internal IEnumerable <Dictionary <string, object> > GetItems(IInstanceContext context, string contentType, IBlock ctxBlock, string appPath = null)
{
var wrapLog = Log.Call($"get entities type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock);
// get the app - if we have the context from the request, use that, otherwise generate full app
var app = ctxBlock == null
? Factory.Resolve <Apps.App>().Init(appIdentity, Log)
: GetApp(appIdentity.AppId, ctxBlock);
// verify that read-access to these content-types is permitted
var permCheck = new MultiPermissionsTypes().Init(context, app, contentType, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var error))
{
throw HttpException.PermissionDenied(error);
}
var result = new EntityApi(appIdentity.AppId, permCheck.EnsureAny(GrantSets.ReadDraft), Log)
.GetEntities(contentType)
?.ToList();
wrapLog("found: " + result?.Count);
return(result);
}
[AllowAnonymous] // will check security internally, so assume no requirements
public IEnumerable <Dictionary <string, object> > GetEntities(string contentType, string appPath = null, string cultureCode = null)
{
var wraplog = Log.Call($"get entities type:{contentType}, path:{appPath}, culture:{cultureCode}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder);
// verify that read-access to these content-types is permitted
var permCheck = new MultiPermissionsTypes(BlockBuilder, appIdentity.AppId, contentType, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exp))
{
throw exp;
}
//2018-09-15 2dm replaced
//var context = GetContext(SxcBlock, Log);
//PerformSecurityCheck(appIdentity, contentType, Grants.Read, appPath == null ? context.Dnn.Module : null);
var result = new EntityApi(appIdentity.AppId, permCheck.EnsureAny(GrantSets.ReadDraft), Log)
.GetEntities(contentType, cultureCode)
?.ToList();
wraplog("found: " + result?.Count);
return(result);
}
private void ReadSchema()
{
if (!DoneSchema)
{
using (var api = new EntityApi(_Name)) {
Formater = api.Formater;
TableSchemas = api.Builder.TableSchemas;
ViewSchemas = api.Builder.ViewSchemas;
PackageSchemas = api.Builder.PackageSchemas;
}
DoneSchema = true;
}
if (InvokeRequired)
{
Invoke(
new MethodInvoker(ReadSchema)
);
}
else
{
try {
foreach (var one in TableSchemas)
{
if (Skip(one.TableName))
{
continue;
}
lbxTables.Items.Add(one.TableName);
}
foreach (var one in ViewSchemas)
{
if (Skip(one.ViewName))
{
continue;
}
lbxTables.Items.Add(one.ViewName);
}
foreach (var one in PackageSchemas)
{
if (Skip(one.PackageName))
{
continue;
}
lbxPackages.Items.Add(one.PackageName);
}
} catch (Exception ex) {
MessageBox.Show(
ex.Message,
frmMain._Name,
MessageBoxButtons.OK,
MessageBoxIcon.Error
);
} finally {
this.BackColor = SystemColors.Control;
}
}
}
/// <summary>
/// Preprocess security / context, then get the item based on an passed in method,
/// ...then process/finish
/// </summary>
/// <param name="contentType"></param>
/// <param name="getOne"></param>
/// <param name="appPath"></param>
/// <returns></returns>
private Dictionary <string, object> GetAndSerializeOneAfterSecurityChecks(string contentType, Func <EntityApi, IEntity> getOne, string appPath)
{
Log.Add($"get and serialie after security check type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = getOne(entityApi);
var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var exception))
{
throw exception;
}
// in case draft wasn't allow, get again with more restricted permissions
if (!permCheck.EnsureAny(GrantSets.ReadDraft))
{
entityApi = new EntityApi(appIdentity.AppId, false, Log);
itm = getOne(entityApi);
}
return(InitEavAndSerializer(appIdentity.AppId).Convert(itm));
}
/// <summary>
/// Preprocess security / context, then get the item based on an passed in method,
/// ...then process/finish
