private void AddEntityPermission(Authority authority, ActivityGrant grant, EntityGroupPermission entPerm)
{
// Entity group permission. Go through each entity in groups
var filter = grant.Filter;
foreach (var entGroupRes in entPerm.GroupResources)
{
foreach (var entRes in entGroupRes.Entities)
{
var entType = entRes.EntityType;
var newRecPerms = new UserRecordPermission(entPerm.AccessType, entRes.MemberMask);
//Find/create entity permission set for the entity type
UserEntityPermissionSet permSet = authority.GetEntityPermissionSet(entType, create: true);
var log = " Source permission " + entPerm.Name + ":";
// Go through each permission and try to merge
var compatiblePerm = permSet.ConditionalPermissions.FirstOrDefault(p => p.CanMerge(grant));
if (compatiblePerm == null)
{
//create new cumulative permission
var permId = "P" + permSet.ConditionalPermissions.Count; //artificial Id
var newPerm = new CumulativeRecordPermission(permId, entType, newRecPerms, grant);
permSet.ConditionalPermissions.Add(newPerm);
log += " - added as " + permId;
}
else
{
//merge
compatiblePerm.RecordPermission.Merge(newRecPerms);
compatiblePerm.SourceGrants.Add(grant); //add grant
log += " - merged into " + compatiblePerm.Id;
}
permSet.LogBuilder.AppendLine(log);
} //foreach entRes
} //foreach entGroupRes
}
public void Merge(UserRecordPermission other)
{
Peek.Merge(other.Peek);
ReadStrict.Merge(other.ReadStrict);
UpdateStrict.Merge(other.UpdateStrict);
AccessTypes |= other.AccessTypes;
}
public void Merge(UserRecordPermission other)
{
Peek.Merge(other.Peek);
ReadStrict.Merge(other.ReadStrict);
UpdateStrict.Merge(other.UpdateStrict);
AccessTypes |= other.AccessTypes;
}
public CumulativeRecordPermission(string id, Type entityType, UserRecordPermission initialPermissions, ActivityGrant grant)
{
Id = id;
EntityType = entityType;
RecordPermission = initialPermissions;
SourceGrants.Add(grant);
if(grant.Filter != null) {
FilterPredicate = grant.Filter.EntityFilter.GetPredicate(entityType);
QueryPredicate = grant.Filter.QueryFilter.GetPredicate(entityType);
}
HasFilter = (FilterPredicate != null);
}
public CumulativeRecordPermission(string id, Type entityType, UserRecordPermission initialPermissions, ActivityGrant grant)
{
Id = id;
EntityType = entityType;
RecordPermission = initialPermissions;
SourceGrants.Add(grant);
if (grant.Filter != null)
{
FilterPredicate = grant.Filter.EntityFilter.GetPredicate(entityType);
QueryPredicate = grant.Filter.QueryFilter.GetPredicate(entityType);
}
HasFilter = (FilterPredicate != null);
}
private void AddEntityPermission(Authority authority, ActivityGrant grant, EntityGroupPermission entPerm)
{
// Entity group permission. Go through each entity in groups
var filter = grant.Filter;
foreach(var entGroupRes in entPerm.GroupResources) {
foreach(var entRes in entGroupRes.Entities) {
var entType = entRes.EntityType;
var newRecPerms = new UserRecordPermission(entPerm.AccessType, entRes.MemberMask);
//Find/create entity permission set for the entity type
UserEntityPermissionSet permSet = authority.GetEntityPermissionSet(entType, create: true);
var log = " Source permission " + entPerm.Name + ":";
// Go through each permission and try to merge
var compatiblePerm = permSet.ConditionalPermissions.FirstOrDefault(p => p.CanMerge(grant));
if(compatiblePerm == null) {
//create new cumulative permission
var permId = "P" + permSet.ConditionalPermissions.Count; //artificial Id
var newPerm = new CumulativeRecordPermission(permId, entType, newRecPerms, grant);
permSet.ConditionalPermissions.Add(newPerm);
log += " - added as " + permId;
} else {
//merge
compatiblePerm.RecordPermission.Merge(newRecPerms);
compatiblePerm.SourceGrants.Add(grant); //add grant
log += " - merged into " + compatiblePerm.Id;
}
permSet.LogBuilder.AppendLine(log);
} //foreach entRes
}//foreach entGroupRes
}