internal PermissionValue GetPermission(int userId, int entityId, int ownerId, EntryType?entryType, params PermissionTypeBase[] permissions)
{
if (userId == _securityContext.SecuritySystem.Configuration.SystemUserId)
{
return(PermissionValue.Allowed);
}
_entityManager.EnterReadLock();
try
{
return(GetPermissionSafe(userId, entityId, ownerId, entryType, permissions));
}
finally
{
_entityManager.ExitReadLock();
}
}
/// <summary>
/// Returns all entities in the predefined axis (All, ParentChain, Subtree) of the specified entity.
/// The collection is empty if the entity was not found.
/// This operation is thread safe. The thread safety uses system resources, so to minimize these,
/// it's strongly recommended processing as fast as possible.
/// </summary>
/// <param name="entityId">The Id of the focused entity.</param>
/// <param name="handleBreaks">Controls the permission inheritance handling.</param>
/// <returns>The IEnumerable<SecurityEntity> to further filtering.</returns>
public IEnumerable <SecurityEntity> GetEntities(int entityId, BreakOptions handleBreaks = BreakOptions.Default)
{
_entityManager.EnterReadLock();
try
{
var root = _entityManager.GetEntitySafe(entityId, false);
IEnumerable <SecurityEntity> collection;
switch (_axis)
{
case Axis.All:
collection = GetEntitiesFromParentChain(root, handleBreaks)
.Union(GetEntitiesFromSubtree(root, handleBreaks));
break;
case Axis.ParentChain:
collection = GetEntitiesFromParentChain(root, handleBreaks);
break;
case Axis.Subtree:
collection = GetEntitiesFromSubtree(root, handleBreaks);
break;
default:
throw new ArgumentOutOfRangeException("Unknown axis: " + _axis);
}
foreach (var entity in collection)
{
yield return(entity);
}
}
finally
{
_entityManager.ExitReadLock();
}
}
public Dictionary <PermissionTypeBase, int> GetExplicitPermissionsInSubtree(SecurityContext context, int entityId, int[] identities, bool includeRoot)
{
_entityManager.EnterReadLock();
try
{
var counters = new int[PermissionTypeBase.PermissionCount];
var root = _entityManager.GetEntitySafe(entityId, true);
foreach (var entity in new EntityTreeWalker(root))
{
// step forward if there is no any setting
if (!entity.HasExplicitAcl || entity.Id == entityId && !includeRoot)
{
continue;
}
// if broken, adding existing parent-s effective identities because all identities are related.
var localBits = new PermissionBitMask();
if (!entity.IsInherited && entity.Parent != null && (includeRoot || entity.Parent.Id != entityId))
{
CollectPermissionsFromLocalAces(context.Evaluator.GetEffectiveEntriesSafe(entity.Parent.Id, identities, EntryType.Normal), localBits);
}
// adding explicit identities
CollectPermissionsFromAces(context.Evaluator.GetExplicitEntriesSafe(entity.Id, identities, EntryType.Normal), PermissionLevel.AllowedOrDenied, counters, localBits);
}
var result = new Dictionary <PermissionTypeBase, int>();
for (var i = 0; i < PermissionTypeBase.PermissionCount; i++)
{
result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]);
}
return(result);
}
finally
{
_entityManager.ExitReadLock();
}
}