/// </summary>
/// <returns></returns>
internal Dictionary <string, object> GetOne(IInstanceContext context, IBlock ctxBlock, string contentType, Func <EntityApi, IEntity> getOne, string appPath)
{
Log.Add($"get and serialize after security check type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = getOne(entityApi);
var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log);
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out var error))
{
throw HttpException.PermissionDenied(error);
}
// in case draft wasn't allow, get again with more restricted permissions
if (!permCheck.EnsureAny(GrantSets.ReadDraft))
{
entityApi = new EntityApi(appIdentity.AppId, false, Log);
itm = getOne(entityApi);
}
return(InitEavAndSerializer(appIdentity.AppId, ctxBlock?.EditAllowed ?? false).Convert(itm));
}
public void Init()
{
var ak = "jmH6fA2QzDWfyPvkKslL741L";
var service_id = "105686";
api = new YingYanApi(ak, service_id).Entity;
entity_name = BitConverter.ToString(Guid.NewGuid().ToByteArray()).Replace("-", "");
column_key = BitConverter.ToString(Guid.NewGuid().ToByteArray()).Replace("-", "");
}
public AllInOne Load([FromBody] List <ItemIdentifier> items, int appId)
{
// Security check
var wraplog = Log.Call("Load", $"load many a#{appId}, items⋮{items.Count}");
// do early permission check - but at this time it may be that we don't have the types yet
// because they may be group/id combinations, without type information which we'll look up afterwards
var appForSecurityChecks = App.LightWithoutData(new DnnTenant(PortalSettings), appId, Log);
items = new SaveHelpers.ContentGroupList(SxcInstance, Log).ConvertListIndexToId(items, appForSecurityChecks);
// now look up the types, and repeat security check with type-names
var permCheck = new MultiPermissionsTypes(SxcInstance, appId, items, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception))
{
throw exception;
}
// load items - similar
var result = new AllInOne();
var entityApi = new EntityApi(appId, Log);
var typeRead = entityApi.AppManager.Read.ContentTypes;
var list = entityApi.GetEntitiesForEditing(appId, items);
var jsonSerializer = new JsonSerializer();
result.Items = list.Select(e => new BundleWithHeader <JsonEntity>
{
Header = e.Header,
Entity = jsonSerializer.ToJson(e.Entity ?? ConstructEmptyEntity(appId, e.Header, typeRead))
}).ToList();
// set published if some data already exists
if (list.Any())
{
result.IsPublished = list.First().Entity?.IsPublished ?? true; // Entity could be null (new), then true
}
// load content-types
var types = UsedTypes(list, typeRead);
result.ContentTypes = types.Select(ct => JsonSerializer.ToJson(ct, true)).ToList();
// load input-field configurations
result.InputTypes = GetNecessaryInputTypes(types, typeRead);
// also deliver features
result.Features = SystemController.FeatureListWithPermissionCheck(appId, permCheck).ToList();
// done - return
wraplog($"ready, sending items:{result.Items.Count}, " +
$"types:{result.ContentTypes.Count}, " +
$"inputs:{result.InputTypes.Count}, " +
$"feats:{result.Features.Count}");
return(result);
}
public static List<dynamic> Xxx4(
EntityApi api,
string a1,
DateTime a2)
{
return api.ExecuteSpByReader(
"SPXxx",
new Any("a1", a1),
new Any("a2", a2)
).ToDynamics()[0];
}
public static List <dynamic> Xxx4(
EntityApi api,
string a1,
DateTime a2)
{
return(api.ExecuteSpByReader(
"SPXxx",
new Any("a1", a1),
new Any("a2", a2)
).ToDynamics()[0]);
}
public static DataResult Xxx1(
EntityApi api,
string a1,
DateTime a2)
{
return api.ExecuteSp(
"SPXxx",
new Any("a1", a1),
new Any("a2", a2)
);
}
public static int Xxx2(
EntityApi api,
string a1,
DateTime a2)
{
return api.ExecuteSpByScalar(
"SPXxx",
new Any("a1", a1),
new Any("a2", a2)
).ToInteger();
}
public static int Xxx2(
