/// <summary>
/// Froms the entity and privilege.
/// </summary>
/// <returns>The entity and privilege.</returns>
/// <param name="context">Context.</param>
/// <param name="entity">Entity.</param>
/// <param name="operation">Operation.</param>
public static new ActivityTep FromEntityAndPrivilege(IfyContext context, Entity entity, EntityOperationType operation)
{
var etype = EntityType.GetEntityType(entity.GetType());
var priv = Privilege.Get(EntityType.GetEntityTypeFromId(etype.Id), Privilege.GetOperationType(((char)operation).ToString()));
ActivityTep result = new ActivityTep(context);
result.Entity = entity;
result.EntityTypeId = etype.Id;
result.Privilege = priv;
result.Load();
return(result);
}
public HttpResponseMessage Get(string cuid = null)
{
string promoCode = String.Empty;
string[] cuidArray = Util.CUID2Array(cuid);
if (cuidArray != null)
{
int i = 1;
foreach (var data in cuidArray)
{
if (i.Equals(1))
{
promoCode = data;
}
i++;
}
}
string personID = String.Empty;
if (Util.GetIsAuthenticatedByAuthenADFS())
{
object obj = Util.GetPPIDByAuthenADFS();
string ppid = obj.GetType().GetProperty("ppid").GetValue(obj, null).ToString();
string winaccountName = obj.GetType().GetProperty("winaccountName").GetValue(obj, null).ToString();
personID = (!String.IsNullOrEmpty(ppid) ? ppid : winaccountName);
}
DataSet ds = Privilege.Get("", promoCode, personID);
DataTable dtPrivilege = ds.Tables[0];
DataTable dtTransPrivilege = ds.Tables[1];
List <object> list = new List <object>();
if (dtPrivilege.Rows.Count > 0)
{
List <object> privileges = Privilege.GetDataSource("Privilege", dtPrivilege);
List <object> transPrivileges = Privilege.GetDataSource("TransPrivilege", dtTransPrivilege);
JObject privilege = new JObject(JsonConvert.DeserializeObject <dynamic>(JsonConvert.SerializeObject(privileges[0])));
privilege.Add("transPrivilege", JToken.FromObject(transPrivileges));
list.Add(privilege);
}
return(Request.CreateResponse(HttpStatusCode.OK, Util.APIResponse.GetData(list)));
}
private List <ActivityTep> GetDataPackageActivities(User user)
{
var etype = EntityType.GetEntityType(typeof(DataPackage));
var priv = Privilege.Get(EntityType.GetEntityTypeFromId(etype.Id), Privilege.GetOperationType(((char)EntityOperationType.View).ToString()));
EntityList <ActivityTep> activities = new EntityList <ActivityTep>(Context);
if (user != null)
{
activities.SetFilter("UserId", user.Id + "");
}
activities.SetFilter("EntityTypeId", etype.Id + "");
activities.SetFilter("PrivilegeId", priv.Id + "");
activities.Load();
return(activities.GetItemsAsList());
}
public void _CreateData()
{
try {
if (rebuildData)
{
context.AccessLevel = EntityAccessLevel.Administrator;
domain1 = new Domain(context);
domain1.Identifier = "domain-1";
domain1.Name = "domain-1";
domain1.Store();
domain2 = new Domain(context);
domain2.Identifier = "domain-2";
domain2.Name = "domain-2";
domain2.Store();
user0 = new User(context);
user0.Identifier = "user-0";
user0.Store();
user11 = new User(context);
user11.Identifier = "domain-1_cr_viewer+changer";
user11.Store();
user12 = new User(context);
user12.Identifier = "domain-1_cr_viewer+changer+deleter";
user12.Store();
user21 = new User(context);
user21.Identifier = "global_cr_deleter";
user21.Store();
group1 = new Group(context);
group1.Identifier = "domain-1_cr_viewers+changers";
group1.Store();
group1.AssignUsers(new int[] { user11.Id, user12.Id });
group2 = new Group(context);
group2.Identifier = "global_cr_deleters";
group2.Store();
group2.AssignUsers(new int[] { user21.Id });
user31 = new User(context);
user31.Identifier = "global_service_admin";
user31.Store();
role1 = new Role(context);
role1.Identifier = "cr_view+change";
role1.Store();
role1.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(ComputingResource)), new EntityOperationType[] { EntityOperationType.Search, EntityOperationType.View, EntityOperationType.Change }));
role1.GrantToGroups(new int[] { group1.Id }, domain1.Id);
role2 = new Role(context);
role2.Identifier = "cr_delete";
role2.Store();
role2.IncludePrivilege(Privilege.Get(EntityType.GetEntityType(typeof(ComputingResource)), EntityOperationType.Delete));
