki)) { // Public access, allow modification and propagate file management permissions if they were allowed for anonymous users done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, anonymous); done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, anonymous); if (Settings.GetUsersCanCreateNewPages(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, anonymous); } if (Settings.GetUsersCanCreateNewCategories(wiki) || Settings.GetUsersCanManagePageCategories(wiki)) { done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, anonymous); } if (Settings.GetFileManagementInPublicAccessAllowed(wiki)) { SetupFileManagementPermissions(wiki, anonymous); } } else { // Standard configuration, only allow read permissions done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ReadPages, anonymous); done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ReadDiscussion, anonymous); done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, anonymous); foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki)) { done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, anonymous); } } return(done); }
protected void btnAdd_Click(object sender, EventArgs e) { // Add the selected subject with full control deny, then select it in the main list string subject = lstFoundSubjects.SelectedValue.Substring(2); bool isGroup = lstFoundSubjects.SelectedValue.StartsWith("G."); bool done = false; switch (CurrentResourceType) { case AclResources.Namespaces: if (isGroup) { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, Pages.FindNamespace(CurrentResourceName), Actions.FullControl, Users.FindUserGroup(subject)); } else { done = AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, Pages.FindNamespace(CurrentResourceName), Actions.FullControl, Users.FindUser(subject)); } break; case AclResources.Pages: if (isGroup) { done = AuthWriter.SetPermissionForPage(AuthStatus.Deny, Pages.FindPage(CurrentResourceName), Actions.FullControl, Users.FindUserGroup(subject)); } else { done = AuthWriter.SetPermissionForPage(AuthStatus.Deny, Pages.FindPage(CurrentResourceName), Actions.FullControl, Users.FindUser(subject)); } break; case AclResources.Directories: IFilesStorageProviderV30 prov = Collectors.FilesProviderCollector.GetProvider(CurrentFilesProvider); if (isGroup) { done = AuthWriter.SetPermissionForDirectory(AuthStatus.Deny, prov, CurrentResourceName, Actions.FullControl, Users.FindUserGroup(subject)); } else { done = AuthWriter.SetPermissionForDirectory(AuthStatus.Deny, prov, CurrentResourceName, Actions.FullControl, Users.FindUser(subject)); } break; default: throw new NotSupportedException(); } if (done) { PopulateSubjectsList(); // Select in main list and display permissions in actions matrix foreach (ListItem item in lstSubjects.Items) { if (item.Value == lstFoundSubjects.SelectedValue) { item.Selected = true; break; } } DisplaySubjectPermissions(subject, isGroup ? SubjectType.Group : SubjectType.User); txtNewSubject.Text = ""; lstFoundSubjects.Items.Clear(); btnAdd.Enabled = false; } else { lblAddResult.CssClass = "resulterror"; lblAddResult.Text = Properties.Messages.CouldNotStorePermissions; } }