EntityApi api,
string a1,
DateTime a2)
{
return(api.ExecuteSpByScalar(
"SPXxx",
new Any("a1", a1),
new Any("a2", a2)
).ToInteger());
}
public static DataResult Xxx1(
EntityApi api,
string a1,
DateTime a2)
{
return(api.ExecuteSp(
"SPXxx",
new Any("a1", a1),
new Any("a2", a2)
));
}
public EditLoadBackend(EntityApi entityApi, ContentGroupList contentGroupList,
IServiceProvider serviceProvider,
IUiContextBuilder contextBuilder,
IContextResolver ctxResolver,
ITargetTypes mdTargetTypes,
// for prefetch
IValueConverter valueConverter,
EntityPickerApi entityPickerBackend) : base(serviceProvider, "Cms.LoadBk")
{
_entityApi = entityApi;
_contentGroupList = contentGroupList;
_contextBuilder = contextBuilder;
_ctxResolver = ctxResolver;
_mdTargetTypes = mdTargetTypes;
_valueConverter = valueConverter;
_entityPickerBackend = entityPickerBackend;
}
/// <summary>
/// 鹰眼轨迹服务接口
/// </summary>
/// <param name="ak">用户的ak</param>
/// <param name="serviceId">service的ID,service 的唯一标识</param>
/// <param name="sk">sn签名的验证方式的 Security Key</param>
public YingYanApi(string ak, string serviceId, string sk = null)
{
this.Ak = ak;
ServiceId = serviceId;
this.Sk = sk;
_client = new HttpClient();
Entity = new EntityApi(this);
Track = new TrackApi(this);
Fence = new FenceApi(this);
Analysis = new AnalysisApi(this);
Export = new ExportApi(this);
_client = new HttpClient {
BaseAddress = new Uri(Url)
};
_client.DefaultRequestHeaders.Accept.Clear();
_client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
}
internal void Delete(IInstanceContext context, IBlock ctxBlock, string contentType, Guid guid, string appPath)
{
Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, ctxBlock);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid);
var permCheck = new MultiPermissionsItems().Init(context, GetApp(appIdentity.AppId, ctxBlock), itm, Log);
if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var error))
{
throw HttpException.PermissionDenied(error);
}
entityApi.Delete(itm.Type.Name, guid);
}
[AllowAnonymous] // will check security internally, so assume no requirements
public void Delete(string contentType, Guid guid, [FromUri] string appPath = null)
{
Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, BlockBuilder);
var entityApi = new EntityApi(appIdentity.AppId, true, Log);
var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid);
var permCheck = new MultiPermissionsItems(BlockBuilder, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception))
{
throw exception;
}
entityApi.Delete(itm.Type.Name, guid);
}
public dynamic GetManyForEditing([FromBody] List <ItemIdentifier> items, int appId)
{
var wrapLog = Log.Call("GetManyForEditing", $"get many a#{appId}, items⋮{items.Count}");
// before we start, we have to convert the indexes into something more useful, because
// otherwise in content-list scenarios we don't have the type
var appForSecurityChecks = App.LightWithoutData(new DnnTenant(PortalSettings), SystemRuntime.ZoneIdOfApp(appId), appId, Log);
items = new SaveHelpers.ContentGroupList(SxcInstance, Log).ConvertListIndexToId(items, appForSecurityChecks);
// to do full security check, we'll have to see what content-type is requested
var permCheck = new MultiPermissionsTypes(SxcInstance, appId, items, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception))
{
throw exception;
}
var list = new EntityApi(appId, Log).GetEntitiesForEditing(appId, items);
// Reformat to the Entity-WithLanguage setup
var listAsEwH = list.Select(p => new BundleWithHeader <EntityWithLanguages>
{
Header = p.Header,
Entity = p.Entity != null
? EntityWithLanguages.Build(appId, p.Entity)
: null
}).ToList();
// 2018-09-26 2dm
// if we're giving items which already exist, then we must verify that edit/read is allowed.
