/// <summary>
/// Handles the Delete event of the gGroups control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gGroups_Delete( object sender, RowEventArgs e )
{
RockTransactionScope.WrapTransaction( () =>
{
GroupService groupService = new GroupService();
AuthService authService = new AuthService();
Group group = groupService.Get( (int)e.RowKeyValue );
if ( group != null )
{
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdGridWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole;
if ( isSecurityRoleGroup )
{
foreach ( var auth in authService.Queryable().Where( a => a.GroupId.Equals( group.Id ) ).ToList() )
{
authService.Delete( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
}
}
groupService.Delete( group, CurrentPersonId );
groupService.Save( group, CurrentPersonId );
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
Rock.Security.Role.Flush( group.Id );
}
}
} );
BindGrid();
}
/// <summary>
/// Handles the Click event of the btnDelete control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param>
protected void btnDelete_Click( object sender, EventArgs e )
{
int? parentGroupId = null;
// NOTE: Very similar code in GroupList.gGroups_Delete
RockTransactionScope.WrapTransaction( () =>
{
GroupService groupService = new GroupService();
AuthService authService = new AuthService();
Group group = groupService.Get( int.Parse( hfGroupId.Value ) );
if ( group != null )
{
parentGroupId = group.ParentGroupId;
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdDeleteWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() );
if ( isSecurityRoleGroup )
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId.Equals( group.Id ) ).ToList() )
{
authService.Delete( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
}
}
groupService.Delete( group, CurrentPersonId );
groupService.Save( group, CurrentPersonId );
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
} );
// reload page, selecting the deleted group's parent
var qryParams = new Dictionary<string, string>();
if ( parentGroupId != null )
{
qryParams["groupId"] = parentGroupId.ToString();
}
NavigateToPage( RockPage.Guid, qryParams );
}
/// <summary>
/// Handles the Delete event of the gGroups control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gGroups_Delete( object sender, RowEventArgs e )
{
// NOTE: Very similar code in GroupDetail.btnDelete_Click
RockTransactionScope.WrapTransaction( () =>
{
GroupService groupService = new GroupService();
AuthService authService = new AuthService();
Group group = groupService.Get( (int)e.RowKeyValue );
if ( group != null )
{
string errorMessage;
if ( !groupService.CanDelete( group, out errorMessage ) )
{
mdGridWarning.Show( errorMessage, ModalAlertType.Information );
return;
}
bool isSecurityRoleGroup = group.IsSecurityRole || group.GroupType.Guid.Equals( Rock.SystemGuid.GroupType.GROUPTYPE_SECURITY_ROLE.AsGuid() );
if (isSecurityRoleGroup)
{
Rock.Security.Role.Flush( group.Id );
foreach ( var auth in authService.Queryable().Where( a => a.GroupId == group.Id ).ToList() )
{
authService.Delete( auth, CurrentPersonId );
authService.Save( auth, CurrentPersonId );
}
}
groupService.Delete( group, CurrentPersonId );
groupService.Save( group, CurrentPersonId );
if ( isSecurityRoleGroup )
{
Rock.Security.Authorization.Flush();
}
}
} );
BindGrid();
}
/// <summary>
/// Copies the authorizations from one <see cref="ISecured"/> object to another
/// </summary>
/// <param name="sourceEntity">The source entity.</param>
/// <param name="targetEntity">The target entity.</param>
/// <param name="personId">The person id.</param>
public static void CopyAuthorization( ISecured sourceEntity, ISecured targetEntity, int? personId )
{
// If there's no Authorizations object, create it
if ( Authorizations == null )
{
Load();
}
var sourceEntityTypeId = sourceEntity.TypeId;
var targetEntityTypeId = targetEntity.TypeId;
AuthService authService = new AuthService();
// Delete the current authorizations for the target entity
foreach ( Auth auth in authService.Get( targetEntityTypeId, targetEntity.Id ) )
{
authService.Delete( auth, personId );
}
Dictionary<string, List<AuthRule>> newActions = new Dictionary<string, List<AuthRule>>();
int order = 0;
if ( Authorizations.ContainsKey( sourceEntityTypeId ) && Authorizations[sourceEntityTypeId].ContainsKey( sourceEntity.Id ) )
{
foreach ( KeyValuePair<string, List<AuthRule>> action in Authorizations[sourceEntityTypeId][sourceEntity.Id] )
{
if ( targetEntity.SupportedActions.Contains( action.Key ) )
{
newActions.Add( action.Key, new List<AuthRule>() );
foreach ( AuthRule rule in action.Value )
{
Auth auth = new Auth();
auth.EntityTypeId = targetEntityTypeId;
auth.EntityId = targetEntity.Id;
auth.Order = order;