role2.GrantToUsers(new int[] { user12.Id }, domain1.Id);
role2.GrantToGroups(new int[] { group2.Id }, 0);
role3 = new Role(context);
role3.Identifier = "service_all";
role3.Store();
role3.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(Service))));
role3.GrantToUsers(new int[] { user31.Id }, 0);
ComputingResource cr1 = new GenericComputingResource(context);
cr1.Identifier = "cr-1";
cr1.Name = "cr-1";
cr1.Domain = domain1;
cr1.Store();
cr1.GrantPermissionsToUsers(new int[] { user12.Id });
PublishServer ps1 = new PublishServer(context);
ps1.Identifier = "ps-1";
ps1.Name = "ps-1";
ps1.Hostname = "mytest.host";
ps1.Domain = domain1;
ps1.Protocol = "http";
ps1.Store();
seriesShareDomain = new Domain(context);
seriesShareDomain.Identifier = "series-share";
seriesShareDomain.Name = "series-share";
seriesShareDomain.Store();
shareCreator = new User(context);
shareCreator.Identifier = "share-creator";
shareCreator.Store();
shareReceiver = new User(context);
shareReceiver.Identifier = "share-receiver";
shareReceiver.Store();
context.StartImpersonation(shareCreator.Id);
sharedSeries = new Series(context);
sharedSeries.Identifier = "shared-series";
sharedSeries.Store();
sharedSeries.GrantPermissionsToUsers(new int[] { shareReceiver.Id });
unsharedSeries = new Series(context);
unsharedSeries.Domain = seriesShareDomain;
unsharedSeries.Identifier = "unshared-series";
unsharedSeries.Store();
context.EndImpersonation();
seriesShareRole = new Role(context);
seriesShareRole.Identifier = "series_all";
seriesShareRole.Store();
seriesShareRole.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(Series))));
seriesShareRole.GrantToUsers(new int[] { shareCreator.Id }, seriesShareDomain.Id);
context.AccessLevel = EntityAccessLevel.Permission;
}
else
{
domain1 = Domain.GetInstance(context);
domain1.Load("domain-1");
domain2 = Domain.GetInstance(context);
domain2.Load("domain-2");
group1 = Group.FromIdentifier(context, "domain-1_cr_viewers+changers");
group2 = Group.FromIdentifier(context, "global_cr_deleters");
user0 = User.FromUsername(context, "user-0");
user11 = User.FromUsername(context, "domain-1_cr_viewer+changer");
user12 = User.FromUsername(context, "domain-1_cr_viewer+changer+deleter");
user21 = User.FromUsername(context, "global_cr_deleter");
user31 = User.FromUsername(context, "global_service_admin");
role1 = Role.GetInstance(context);
role1.Load("cr_view+change");
role2 = Role.GetInstance(context);
role2.Load("cr_delete");
role2 = Role.GetInstance(context);
role2.Load("service_all");
}
} catch (Exception e) {
Console.WriteLine("{0} - {1}", e.Message, e.StackTrace);
throw;
}
}
public object Get(ActivityByCommunitySearchRequestTep request)
{
var context = TepWebContext.GetWebContext(PagePrivileges.UserView);
context.AccessLevel = EntityAccessLevel.Administrator;
context.Open();
context.LogInfo(this, string.Format("/community/{{community}}/activity/search GET - community='{0}'", request.Domain));
ThematicCommunity domain = ThematicCommunity.FromIdentifier(context, request.Domain);
//We only want some Privileges
var privlist = new List <int> ();
var privs = Privilege.Get(EntityType.GetEntityType(typeof(WpsJob)));
foreach (var priv in privs)
{
privlist.Add(priv.Id);
}
privs = Privilege.Get(EntityType.GetEntityType(typeof(DataPackage)));
foreach (var priv in privs)
{
privlist.Add(priv.Id);
}
privs = Privilege.Get(EntityType.GetEntityType(typeof(Series)));
foreach (var priv in privs)
{
privlist.Add(priv.Id);
}
EntityList <ActivityTep> activities = new EntityList <ActivityTep> (context);
activities.AddSort("CreationTime", SortDirection.Descending);
activities.SetFilter("PrivilegeId", string.Join(",", privlist));
activities.SetFilter("DomainId", domain.Id.ToString());
activities.Identifier = "activity";
activities.Load();
// Load the complete request
HttpRequest httpRequest = HttpContext.Current.Request;
OpenSearchEngine ose = MasterCatalogue.OpenSearchEngine;
// the opensearch cache system uses the query parameters
// we add to the parameters the filters added to the load in order to avoir wrong cache
// we use 't2-' in order to not interfer with possibly used query parameters
var qs = new NameValueCollection(Request.QueryString);
