//helper method looking for the requested view private GINGridViewerDriver FindViewConfiguration(string pageName, string viewName) { var requestedPage = from page in applicationView.Pages where (page.Name == pageName) select page; if (requestedPage.Count() > 0) { GINPage ginPage = requestedPage.ElementAt(0); var requestedDriver = from driver in ginPage.ViewComponents where (driver.Name == viewName) select driver; if (requestedDriver.Count() > 0) { GINGridViewerDriver driver = requestedDriver.ElementAt(0); AppllySecurityRules(pageName, driver); return(driver); } } return(null); }
//helper method for applying the security rules of the application private void AppllySecurityRules(string pageName, GINGridViewerDriver driver) { XmlSerializer s = new XmlSerializer(typeof(SecurityResourceConfigurationInfo)); SecurityResourceConfigurationInfo src = null; using (Stream stream = File.OpenRead(HttpContext.Current.Request.PhysicalApplicationPath + ConfigurationManager.AppSettings["SecurityConfigurationFile"])) { try { src = (SecurityResourceConfigurationInfo)s.Deserialize(stream); } catch (Exception) { } } if (src == null) { return; } List <string> allRoleNames = new List <string>(); foreach (SecurityRoleInfo role in src.SecurityRoles) { allRoleNames.Add(role.Name); } List <string> userRoleNames = UserBLL.HasRoles( UserBLL.GetCurrentUser(), allRoleNames.ToArray()); foreach (SecurityRoleInfo role in (from role in src.SecurityRoles where (from userRole in userRoleNames where role.Name == userRole select userRole).Any() select role)) { SecuredResourceContainerInfo resourceContainer = src.SecuredResourceContainers.Find(cont => cont.Name == pageName); if (resourceContainer == null) { break; } foreach (GINColumnDescriptor column in driver.Columns) { SecuredResourceInfo securedResource = resourceContainer.SecuredResources.Find(sr => (sr.Scope == driver.Name) && (sr.Name == column.Name)); if (securedResource != null) { var minLevel = securedResource.ConfigurationOptions.Select(option => option.Level).Min(); var restrictiveOptions = from option in securedResource.ConfigurationOptions where option.Level == minLevel select option; List <ConfigurationOptionInfo> applicableOptions = new List <ConfigurationOptionInfo>(restrictiveOptions); var grantedOptions = role.GrantedResourceContainers.Where(grc => grc.Name == resourceContainer.Name) .SelectMany(grc => grc.GrantedResources.Where(gr => (gr.Scope == securedResource.Scope) && (gr.Name == securedResource.Name)) .Select(gr => gr.Option) .SelectMany(grantedOption => securedResource.ConfigurationOptions.Where(option => option.OptionId == grantedOption) .Select(option => option))); foreach (ConfigurationOptionInfo option in grantedOptions) { if (applicableOptions.RemoveAll(ao => (ao.Property == option.Property) && (ao.Level < option.Level)) > 0) { applicableOptions.Add(option); } } foreach (ConfigurationOptionInfo applicableOption in applicableOptions) { PropertyInfo optionProperty = column.GetType().GetProperty(applicableOption.Property); optionProperty.SetValue(column, Convert.ChangeType(applicableOption.Value, optionProperty.PropertyType), null); } } } } }