public bool EnsurePermissionsInDatabase(PortalApplication portalApp) { string appName = portalApp.GetApplicationName(); PortalApplicationPermission[] appPermissionsInDB = FetchAll(appName); PortalApplicationPermission[] appPermissionsDefined = portalApp.GetAllPermissionsForApplication(); List <PortalApplicationPermission> toInsert = new List <PortalApplicationPermission>(); foreach (PortalApplicationPermission appPermission in appPermissionsDefined) { if (!arrayContains(appPermission, appPermissionsInDB)) { toInsert.Add(appPermission); } } // foreach List <PortalApplicationPermission> toDelete = new List <PortalApplicationPermission>(); foreach (PortalApplicationPermission dbPermission in appPermissionsInDB) { if (!arrayContains(dbPermission, appPermissionsDefined)) { toDelete.Add(dbPermission); } } // foreach return(BulkInsert(toInsert.ToArray()) && BulkDelete(toDelete.ToArray())); }
public bool hasPermissionTo(string actionRequested, PortalApplication portalApp) { portalApp.EnsurePermissionsInDatabase(); string currentAppName = portalApp.GetApplicationName(); return(hasPermissionTo(actionRequested, currentAppName)); }
private string getStandardUserSQL(string whereClause, WebPortalUser.SortUsersBy sortBy, PortalApplication portalApp) { if (whereClause.Trim() != "") { whereClause = " AND " + whereClause; } string permissionsWhere = ""; string appName = portalApp.GetApplicationName(); if (appName != "" && portalApp.GetAllPermissionsForApplication().Length > 0) { permissionsWhere = " AND (" + DBDialect.isNull("p.PermissionsId") + " or p.ApplicationName = '" + dbEncode(appName) + "' ) "; } string sql = @" select appuser.appuserid, appuser.username, appuser.password, appuser.FullName, appuser.EmailAddress, appuser.LastLoginDateTime, roles.Name as RoleName, roles.roleid, roles.Description as RoleDesc, x.`key` as exKey, x.`value` as exVal, p.PermissionsId, p.ApplicationName, p.Action, p.Description from appuser LEFT JOIN appuserroles on (appuser.appuserid = appuserroles.appuserid) LEFT JOIN roles ON (appuserroles.roleid = roles.roleid) LEFT JOIN appuserextendedinfo x on (x.userId = appuser.AppUserId) LEFT JOIN appuserpermissions up on (appuser.AppUserId = up.AppUserId) LEFT JOIN permissions p ON (p.PermissionsId = up.PermissionsId) WHERE " + DBDialect.isNull("appuser.deleted") + " AND " + DBDialect.isNull("roles.deleted") + " and " + DBDialect.isNull("x.deleted") + " and " + DBDialect.isNull("p.Deleted") + " "; sql = sql + permissionsWhere; sql = sql + whereClause; switch (sortBy) { case WebPortalUser.SortUsersBy.UserId: sql = sql + @" ORDER BY appuserid "; break; case WebPortalUser.SortUsersBy.UserName: sql = sql + @" ORDER BY username "; break; case WebPortalUser.SortUsersBy.UserFullName: sql = sql + @" ORDER BY FullName "; break; default: throw new ArgumentException("Invalid SortBy given"); } return(sql); } // getStandardUserSQL