예제 #1
0
        public SPGlymaUser(SPWeb web, IMapObjects mapObjectBootstrapper)
        {
            Web = web;
            MapObjectBootstrapper = mapObjectBootstrapper;

            if (web.Properties.ContainsKey("Glyma.SecurityDatabaseServer") && web.Properties.ContainsKey("Glyma.SecurityDatabaseName") && web.Properties.ContainsKey("Glyma.SecurableContextId"))
            {
                SecurityDatabaseServer = web.Properties["Glyma.SecurityDatabaseServer"];
                SecurityDatabaseName   = web.Properties["Glyma.SecurityDatabaseName"];
                SecurableContextId     = int.Parse(web.Properties["Glyma.SecurableContextId"]);
            }

            using (SecurityDBDataContext dataContext = new SecurityDBDataContext(Connection))
            {
                var securableContext = (from dcSecurableContext in dataContext.SecurableContexts
                                        where dcSecurableContext.SecurableContextId == SecurableContextId
                                        select dcSecurableContext).FirstOrDefault();

                if (securableContext == null)
                {
                    return;
                }

                SecurableContextName = securableContext.SecurableContextName;
                SecurableContextUid  = securableContext.SecurableContextUid;
            }
        }
예제 #2
0
        public bool IsAuthorised(Guid?domainUid, Guid[] rootMapUids, params IRight[] requiredRights)
        {
            using (SecurityDBDataContext dataContext = new SecurityDBDataContext(Connection))
            {
                /// Only get the securable objects for the securable context ID we have access and the domain ID we were provided.
                IQueryable <GroupAssociation> accessibleGroupAssociations = from securableObject in dataContext.GroupAssociations
                                                                            where securableObject.SecurableContextId == SecurableContextId && securableObject.SecurableParentUid == domainUid && securableObject.Group.GroupSPID != null
                                                                            select securableObject;

                /// Only get the securable objects for the root map IDs we were supplied with.
                foreach (Guid rootMapUid in rootMapUids)
                {
                    accessibleGroupAssociations = from securableObject in accessibleGroupAssociations
                                                  where securableObject.SecurableObjectUid == rootMapUid
                                                  select securableObject;
                }

                var accessibleGroups = from securableObject in accessibleGroupAssociations
                                       select securableObject.Group;

                Dictionary <int, Group> sortedGroups = accessibleGroups.ToDictionary(x => x.GroupSPID.Value);

                foreach (SPRoleAssignment roleAssignment in Web.RoleAssignments)
                {
                    SPGroup group = roleAssignment.Member as SPGroup;

                    /// Check that we're actually looking at a group, that this group contains the current user, and that this group is on the list of accessible groups.
                    if (group != null && group.ContainsCurrentUser && sortedGroups.ContainsKey(group.ID))
                    {
                        /// Do a check that this group actually has the required right.
                        foreach (SPRoleDefinition roleDefinition in roleAssignment.RoleDefinitionBindings)
                        {
                            IRole role = null;

                            switch (roleDefinition.Name)
                            {
                            case GlymaSecurityManagerRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaSecurityManagerRole;
                                break;

                            case GlymaProjectManagerRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaProjectManagerRole;
                                break;

                            case GlymaMapManagerRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaMapManagerRole;
                                break;

                            case GlymaMapAuthorRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaMapAuthorRole;
                                break;

                            case GlymaMapReaderRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaMapReaderRole;
                                break;

                            case OldGlymaMapAuthorRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaMapAuthorRole;
                                break;

                            case OldGlymaMapReaderRoleName:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaMapReaderRole;
                                break;

                            default:
                                role = SPGlymaRoleFactory.GetInstance(SecurableContextId.Value).GlymaMapReaderRole;
                                break;
                            }

                            if (role.HasRights(requiredRights))
                            {
                                return(true);
                            }
                        }
                    }
                }

                return(false);
            }
        }