// important, this code is shared/duplicated in the UiController.Load
if (list.Any(set => set.Entity != null))
{
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out exception))
{
throw exception;
}
}
wrapLog($"will return items⋮{list.Count}");
return(listAsEwH);
}
[AllowAnonymous] // will check security internally, so assume no requirements
public void Delete(string contentType, Guid guid, [FromUri] string appPath = null)
{
Log.Add($"delete guid:{guid}, type:{contentType}, path:{appPath}");
// if app-path specified, use that app, otherwise use from context
var appIdentity = AppFinder.GetAppIdFromPathOrContext(appPath, SxcInstance);
var entityApi = new EntityApi(appIdentity.AppId, Log);
var itm = entityApi.GetOrThrow(contentType == "any" ? null : contentType, guid);
var permCheck = new MultiPermissionsItems(SxcInstance, appIdentity.AppId, itm, Log);
if (!permCheck.EnsureAll(Grants.Delete.AsSet(), out var exception))
{
throw exception;
}
//2018-09-15 2dm moved/disabled
//var context = GetContext(SxcInstance, Log);
//PerformSecurityCheck(appIdentity, itm.Type.Name, Grants.Delete, appPath == null ? context.Dnn.Module : null, itm);
entityApi.Delete(itm.Type.Name, guid);
}
public AppContent(IServiceProvider sp, EntityApi entityApi, Lazy <EntitiesToDictionary> entToDicLazy, IContextResolver ctxResolver) : base(sp, "Sxc.ApiApC")
{
_entityApi = entityApi;
_entToDicLazy = entToDicLazy;
_ctxResolver = ctxResolver;
}
public void Delete(string contentType, Guid guid, int appId, bool force = false) => EntityApi.GetOrThrowBasedOnGrants(GetContext(), GetApp(appId), contentType, GrantSets.DeleteSomething, Log) .Delete(contentType, guid, force);
public IEnumerable <Dictionary <string, object> > GetAllOfTypeForAdmin(int appId, string contentType) => EntityApi.GetOrThrowBasedOnGrants(GetContext(), GetApp(appId), contentType, GrantSets.ReadSomething, Log) .GetEntitiesForAdmin(contentType);
public AllInOne Load([FromBody] List <ItemIdentifier> items, int appId)
{
// Security check
var wraplog = Log.Call($"load many a#{appId}, items⋮{items.Count}");
// do early permission check - but at this time it may be that we don't have the types yet
// because they may be group/id combinations, without type information which we'll look up afterwards
var appIdentity = State.Identity(null, appId);
items = new ContentGroupList(BlockBuilder, Log).ConvertListIndexToId(items, appIdentity);
// now look up the types, and repeat security check with type-names
// todo: 2020-03-20 new feat 11.01, may not check inner type permissions ATM
var permCheck = new MultiPermissionsTypes(BlockBuilder, appId, items, Log);
if (!permCheck.EnsureAll(GrantSets.WriteSomething, out var exception))
{
throw exception;
}
// load items - similar
var result = new AllInOne();
var entityApi = new EntityApi(appId, permCheck.EnsureAny(GrantSets.ReadDraft), Log);
var typeRead = entityApi.AppRead.ContentTypes;
var list = entityApi.GetEntitiesForEditing(appId, items);
var jsonSerializer = new JsonSerializer();
result.Items = list.Select(e => new BundleWithHeader <JsonEntity>
{
Header = e.Header,
Entity = GetSerializeAndMdAssignJsonEntity(appId, e, jsonSerializer, typeRead)
}).ToList();
// set published if some data already exists
if (list.Any())
{
result.IsPublished = list.First().Entity?.IsPublished ?? true; // Entity could be null (new), then true
// only set draft-should-branch if this draft already has a published item
if (!result.IsPublished)
{
result.DraftShouldBranch = list.First().Entity?.GetPublished() != null;
}
}
// since we're retrieving data - make sure we're allowed to
// this is to ensure that if public forms only have create permissions, they can't access existing data
// important, this code is shared/duplicated in the EntitiesController.GetManyForEditing
if (list.Any(set => set.Entity != null))
{
if (!permCheck.EnsureAll(GrantSets.ReadSomething, out exception))
{
throw exception;
}
}
// load content-types
var types = UsedTypes(list, typeRead);
result.ContentTypes = types
.Select(ct => JsonSerializer.ToJson(ct, true))
.ToList();
// todo: ensure that sub-properties of the content-types are included
var entList = types.SelectMany(
// in all Content-Type attributes like title, body etc.
