private static HashSet <Privilege> buildChildTreeFor(SupportedPrivilege priv)
{
if (childPrivilegesSet.ContainsKey(priv.Privilege))
{
return(childPrivilegesSet[priv.Privilege]);
}
HashSet <Privilege> childPrivileges = new HashSet <Privilege>();
foreach (SupportedPrivilege sp in priv.AggregatedPrivileges)
{
foreach (Privilege childPriv in buildChildTreeFor(sp))
{
childPrivileges.Add(childPriv);
}
}
childPrivileges.Add(priv.Privilege);
childPrivilegesSet.Add(priv.Privilege, childPrivileges);
return(childPrivileges);
}
/// <summary>
/// Returns tree of permissions. Permission can be aggregated into another permissions,
/// so this is represented as tree (graph).
/// </summary>
/// <returns>Root level permissions.</returns>
private static IEnumerable <SupportedPrivilege> buildPermissionsTree()
{
SupportedPrivilege davUnlock =
new SupportedPrivilege
{
Privilege = Privilege.Unlock,
IsAbstract = true,
Description = "Allows or denies a user to unlock file/folder if he is not the owner of the lock.",
DescriptionLanguage = "en"
};
SupportedPrivilege davReadCurrentUserPivilegeSet =
new SupportedPrivilege
{
Privilege = Privilege.ReadCurrentUserPrivilegeSet,
IsAbstract = true,
Description = "Allows or denies reading privileges of current user.",
DescriptionLanguage = "en"
};
SupportedPrivilege traverseFolderExecuteFile =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.TraverseFolderOrExecuteFile,
IsAbstract = false,
Description = "Allows or denies browsing through a folder's subfolders and files and executing files withing folder",
DescriptionLanguage = "en"
};
SupportedPrivilege readExtendedAttributes =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.ReadExtendedAttributes,
IsAbstract = false,
Description = "Allows or denies viewing the extended attributes of a file or folder(defined by program)",
DescriptionLanguage = "en"
};
SupportedPrivilege synchronize =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.Synchronize,
IsAbstract = false,
Description = "Synchronize",
DescriptionLanguage = "en"
};
SupportedPrivilege writeExtendedAttributes =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.WriteExtendedAttributes,
IsAbstract = false,
Description = "Allows or denies writing the extended attributes of a file or folder(defined by program)",
DescriptionLanguage = "en"
};
SupportedPrivilege readAttributes =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.ReadAttributes,
IsAbstract = false,
Description = "This allows or denies a user to view the standard NTFS attributes of a file or folder.",
DescriptionLanguage = "en"
};
SupportedPrivilege writeAttributes =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.WriteAttributes,
IsAbstract = false,
Description = "This allows or denies the ability to change the attributes of a files or folder",
DescriptionLanguage = "en"
};
SupportedPrivilege delete =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.Delete,
IsAbstract = false,
Description = "Allows or denies the deleting of files and folders.",
DescriptionLanguage = "en"
};
SupportedPrivilege takeOwnership =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.TakeOwnership,
IsAbstract = false,
Description = "This allows or denies a user the ability to take ownership of a file or folder.",
DescriptionLanguage = "en"
};
SupportedPrivilege davWriteProperties =
new SupportedPrivilege
{
Privilege = Privilege.WriteProperties,
IsAbstract = true,
Description = "Allows or denies writing properties.",
DescriptionLanguage = "en"
};
SupportedPrivilege createFilesWriteData =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.CreateFilesWriteData,
IsAbstract = false,
Description = "Allows or denies the user the right to create new files in the parent folder.",
DescriptionLanguage = "en"
};
SupportedPrivilege davWriteContent =
new SupportedPrivilege
{
Privilege = Privilege.WriteContent,
IsAbstract = true,
Description = "Allows or denies modifying file's content.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
createFilesWriteData
}
};
SupportedPrivilege createFoldersAppendData =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.CreateFoldersAppendData,
IsAbstract = false,
Description = "Allows or denies the user to create new folders in the parent folder.",
DescriptionLanguage = "en",
};
SupportedPrivilege davBind =
new SupportedPrivilege
{
Privilege = Privilege.Bind,
IsAbstract = true,
Description = "Allows or denies the user to create new folders or files in the parent folder.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
