protected void lnkBreakWithClear_Click(Object sender, EventArgs e) { // Check permission CheckModifyPermission(true); // Break permission inheritance and clear permissions AclInfoProvider.BreakInherintance(Node, false); // Log staging task and flush cache DocumentSynchronizationHelper.LogDocumentChange(Node, TaskTypeEnum.BreakACLInheritance, Node.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, null, Node.TreeProvider.AllowAsyncActions); CacheHelper.TouchKeys(TreeProvider.GetDependencyCacheKeys(Node, Node.NodeSiteName)); // Insert information about this event to event log. if (DocumentManager.Tree.LogEvents) { EventLogProvider.LogEvent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", ResHelper.GetAPIString("security.documentpermissionsbreakclear", "Inheritance of the parent document permissions have been broken."), eventUrl, currentUser.UserID, currentUser.UserName, Node.NodeID, DocumentName, ipAddress, Node.NodeSiteID); } lblInheritanceInfo.Text = GetString("Security.InheritsInfo.DoesNotInherit"); SwitchBackToPermissionsMode(); // Clear and reload securityElem.InvalidateAcls(); securityElem.LoadOperators(true); }
protected void lnkBreakWithCopy_Click(Object sender, EventArgs e) { // Check permission CheckModifyPermission(true); // Break permission inheritance and copy parent permissions AclInfoProvider.BreakInherintance(Node, true); // Log staging task TaskParameters taskParam = new TaskParameters(); taskParam.SetParameter("copyPermissions", true); DocumentSynchronizationHelper.LogDocumentChange(Node, TaskTypeEnum.BreakACLInheritance, Node.TreeProvider, SynchronizationInfoProvider.ENABLED_SERVERS, taskParam, Node.TreeProvider.AllowAsyncActions); // Insert information about this event to event log. if (DocumentManager.Tree.LogEvents) { EventLogProvider.LogEvent(EventType.INFORMATION, "Content", "DOCPERMISSIONSMODIFIED", ResHelper.GetAPIString("security.documentpermissionsbreakcopy", "Inheritance of the parent page permissions have been broken. Parent page permissions have been copied."), eventUrl, DocumentManager.Tree.UserInfo.UserID, DocumentManager.Tree.UserInfo.UserName, Node.NodeID, DocumentName, ipAddress, Node.NodeSiteID); } lblInheritanceInfo.Text = GetString("Security.InheritsInfo.DoesNotInherit"); SwitchBackToPermissionsMode(); // Clear and reload securityElem.InvalidateAcls(); securityElem.LoadOperators(true); }
/// <summary> /// Changes permission inheritance for documents filtered by permission 'Modify permissions' /// </summary> private bool FilterDataSet() { // Create an instance of the Tree provider TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser); // Set the parameters for getting documents string siteName = SiteContext.CurrentSiteName; string aliasPath = "/%"; string culture = SettingsKeyInfoProvider.GetStringValue(SiteContext.CurrentSiteName + ".CMSDefaultCultureCode"); bool combineWithDefaultCulture = true; // Get data set with documents DataSet documents = tree.SelectNodes(siteName, aliasPath, culture, combineWithDefaultCulture); // Get the user UserInfo user = UserInfoProvider.GetUserInfo("Andy"); if (user != null) { // Filter the data set by the user permissions TreeSecurityProvider.FilterDataSetByPermissions(documents, NodePermissionsEnum.ModifyPermissions, user); if (!DataHelper.DataSourceIsEmpty(documents)) { // Loop through filtered documents foreach (DataRow documentRow in documents.Tables[0].Rows) { // Create a new Tree node from the data row TreeNode node = TreeNode.New("CMS.MenuItem", documentRow, tree); // Break permission inheritance (with copying parent permissions) AclInfoProvider.BreakInherintance(node, true); } // Data set filtered successfully - permission inheritance broken for filtered items apiFilterDataSet.InfoMessage = "Data set with all pages filtered successfully by permission 'Modify permissions' for user 'Andy'. Permission inheritance broken for filtered items."; } else { // Data set filtered successfully - no items left in data set apiFilterDataSet.InfoMessage = "Data set with all pages filtered successfully by permission 'Modify permissions' for user 'Andy'. No items left in data set."; } return(true); } return(false); }
/// <summary> /// Expects the "CreateDocumentStructure" method to be run first. /// </summary> private bool BreakPermissionInheritance() { // Create an instance of the Tree provider TreeProvider tree = new TreeProvider(MembershipContext.AuthenticatedUser); // Get default culture code string culture = SettingsKeyInfoProvider.GetStringValue(SiteContext.CurrentSiteName + ".CMSDefaultCultureCode"); // Get the API Example document TreeNode node = tree.SelectSingleNode(SiteContext.CurrentSiteName, "/API-Example/API-Example-subpage", culture); if (node != null) { // Break permission inheritance (without copying parent permissions) bool copyParentPermissions = false; AclInfoProvider.BreakInherintance(node, copyParentPermissions); return(true); } return(false); }
/// <summary> /// After node created, solver role permissions. /// </summary> private void AddRoles(object sender, EventArgs e) { string roleIds = ";" + usRoles.Value + ";"; // Check if ACL should inherit from parent if (InheritParentPermissions) { AclInfoProvider.EnsureOwnAcl(EditedNode); } else { // If node has already own ACL don't leave permissions, otherwise break inheritance if (!AclInfoProvider.HasOwnAcl(EditedNode)) { AclInfoProvider.BreakInherintance(EditedNode, false); } } int aclId = ValidationHelper.GetInteger(EditedNode.GetValue("NodeACLID"), 0); // Get original ACLItems DataSet ds = AclItemInfoProvider.GetAclItems(EditedNode.NodeID, "Operator LIKE N'R%' AND ACLID = " + aclId, null, 0, "Operator, Allowed, Denied"); // Change original values if (!DataHelper.DataSourceIsEmpty(ds)) { foreach (DataRow dr in ds.Tables[0].Rows) { string op = DataHelper.GetNotEmpty(dr["Operator"], "R"); int allowed = ValidationHelper.GetInteger(dr["Allowed"], 0); int denied = ValidationHelper.GetInteger(dr["Denied"], 0); int aclRoleId = ValidationHelper.GetInteger(op.Substring(1), 0); if (aclRoleId != 0) { // Check if read permission should be set or removed if (roleIds.Contains(";" + aclRoleId + ";")) { // Remove role from processed role and adjust permissions in database roleIds = roleIds.Replace(";" + aclRoleId + ";", ";"); allowed |= 1; } else { allowed &= 126; } RoleInfo ri = RoleInfoProvider.GetRoleInfo(aclRoleId); AclItemInfoProvider.SetRolePermissions(EditedNode, allowed, denied, ri); } } } // Create ACL items for new roles if (roleIds.Trim(';') != "") { // Process rest of the roles string[] roles = roleIds.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (string role in roles) { RoleInfo ri = RoleInfoProvider.GetRoleInfo(int.Parse(role)); AclItemInfoProvider.SetRolePermissions(EditedNode, 1, 0, ri); } } }