private static FunctionPermissionList LoadPermissions(string Query, string ObjectName)
{
FunctionPermissionList ret = new FunctionPermissionList();
DataTable dt = new DataTable();
SqlDataAdapter Adapter = new SqlDataAdapter(Query, Settings.ConnectionString);
Adapter.Fill(dt);
if (null != dt && dt.Rows.Count > 0)
{
foreach (DataRow dr in dt.Rows)
{
FunctionPermission funcPermission = new FunctionPermission();
funcPermission.Permission = (DBNull.Value != dr["Permission"]) ? (EnumPermission)Convert.ChangeType(dr["Permission"], typeof(int)) : EnumPermission.Inherit;
funcPermission.Restricted = (DBNull.Value != dr["Restricted"]) ? (bool)Convert.ChangeType(dr["Restricted"], typeof(bool)) : NullHelper.Boolean;
string funcName = (DBNull.Value != dr["FunctionName"]) ? (string)Convert.ChangeType(dr["FunctionName"], typeof(string)) : NullHelper.String;
ret.Add(funcName, funcPermission);
}
}
// set functions that doesn't exist in the database
string xPath = string.Format("//objects/object[@name='{0}']", ObjectName);
XmlDocument xmlObjectMetaData = new XmlDocument();
string path = SessionHandler.Server.MapPath("~/App_Data/XML/Objects.xml");
xmlObjectMetaData.Load(path);
XmlNode xmlNodeObject = xmlObjectMetaData.SelectSingleNode(xPath);
if (null != xmlNodeObject)
{
XmlNode xmlNodeFunctions = xmlNodeObject.SelectSingleNode("functions");
if (null != xmlNodeFunctions)
{
XmlNodeList xmlNodeListFunction = null;
bool exist = false;
string templateID = XmlHelper.GetXmlAttributeValue(xmlNodeFunctions, "templateId", ref exist);
if (exist)
{
xmlNodeListFunction = xmlObjectMetaData.SelectNodes(string.Format("//functionsTemplate[@id='{0}']/function", templateID));
}
else
{
xmlNodeListFunction = xmlNodeFunctions.SelectNodes("function");
}
foreach (XmlNode xmlNodeFunction in xmlNodeListFunction)
{
exist = false;
string funcName = XmlHelper.GetXmlAttributeValue <string>(xmlNodeFunction, "name", ref exist, "");
if (!string.IsNullOrEmpty(funcName) && null == ret[funcName]) // function doean't exist, use defaults
{
ret.Add(funcName, new FunctionPermission());
}
}
}
}
xmlObjectMetaData = null;
return(ret);
}
public static bool IsPermitted(FunctionSecurityContext fsc)
{
bool Ret = false;
if (null != fsc)
{
FunctionPermissionList fpl = LoadUserPermissionsEx(LoginToken.LoginUser.ID, fsc.ObjectName);
FunctionPermission fp = fpl[fsc.FunctionName];
if (null != fp)
{
if (EnumPermission.Allow == fp.Permission)
{
if (fp.Restricted && 0 != fsc.ObjectID)
{
Ret = (fsc.OwnerID == LoginToken.LoginUser.ID);
}
else
{
Ret = true; // function not restricted, or no specific object
}
}
}
else
{
Ret = true; // function is not secured
}
}
else
{
Ret = true; // no secuirty context
}
return(Ret);
}
public static FunctionPermissionList LoadUserPermissionsEx(int UserID, string ObjectName)
{
FunctionPermissionList Ret = null;
ObjectPermissionList opl = LoginToken.ObjectPermissionList;
if (null != opl)
{
Ret = opl[ObjectName];
}
if (null == Ret)
{
Ret = LoadUserPermissions(UserID, ObjectName);
if (null != opl)
{
opl.Add(ObjectName, Ret);
}
else
{
opl = new ObjectPermissionList();
opl.Add(ObjectName, Ret);
}
LoginToken.ObjectPermissionList = opl;
}
return(Ret);
}
public void Add(string ObjectName, FunctionPermissionList Value)
{
this.InnerHashtable.Add(ObjectName, Value);
}