createFoldersAppendData,
createFilesWriteData
}
};
SupportedPrivilege deleteSubfoldersAndFiles =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.DeleteSubDirectoriesAndFiles,
IsAbstract = false,
Description = "Allows or denies the deleting of files and subfolder within the parent folder.",
DescriptionLanguage = "en",
};
SupportedPrivilege davUnbind =
new SupportedPrivilege
{
Privilege = Privilege.Unbind,
IsAbstract = true,
Description = "Allows or denies removing child items from collection.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
deleteSubfoldersAndFiles
}
};
SupportedPrivilege changePermissions =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.ChangePermissions,
IsAbstract = false,
Description = "Allows or denies the user the ability to change permissions of a files or folder.",
DescriptionLanguage = "en",
};
SupportedPrivilege davWriteAcl =
new SupportedPrivilege
{
Privilege = Privilege.WriteAcl,
IsAbstract = true,
Description = "Allows or denies the user the ability to change permissions of a files or folder.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
changePermissions
}
};
SupportedPrivilege davWrite =
new SupportedPrivilege
{
Privilege = Privilege.Write,
IsAbstract = true,
Description = "Allows or denies locking an item or modifying the content, properties, or membership of a collection.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
readAttributes,
writeAttributes,
delete,
takeOwnership,
davWriteProperties,
davWriteContent,
davBind,
davUnbind,
davWriteAcl,
}
};
SupportedPrivilege listFolderReadData =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.ListDirectoryReadData,
IsAbstract = false,
Description = "Allows or denies the user to view subfolders and fill names in the parent folder. In addition, it allows or denies the user to view the data within the files in the parent folder or subfolders of that parent.",
DescriptionLanguage = "en",
};
SupportedPrivilege readPermissions =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.ReadPermissions,
IsAbstract = false,
Description = "Allows or denies the user the ability to read permissions of a file or folder.",
DescriptionLanguage = "en",
};
SupportedPrivilege davReadAcl =
new SupportedPrivilege
{
Privilege = Privilege.ReadAcl,
IsAbstract = true,
Description = "Allows or denies the user the ability to read permissions of a file or folder.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
readPermissions,
}
};
SupportedPrivilege davRead =
new SupportedPrivilege
{
Privilege = Privilege.Read,
IsAbstract = true,
Description = "Allows or denies the user the ability to read content and properties of files/folders.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
listFolderReadData,
readAttributes,
davReadAcl,
davReadCurrentUserPivilegeSet
}
};
SupportedPrivilege modify =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.Modify,
IsAbstract = false,
Description = "Allows or denies modifying file's or folder's content.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
traverseFolderExecuteFile,
readExtendedAttributes,
writeExtendedAttributes,
synchronize,
delete,
takeOwnership,
davWrite,
davRead
}
};
SupportedPrivilege readAndExecute =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.ReadAndExecute,
IsAbstract = false,
Description = "Allows or denies the user the ability to read content and properties of files/folders.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
traverseFolderExecuteFile,
readExtendedAttributes,
synchronize,
davRead
}
};
SupportedPrivilege read =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.Read,
IsAbstract = false,
Description = "Allows or denies reading file or folder's content and properties.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
readExtendedAttributes,
synchronize,
davRead
}
};
SupportedPrivilege write =
new SupportedPrivilege
{
Privilege = ITHitPrivileges.Write,
IsAbstract = false,
Description = "Allows or denies modifying file or folder's content and properties.",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
writeAttributes,
writeExtendedAttributes,
synchronize,
davBind,
davReadAcl
}
};
return(new[]
{
new SupportedPrivilege
{
Privilege = Privilege.All,
IsAbstract = false,
Description = "Allows or denies all access to file/folder",
DescriptionLanguage = "en",
AggregatedPrivileges =
new[]
{
davUnlock,
modify,
readAndExecute,
read,
write
}
}
});
}
