public static bool HasPermission(UserSession userSession, GroupMember groupMember, Group group, eGroupPermissionType permissionType) { bool hasNonMembersPermissions = false; bool hasMembersPermissions = false; bool hasVipMembersPermissions = false; switch(permissionType) { case eGroupPermissionType.ViewGroup: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGroupNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGroupMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGroupVip); break; case eGroupPermissionType.ViewMessageBoard: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMessageBoardNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMessageBoardMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMessageBoardVip); break; case eGroupPermissionType.ViewGallery: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGalleryNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGalleryMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewGalleryVip); break; case eGroupPermissionType.ViewMembers: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMembersNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMembersMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewMembersVip); break; case eGroupPermissionType.ViewEvents: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewEventsNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewEventsMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.ViewEventsVip); break; case eGroupPermissionType.UploadPhoto: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UploadPhotoNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UploadPhotoMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UploadPhotoVip); break; case eGroupPermissionType.UseChat: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UseChatNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UseChatMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.UseChatVip); break; case eGroupPermissionType.AddTopic: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddTopicNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddTopicMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddTopicVip); break; case eGroupPermissionType.AddPost: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddPostNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddPostMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddPostVip); break; case eGroupPermissionType.AddEvent: hasNonMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddEventNonMembers); hasMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddEventMembers); hasVipMembersPermissions = group.IsPermissionEnabled(eGroupPermissions.AddEventVip); break; default: throw new ArgumentOutOfRangeException("permissionType"); } if (userSession != null) { if (groupMember == null && !hasNonMembersPermissions) { return false; } else if (groupMember != null) { if (!groupMember.Active) { if (!hasNonMembersPermissions) { return false; } } else { if ((groupMember.Type == eType.Member && !hasMembersPermissions) || (groupMember.Type == eType.VIP && !hasVipMembersPermissions)) { return false; } } } } else // is not logged in { if (!hasNonMembersPermissions) { return false; } } return true; }
/// <summary> /// Fetches group members from DB by specified group ID, username, type or active status. /// If all arguments are null it returns all group members from DB. /// If it cannot find a record in DB by specified arguments it returns an empty array. /// </summary> /// <param name="groupID">The group ID.</param> /// <param name="username">The username.</param> /// <param name="type">The type.</param> /// <param name="active">The active.</param> /// <param name="joinDate">The join date.</param> /// <param name="invitedBy">The invited by.</param> /// <param name="numberOfMembers">The number of members.</param> /// <returns>Group members array or an empty array if no group members are found in DB.</returns> private static GroupMember[] Fetch(int? groupID, string username, eType? type, bool? active, DateTime? joinDate, string invitedBy, int? numberOfMembers, eSortColumn sortColumn) { using (SqlConnection conn = Config.DB.Open()) { SqlDataReader reader = (SqlDataReader) SqlHelper.GetDB().ExecuteReader( "FetchGroupMembers", groupID, username, type, active, joinDate, invitedBy, numberOfMembers, sortColumn); List<GroupMember> groupMembers = new List<GroupMember>(); while (reader.Read()) { GroupMember groupMember = new GroupMember(); groupMember.groupID = (int) reader["GroupID"]; groupMember.username = (string) reader["Username"]; groupMember.type = (eType) reader["Type"]; groupMember.active = (bool) reader["Active"]; groupMember.joinDate = (DateTime) reader["JoinDate"]; groupMember.invitedBy = reader["InvitedBy"] != DBNull.Value ? (string) reader["InvitedBy"] : null; groupMember.joinAnswer = (string) reader["JoinAnswer"]; groupMember.isWarned = (bool) reader["IsWarned"]; groupMember.warnReason = reader["WarnReason"] != DBNull.Value ? (string) reader["WarnReason"] : null; groupMember.warnExpirationDate = reader["WarnExpirationDate"] != DBNull.Value ? (DateTime?) reader["WarnExpirationDate"] : null; groupMembers.Add(groupMember); } return groupMembers.ToArray(); } }
public static bool IsAuthorized(UserSession userSession, GroupMember groupMember, Group group) { if (userSession != null && userSession.IsAdmin()) { return true; } else if (group == null || (groupMember == null && group.AccessLevel == Group.eAccessLevel.Private)) { return false; } else { return true; } }
/// <summary> /// Mark user account as deleted /// </summary> /// <param name="username">the username of the user whose account is about to be deleted</param> /// <param name="reason">The reason.</param> public static void Delete(string username, string reason) { using (SqlConnection conn = Config.DB.Open()) { SqlHelper.GetDB().ExecuteNonQuery( "DeleteUser", username, reason); } if (Config.Ratings.EnablePhotoContests) { PhotoContestEntry.DeleteByUsername(username); } if (Config.Groups.EnableGroups) { Group[] groups = Group.FetchGroupsByUsername(username); foreach (Group group in groups) { if (!group.Approved) { Group.Delete(group.ID); } else { if (group.Owner == username) { GroupMember[] admins = GroupMember.Fetch(group.ID, GroupMember.eType.Admin, GroupMember.eSortColumn.JoinDate); if (admins.Length > 1) { List<GroupMember> lAdmins = new List<GroupMember>(); foreach (GroupMember admin in admins) { lAdmins.Add(admin); } lAdmins.Reverse(); admins = lAdmins.ToArray(); group.Owner = admins[1].Username; // the oldest administrator except the current owner } else { GroupMember[] moderators = GroupMember.Fetch(group.ID, GroupMember.eType.Moderator, GroupMember.eSortColumn.JoinDate); if (moderators.Length > 0) { List<GroupMember> lModerators = new List<GroupMember>(); foreach (GroupMember moderator in moderators) { lModerators.Add(moderator); } lModerators.Reverse(); moderators = lModerators.ToArray(); group.Owner = moderators[0].Username; // the oldest moderator } else { if (!GroupMember.IsMember(Config.Users.SystemUsername, group.ID)) { GroupMember groupMember = new GroupMember(group.ID, Config.Users.SystemUsername); groupMember.Active = true; groupMember.Type = GroupMember.eType.Admin; groupMember.Save(); group.ActiveMembers++; } group.Owner = Config.Users.SystemUsername; } } group.ActiveMembers--; group.Save(); } } } } if (IsOnline(username)) { var notification = new AccountDeletedNotification { Recipient = username, Text = "Your account has been deleted (" + reason + ")!" }; RealtimeNotification.SendNotification(notification); } }