예제 #1
0
        private void AddRole(string roleName, AccessLevel accessLevel, IContentSecurityRepository securityRepository)
        {
            if (!UIRoleProvider.RoleExists(roleName))
            {
                UIRoleProvider.CreateRole(roleName);

                var permissions = (IContentSecurityDescriptor)securityRepository.Get(ContentReference.RootPage).CreateWritableClone();
                permissions.AddEntry(new AccessControlEntry(roleName, accessLevel));

                securityRepository.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
                securityRepository.Save(ContentReference.WasteBasket, permissions, SecuritySaveType.Replace);
            }
        }
예제 #2
0
        private void SetSecurity(ContentReference reference, string role, AccessLevel level)
        {
            IContentSecurityDescriptor permissions = securityRepository.Get(reference).CreateWritableClone() as IContentSecurityDescriptor;

            permissions.AddEntry(new AccessControlEntry(role, level));
            securityRepository.Save(reference, permissions, SecuritySaveType.Replace);
        }
예제 #3
0
        private void SetFullAccessToWebAdmin()
        {
            var permissions = _contentSecurityRepository.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;

            permissions.AddEntry(new AccessControlEntry(AdminRoleName, AccessLevel.FullAccess));
            _contentSecurityRepository.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
        }
예제 #4
0
        public ContentApprovalsManagerPageController(
            IApprovalDefinitionRepository repoDefinitions,
            IContentRepository repoContent,
            IApprovalRepository repoApprovals,
            IApprovalEngine engine,
            UIRoleProvider roles,
            UIUserProvider users,
            IContentSecurityRepository repoSecurity)
        {
            this.repoDefinitions = repoDefinitions;
            this.repoContent     = repoContent;
            this.repoApprovals   = repoApprovals;
            this.engine          = engine;

            // if the editors role does not exist, create it and assign access rights
            if (!roles.RoleExists(editors))
            {
                roles.CreateRole(editors);

                var permissions = repoSecurity.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;
                permissions.AddEntry(new AccessControlEntry(editors,
                                                            AccessLevel.Create | AccessLevel.Edit | AccessLevel.Delete | AccessLevel.Read | AccessLevel.Publish));
                repoSecurity.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
            }

            // create three users and add them to roles

            UIUserCreateStatus   status;
            IEnumerable <string> errors = Enumerable.Empty <string>();

            if (users.GetUser(userName1) == null)
            {
                users.CreateUser(
                    userName1, password,
                    email: userName1.ToLower() + emailBase,
                    passwordQuestion: null, passwordAnswer: null,
                    isApproved: true, status: out status, errors: out errors);

                roles.AddUserToRoles(userName1, new string[] { admins });
            }

            if (users.GetUser(userName2) == null)
            {
                users.CreateUser(
                    userName2, password, userName2.ToLower() + emailBase,
                    null, null, true, out status, out errors);

                roles.AddUserToRoles(userName2, new string[] { editors });
            }

            if (users.GetUser(userName3) == null)
            {
                users.CreateUser(
                    userName3, password, userName3.ToLower() + emailBase,
                    null, null, true, out status, out errors);

                roles.AddUserToRoles(userName3, new string[] { editors });
            }
        }
예제 #5
0
        private void SetSecurity(ContentReference reference, string role, AccessLevel level, bool overrideInherited = false)
        {
            IContentSecurityDescriptor permissions = securityRepository.Get(reference).CreateWritableClone() as IContentSecurityDescriptor;

            if (overrideInherited)
            {
                if (permissions.IsInherited)
                {
                    permissions.ToLocal();
                }
            }
            permissions.AddEntry(new AccessControlEntry(role, level));
            securityRepository.Save(reference, permissions, SecuritySaveType.Replace);
        }
        public override string Execute()
        {
            if (_contentLoader.TryGet(_referenceConverter.GetRootLink(), out IContent content))
            {
                var securableContent         = (IContentSecurable)content;
                var defaultAccessControlList = (IContentSecurityDescriptor)securableContent.GetContentSecurityDescriptor().CreateWritableClone();
                defaultAccessControlList.AddEntry(new AccessControlEntry(RoleNames.CommerceAdmins, AccessLevel.FullAccess, SecurityEntityType.Role));
                defaultAccessControlList.AddEntry(new AccessControlEntry(EveryoneRole.RoleName, AccessLevel.Read, SecurityEntityType.Role));

                _contentSecurityRepository.Save(content.ContentLink, defaultAccessControlList, SecuritySaveType.Replace);
                return("fix");
            }
            return("nothing to fix");
        }
예제 #7
0
        private void SetAccessControlListForContent(ContentReference reference, string role, AccessLevel level)
        {
            IContentSecurityRepository contentSecurityRepository = ServiceLocator.Current.GetInstance <IContentSecurityRepository>();

            IContentSecurityDescriptor permissions = contentSecurityRepository.Get(reference).CreateWritableClone() as IContentSecurityDescriptor;

            //Not IContentSecurityDescriptor
            if (permissions == null)
            {
                return;
            }

            permissions.AddEntry(new AccessControlEntry(role, level));

            contentSecurityRepository.Save(reference, permissions, SecuritySaveType.Replace);
        }
예제 #8
0
        private ContentReference CreateRootFolder(string rootName, Guid rootGuid)
        {
            _contentRootService.Register <ContentFolder>(rootName, rootGuid, ContentReference.RootPage);

            var fieldRoot = _contentRootService.Get(rootName);

            var securityDescriptor = _contentSecurityRepository.Get(fieldRoot).CreateWritableClone() as IContentSecurityDescriptor;

            if (securityDescriptor != null)
            {
                securityDescriptor.IsInherited = false;

                var everyoneEntry = securityDescriptor.Entries.FirstOrDefault(e => e.Name.Equals("everyone", StringComparison.InvariantCultureIgnoreCase));

                if (everyoneEntry != null)
                {
                    securityDescriptor.RemoveEntry(everyoneEntry);
                    _contentSecurityRepository.Save(fieldRoot, securityDescriptor, SecuritySaveType.Replace);
                }
            }
            return(fieldRoot);
        }