foreach (var filter in activities.FilterValues)
{
qs.Set("t2-" + filter.Key.FieldName, filter.Value.ToString());
}
Type responseType = OpenSearchFactory.ResolveTypeFromRequest(httpRequest.QueryString, httpRequest.Headers, ose);
IOpenSearchResultCollection osr = ose.Query(activities, qs, responseType);
OpenSearchFactory.ReplaceOpenSearchDescriptionLinks(activities, osr);
context.Close();
return(new HttpResult(osr.SerializeToString(), osr.ContentType));
}
public void TepTest()
{
try {
if (rebuildData)
{
context.AccessLevel = EntityAccessLevel.Administrator;
// Domains ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
moveDomain = new Domain(context);
moveDomain.Identifier = "MOVE";
moveDomain.Name = "MOVE domain";
moveDomain.Store();
rldDomain = new Domain(context);
rldDomain.Identifier = "RLD";
rldDomain.Name = "RLD domain";
rldDomain.Store();
// Users ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
sarah = new User(context);
sarah.Identifier = "sarah";
sarah.FirstName = "Sarah";
sarah.Store();
marco = new User(context);
marco.Identifier = "marco";
marco.FirstName = "Marco";
marco.LastName = "Rossi";
marco.Store();
jean = new User(context);
jean.Identifier = "jean";
jean.FirstName = "Jean";
jean.LastName = "Dupont";
jean.Store();
sofia = new User(context);
sofia.Identifier = "sofia";
sofia.FirstName = "Sofia";
sofia.LastName = "Rodriguez";
sofia.Store();
emma = new User(context);
emma.Identifier = "emma";
emma.FirstName = "Emma";
emma.LastName = "Muller";
emma.Store();
rldUser = new User(context);
rldUser.Identifier = "rld-user";
rldUser.Store();
// Groups +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
moveGroup = new Group(context);
moveGroup.Identifier = "MOVE TEP group";
moveGroup.Store();
moveGroup.AssignUsers(new User[] { sarah, marco, jean, sofia, emma });
rldGroup = new Group(context);
rldGroup.Identifier = "RLD TEP group";
rldGroup.Store();
rldGroup.AssignUser(sarah);
// Roles ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
clusterProvisionRole = new Role(context);
clusterProvisionRole.Identifier = "cluster-provision-role";
clusterProvisionRole.Name = "Cluster provision";
clusterProvisionRole.Store();
clusterProvisionRole.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(Series))));
clusterProvisionRole.GrantToUser(sarah, moveDomain);
expertRole = new Role(context);
expertRole.Identifier = "expert-role";
expertRole.Name = "Expert";
expertRole.Store();
expertRole.GrantToUser(marco, moveDomain);
contentAuthorityRole = new Role(context);
contentAuthorityRole.Identifier = "content-authority-role";
contentAuthorityRole.Name = "Content authority";
contentAuthorityRole.Store();
contentAuthorityRole.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(Series))));
contentAuthorityRole.GrantToUser(jean, moveDomain);
softwareVendorRole = new Role(context);
softwareVendorRole.Identifier = "software-vendor-role";
softwareVendorRole.Name = "Software vendor";
softwareVendorRole.Store();
softwareVendorRole.GrantToUser(sofia, moveDomain);
endUserRole = new Role(context);
endUserRole.Identifier = "end-user-role";
endUserRole.Name = "End user";
endUserRole.Store();
endUserRole.GrantToUser(emma, moveDomain);
memberRole = new Role(context);
memberRole.Identifier = "member-role";
memberRole.Name = "Member";
memberRole.Store();
memberRole.GrantToUser(sarah, rldDomain);
dataProviderRole = new Role(context);
dataProviderRole.Identifier = "data-provider-role";
dataProviderRole.Name = "Data provider";
dataProviderRole.Store();
dataProviderRole.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(Series))));
dataProviderRole.GrantToUser(rldUser, null);
ictProviderRole = new Role(context);
ictProviderRole.Identifier = "ict-provider-role";
ictProviderRole.Name = "ICT provider";
ictProviderRole.Store();
ictProviderRole.IncludePrivileges(Privilege.Get(EntityType.GetEntityType(typeof(Series))));
ictProviderRole.GrantToUser(rldUser, null);
// Data +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
demSeries = new Series(context);
demSeries.Domain = moveDomain;
demSeries.OwnerId = sarah.Id;
demSeries.Identifier = "dem-series";
demSeries.Store();