auth.Action = action.Key;
auth.AllowOrDeny = rule.AllowOrDeny;
auth.SpecialRole = rule.SpecialRole;
auth.PersonId = rule.PersonId;
auth.GroupId = rule.GroupId;
authService.Add( auth, personId );
authService.Save( auth, personId );
newActions[action.Key].Add( new AuthRule( rule.Id, rule.EntityId, rule.AllowOrDeny, rule.SpecialRole, rule.PersonId, rule.GroupId, rule.Order ) );
order++;
}
}
}
}
if ( !Authorizations.ContainsKey( targetEntityTypeId ) )
{
Authorizations.Add( targetEntityTypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
}
Dictionary<int, Dictionary<string, List<AuthRule>>> entityType = Authorizations[targetEntityTypeId];
if ( !entityType.ContainsKey( targetEntity.Id ) )
{
entityType.Add( targetEntity.Id, new Dictionary<string, List<AuthRule>>() );
}
entityType[targetEntity.Id] = newActions;
}
/// <summary>
/// Updates authorization rules for the entity so that the current person is allowed to perform the specified action.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="action">The action.</param>
/// <param name="person">The person.</param>
/// <param name="personId">The person identifier.</param>
public static void AllowPerson( ISecured entity, string action, Person person, int? personId )
{
if ( person != null )
{
// If there's no Authorizations object, create it
if ( Authorizations == null )
{
Load();
}
var authService = new AuthService();
// If there are not entries in the Authorizations object for this entity type and entity instance, create
// the dictionary entries
if ( !Authorizations.Keys.Contains( entity.TypeId ) )
{
Authorizations.Add( entity.TypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
}
if ( !Authorizations[entity.TypeId].Keys.Contains( entity.Id ) )
{
Authorizations[entity.TypeId].Add( entity.Id, new Dictionary<string, List<AuthRule>>() );
}
List<AuthRule> rules = null;
if ( Authorizations[entity.TypeId][entity.Id].Keys.Contains( action ) )
{
rules = Authorizations[entity.TypeId][entity.Id][action];
}
else
{
rules = new List<AuthRule>();
Authorizations[entity.TypeId][entity.Id].Add( action, rules );
}
int order = 0;
Rock.Data.RockTransactionScope.WrapTransaction( () =>
{
Auth auth = new Auth();
auth.EntityTypeId = entity.TypeId;
auth.EntityId = entity.Id;
auth.Order = order++;
auth.Action = action;
auth.AllowOrDeny = "A";
auth.SpecialRole = SpecialRole.None;
auth.PersonId = person.Id;
authService.Add( auth, personId );
authService.Save( auth, personId );
foreach(var rule in rules)
{
var existingAuth = authService.Get( rule.Id );
existingAuth.Order = order++;
authService.Save( existingAuth, personId );
}
rules.Insert(0, new AuthRule( auth ) );
} );
}
}
/// <summary>
/// Makes the private.
/// </summary>
/// <param name="entity">The entity.</param>
/// <param name="action">The action.</param>
/// <param name="person">The person.</param>
/// <param name="personId">The person id.</param>
public static void MakePrivate( ISecured entity, string action, Person person, int? personId )
{
if ( !IsPrivate( entity, action, person ) )
{
if ( person != null )
{
// If there's no Authorizations object, create it
if ( Authorizations == null )
{
Load();
}
var authService = new AuthService();
// If there are not entries in the Authorizations object for this entity type and entity instance, create
// the dictionary entries
if ( !Authorizations.Keys.Contains( entity.TypeId ) )
{
Authorizations.Add( entity.TypeId, new Dictionary<int, Dictionary<string, List<AuthRule>>>() );
}
if ( !Authorizations[entity.TypeId].Keys.Contains( entity.Id ) )
{
Authorizations[entity.TypeId].Add( entity.Id, new Dictionary<string, List<AuthRule>>() );
}
if ( !Authorizations[entity.TypeId][entity.Id].Keys.Contains( action ) )
{
Authorizations[entity.TypeId][entity.Id].Add( action, new List<AuthRule>() );
}
else
{
// If existing rules exist, delete them.
foreach ( AuthRule authRule in Authorizations[entity.TypeId][entity.Id][action] )
{
var oldAuth = authService.Get( authRule.Id );
authService.Delete( oldAuth, personId );
}
}
var rules = new List<AuthRule>();
Auth auth = new Auth();
auth.EntityTypeId = entity.TypeId;
auth.EntityId = entity.Id;
auth.Order = 0;
auth.Action = action;
auth.AllowOrDeny = "A";
auth.SpecialRole = SpecialRole.None;
auth.PersonId = person.Id;
authService.Add( auth, personId );
authService.Save( auth, personId );
rules.Add( new AuthRule( auth ) );
auth = new Auth();
auth.EntityTypeId = entity.TypeId;
auth.EntityId = entity.Id;
auth.Order = 1;
auth.Action = action;
auth.AllowOrDeny = "D";
auth.SpecialRole = SpecialRole.AllUsers;
authService.Add( auth, personId );
authService.Save( auth, personId );
rules.Add( new AuthRule( auth ) );
Authorizations[entity.TypeId][entity.Id][action] = rules;
}
}
}