t => t.Attributes.SelectMany(
// check all metadata of these attributes - get possible sub-entities attached
a => a.Metadata.SelectMany(m => m.Children())
)
);
result.ContentTypeItems = entList.Select(e => jsonSerializer.ToJson(e, 0, Log)).ToList();
// Fix not-supported input-type names; map to correct name
result.ContentTypes
.ForEach(jt => jt.Attributes
.ForEach(at => at.InputType = InputTypes.MapInputTypeV10(at.InputType)));
// load input-field configurations
result.InputTypes = GetNecessaryInputTypes(result.ContentTypes, typeRead);
// also include UI features
result.Features = SystemController.FeatureListWithPermissionCheck(permCheck).ToList();
// done - return
wraplog($"ready, sending items:{result.Items.Count}, " +
$"types:{result.ContentTypes.Count}, " +
$"inputs:{result.InputTypes.Count}, " +
$"feats:{result.Features.Count}");
return(result);
}
public void Init()
{
instance = new EntityApi();
}
private void ReadSchema()
{
if(!DoneSchema) {
using(var api = new EntityApi(_Name)) {
Formater = api.Formater;
TableSchemas = api.Builder.TableSchemas;
ViewSchemas = api.Builder.ViewSchemas;
PackageSchemas = api.Builder.PackageSchemas;
}
DoneSchema = true;
}
if(InvokeRequired) {
Invoke(
new MethodInvoker(ReadSchema)
);
} else {
try {
foreach(var one in TableSchemas) {
if(Skip(one.TableName)) { continue; }
lbxTables.Items.Add(one.TableName);
}
foreach(var one in ViewSchemas) {
if(Skip(one.ViewName)) { continue; }
lbxTables.Items.Add(one.ViewName);
}
foreach(var one in PackageSchemas) {
if(Skip(one.PackageName)) { continue; }
lbxPackages.Items.Add(one.PackageName);
}
} catch(Exception ex) {
MessageBox.Show(
ex.Message,
frmMain._Name,
MessageBoxButtons.OK,
MessageBoxIcon.Error
);
} finally {
this.BackColor = SystemColors.Control;
}
}
}
RefreshTask(object provider, string connectionString)
{
if (null == provider)
{
MessageBox.Show(
"Select Data Provider first!",
frmMain._Name,
MessageBoxButtons.OK,
MessageBoxIcon.Warning
);
new Tuple <
ISqlFormater,
IQueryable <TableSchema>,
IQueryable <ViewSchema>,
IQueryable <PackageSchema> >(null, null, null, null);
}
DataSettings.Add(
frmMain._Name,
connectionString,
provider.ToString()
);
try {
ISqlFormater formater;
IQueryable <TableSchema> tableSchemas;
IQueryable <ViewSchema> viewSchemas;
IQueryable <PackageSchema> packageSchemas;
using (var api = new EntityApi(_Name)) {
formater = api.Formater;
tableSchemas = api.Builder.TableSchemas;
viewSchemas = api.Builder.ViewSchemas;
packageSchemas = api.Builder.PackageSchemas;
}
return(new Tuple <
ISqlFormater,
IQueryable <TableSchema>,
IQueryable <ViewSchema>,
IQueryable <PackageSchema> >(
formater,
tableSchemas,
viewSchemas,
packageSchemas
));
} catch (Exception ex) {
MessageBox.Show(
ex.Message,
frmMain._Name,
MessageBoxButtons.OK,
MessageBoxIcon.Error
);
return(new Tuple <
ISqlFormater,
IQueryable <TableSchema>,
IQueryable <ViewSchema>,
IQueryable <PackageSchema> >(null, null, null, null));
}
}
private Tuple<ISqlFormater, IQueryable<TableSchema>, IQueryable<ViewSchema>, IQueryable<PackageSchema>> RefreshTask(object provider, string connectionString)
{
if(null == provider) {
MessageBox.Show(
"Select Data Provider first!",
frmMain._Name,
MessageBoxButtons.OK,
MessageBoxIcon.Warning
);
new Tuple<
ISqlFormater,
IQueryable<TableSchema>,
IQueryable<ViewSchema>,
IQueryable<PackageSchema>>(null, null, null, null);
}
DataSettings.Add(
frmMain._Name,
connectionString,
provider.ToString()
);
try {
ISqlFormater formater;
IQueryable<TableSchema> tableSchemas;
IQueryable<ViewSchema> viewSchemas;
IQueryable<PackageSchema> packageSchemas;
using(var api = new EntityApi(_Name)) {
formater = api.Formater;
tableSchemas = api.Builder.TableSchemas;
viewSchemas = api.Builder.ViewSchemas;
packageSchemas = api.Builder.PackageSchemas;
}
return new Tuple<
ISqlFormater,
IQueryable<TableSchema>,
IQueryable<ViewSchema>,
IQueryable<PackageSchema>>(
formater,
tableSchemas,
viewSchemas,
packageSchemas
);
} catch(Exception ex) {
MessageBox.Show(
ex.Message,
frmMain._Name,
MessageBoxButtons.OK,
MessageBoxIcon.Error
);
return new Tuple<
ISqlFormater,
IQueryable<TableSchema>,
IQueryable<ViewSchema>,
IQueryable<PackageSchema>>(null, null, null, null);
}
}