xstSeries = new Series(context);
xstSeries.Domain = rldDomain;
xstSeries.OwnerId = rldUser.Id;
xstSeries.Identifier = "xst-series";
xstSeries.Store();
xstSeries.GrantPermissionsToGroups(new Group[] { rldGroup });
Terradue.Cloud.CloudProvider cloudProvider = new Terradue.Cloud.GenericCloudProvider(context);
cloudProvider.Identifier = "cloud-provider";
cloudProvider.Name = "Cloud Provider";
cloudProvider.AccessPoint = "cloud-dev.terradue.int";
cloudProvider.WebAdminUrl = "*****@*****.**";
cloudProvider.Store();
Terradue.Sandbox.Laboratory laboratory = Terradue.Sandbox.Laboratory.ForProvider(context, cloudProvider);
laboratory.Identifier = "laboratory";
laboratory.Name = "Laboratory";
laboratory.Store();
context.AccessLevel = EntityAccessLevel.Permission;
}
else
{
}
} catch (Exception e) {
Console.WriteLine("{0} - {1}", e.Message, e.StackTrace);
throw;
}
try {
context.AccessLevel = EntityAccessLevel.Privilege;
context.StartImpersonation(sarah.Id);
Console.WriteLine("Sarah accesses \"demSeries\"");
demSeries = Series.FromId(context, demSeries.Id); // reload "demSeries" with Sarah's account
Console.WriteLine(" -> ACCESSED (OK)");
Console.WriteLine("Check whether Sarah can use data of \"demSeries\" for processing");
demSeries.CanProcess = true;
Console.WriteLine(" -> YES (OK)");
Console.WriteLine("Sarah grants permissions to all users on \"demSeries\"");
demSeries.GrantPermissionsToAll();
Console.WriteLine(" -> DONE (OK)");
context.EndImpersonation();
context.StartImpersonation(marco.Id);
demSeries = Series.FromId(context, demSeries.Id); // reload "demSeries" with Marco's account
demSeries.CanDownload = true;
Assert.Throws <EntityUnauthorizedException>(delegate {
demSeries.GrantPermissionsToAll();
});
context.EndImpersonation();
context.StartImpersonation(sarah.Id);
Console.WriteLine("Sarah (member of RLD TEP group) accesses \"xstSeries\"");
xstSeries = Series.FromId(context, xstSeries.Id); // reload "xstSeries" with Sarah's account
Console.WriteLine(" -> ACCESSED (OK)");
try {
Console.WriteLine("Sarah tries to grant permissions on \"xstSeries\" to her group");
xstSeries.GrantPermissionsToGroups(new Group[] { moveGroup });
Console.WriteLine(" -> DONE (ERROR!)");
Assert.IsTrue(false); // force failure (we should never arrive here)
} catch (Exception e) {
Assert.IsTrue(e is EntityUnauthorizedException);
Console.WriteLine(" -> REJECTED (OK)");
}
context.EndImpersonation();
context.StartImpersonation(marco.Id);
try {
Console.WriteLine("Marco tries to access \"xstSeries\"");
xstSeries = Series.FromId(context, xstSeries.Id); // reload "xstSeries" with Marco's account
Console.WriteLine(" -> ACCESSED (ERROR!)");
Assert.IsTrue(false); // force failure (we should never arrive here)
} catch (Exception e) {
Assert.IsTrue(e is EntityUnauthorizedException);
Console.WriteLine(" -> REJECTED (OK)");
}
context.EndImpersonation();
// RLD user grants download and processing permission to Sarah's group
context.StartImpersonation(rldUser.Id);
Console.WriteLine("RLD user accesses \"xstSeries\"");
xstSeries = Series.FromId(context, xstSeries.Id); // reload "xstSeries" with RLD user's account
Console.WriteLine(" -> ACCESSED (OK)");
Console.WriteLine("RLD user grants permissions on \"xstSeries\" to Sarah's group");
xstSeries.CanDownload = true;
xstSeries.CanProcess = true;
xstSeries.GrantPermissionsToGroups(new Group[] { moveGroup });
Console.WriteLine(" -> AUTHORIZED (OK)");
context.EndImpersonation();
// Marco tries to load XST series -> now he can, and he has download and process permissions
context.StartImpersonation(marco.Id);
Console.WriteLine("Marco (member of Sarah's group) tries again to access \"xstSeries\"");
xstSeries = Series.FromId(context, xstSeries.Id); // reload "xstSeries" with Marco's account
Console.WriteLine(" -> ACCESSED (OK)");
Console.WriteLine("Check whether Marco can use data of \"demSeries\" for downloading and processing");
Assert.IsFalse(xstSeries.CanSearchWithin);
Assert.IsTrue(xstSeries.CanDownload);
Assert.IsTrue(xstSeries.CanProcess);
Console.WriteLine(" -> AUTHORIZED (OK)");
context.EndImpersonation();
} catch (Exception e) {
Console.WriteLine("{0} - {1}", e.Message, e.StackTrace);
throw;
}
}