public bool RemoveUserPermission(string pid, string username, bool temp)
{
PermissionsManager permissionsManager = new PermissionsManager();
pid = HttpContext.Current.Server.UrlDecode(pid);
if (Context.User.Identity.IsAuthenticated)
{
if (Website.Common.IsValidUser(username))
{
PermissionErrorCode error = PermissionErrorCode.Ok;
if (temp)
{
_tempUserPermissions.Remove(username);
}
else
{
error = permissionsManager.RemoveUserPermission(HttpContext.Current.User.Identity.Name, pid, username);
}
switch (error)
{
case PermissionErrorCode.Ok:
HttpContext.Current.Response.StatusCode = 200;
break;
case PermissionErrorCode.NotAuthorized:
HttpContext.Current.Response.StatusCode = 401;
break;
default:
HttpContext.Current.Response.StatusCode = 400;
break;
}
permissionsManager.Dispose();
return(true);
}
else
{
HttpContext.Current.Response.StatusCode = 400;
permissionsManager.Dispose();
return(false);
}
}
else
{
HttpContext.Current.Response.StatusCode = 401;
permissionsManager.Dispose();
return(false);
}
}
public bool DeleteGroup(string groupname)
{
PermissionsManager permissionsManager = new PermissionsManager();
if (Context.User.Identity.IsAuthenticated)
{
if (permissionsManager.GetGroupsByOwner(Context.User.Identity.Name).Contains(groupname))
{
PermissionErrorCode ret = permissionsManager.DeleteGroup(Context.User.Identity.Name, groupname);
if (ret == PermissionErrorCode.Ok)
{
permissionsManager.Dispose();
return(true);
}
}
}
permissionsManager.Dispose();
return(false);
}
public bool AddUserToGroup(string username, string groupname)
{
PermissionsManager permissionsManager = new PermissionsManager();
if (Context.User.Identity.IsAuthenticated)
{
if (Website.Common.IsValidUser(username))
{
if (permissionsManager.GetGroupsByOwner(Context.User.Identity.Name).Contains(groupname))
{
PermissionErrorCode ret = permissionsManager.AddUserToGroup(Context.User.Identity.Name, groupname, username);
if (ret == PermissionErrorCode.Ok)
{
permissionsManager.Dispose();
return(true);
}
}
}
}
permissionsManager.Dispose();
return(false);
}
public string SavePermissions(string type, string pid, List <string> targets, List <string> permissions, bool temp)
{
PermissionsManager permissionsManager = new PermissionsManager();
HttpContext context = HttpContext.Current;
string identity = context.User.Identity.Name;
pid = context.Server.UrlDecode(pid);
if (targets.Count == permissions.Count &&
(type == "user" || type == "group"))
{
for (int i = 0; i < targets.Count; i++)
{
ModelPermissionLevel perm = (ModelPermissionLevel)(Int32.Parse(permissions[i]));
if (type == "group")
{
//Transform any end-user-view groupnames into codebehind groupnames
if (targets[i] == PermissionsManager.ALL_USERS_LABEL)
{
targets[i] = DefaultGroups.AllUsers;
}
else if (targets[i] == PermissionsManager.ANONYMOUS_USERS_LABEL)
{
targets[i] = DefaultGroups.AnonymousUsers;
}
}
PermissionErrorCode errorCode = PermissionErrorCode.Ok;
if (type == "user" && !Website.Common.IsValidUser(targets[i]))
{
errorCode = PermissionErrorCode.DoesNotExist;
}
else
{
if (temp)
{
if (type == "group")
{
_tempGroupPermissions[targets[i]] = perm;
}
else
{
_tempUserPermissions[targets[i]] = perm;
}
}
else
{
errorCode = (type == "group")
? permissionsManager.SetModelToGroupLevel(identity, pid, targets[i], perm)
: permissionsManager.SetModelToUserLevel(identity, pid, targets[i], perm);
}
}
switch (errorCode)
{
case PermissionErrorCode.Ok:
context.Response.StatusCode = 200;
break;
case PermissionErrorCode.NotAuthorized:
context.Response.StatusCode = 401;
break;
default:
context.Response.StatusCode = 400;
break;
}
if (errorCode != PermissionErrorCode.Ok)
{
break;
}
}
}
else
{
context.Response.StatusCode = 400;
}
permissionsManager.Dispose();
//TODO: Add more specific error messages
return((context.Response.StatusCode == 200) ? "success" : "failure");
}
