public AclEditor Merge(AclEditor other)
{
if (other.node.Id == this.node.Id)
throw new InvalidOperationException("Cannot merge with same Node.");
mergedEditors.Add(other);
return this;
}
public AclEditor Merge(AclEditor other)
{
if (other.node.Id == this.node.Id)
{
throw new InvalidOperationException("Cannot merge with same Node.");
}
mergedEditors.Add(other);
return(this);
}
private static IEnumerable<SecurityEntry> GetEntriesFromAcl(AclEditor ed, SnAccessControlList origAcl, SnAccessControlList acl)
{
var newEntries = new List<SecurityEntry>();
foreach (var entry in acl.Entries)
{
var origEntry = origAcl.Entries.Where(x => x.Identity.NodeId == entry.Identity.NodeId && x.Propagates == entry.Propagates).FirstOrDefault();
if (origEntry == null)
{
ed.AddEntry(entry);
}
else
{
//---- play modifications
var ident = entry.Identity.NodeId;
var propagates = entry.Propagates;
var perms = entry.Permissions.ToArray();
var origPerms = origEntry.Permissions.ToArray();
//---- reset deny bits
for (int i = ActiveSchema.PermissionTypes.Count - 1; i >= 0; i--)
{
var perm = perms[i];
var origPerm = origPerms[i];
if (perm.DenyEnabled)
if (origPerm.Deny && !perm.Deny) // reset
{
ed.SetPermission(ident, propagates, ActiveSchema.PermissionTypes[perm.Name], PermissionValue.NonDefined);
//Trace.WriteLine("@> Reset deny " + perm.Name);
}
}
//---- reset allow bits
for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
{
var perm = perms[i];
var origPerm = origPerms[i];
if (perm.AllowEnabled)
if (origPerm.Allow && !perm.Allow) // reset
{
ed.SetPermission(ident, propagates, ActiveSchema.PermissionTypes[perm.Name], PermissionValue.NonDefined);
//Trace.WriteLine("@> Reset allow " + perm.Name);
}
}
//---- set allow bits
for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
{
var perm = perms[i];
var origPerm = origPerms[i];
if (perm.AllowEnabled)
if (!origPerm.Allow && perm.Allow) // set
{
ed.SetPermission(ident, propagates, ActiveSchema.PermissionTypes[perm.Name], PermissionValue.Allow);
//Trace.WriteLine("@> Set allow " + perm.Name);
}
}
//---- set deny bits
for (int i = ActiveSchema.PermissionTypes.Count - 1; i >= 0; i--)
{
var perm = perms[i];
var origPerm = origPerms[i];
if (perm.DenyEnabled)
if (!origPerm.Deny && perm.Deny) // set
{
ed.SetPermission(ident, propagates, ActiveSchema.PermissionTypes[perm.Name], PermissionValue.Deny);
//Trace.WriteLine("@> Set deny " + perm.Name);
}
}
//---- reset entry if it is subset of the original (entry will be removed)
var newEntry = ed.GetEntry(entry.Identity.NodeId, entry.Propagates);
var newPerms = newEntry.Permissions.ToArray();
var deletable = true;
for (int i = 0; i < newPerms.Length; i++)
{
var newPerm = newPerms[i];
var origPerm = origPerms[i];
if (newPerm.AllowEnabled && newPerm.Allow)
{
deletable = false;
break;
}
if (newPerm.DenyEnabled && newPerm.Deny)
{
deletable = false;
break;
}
}
if (deletable)
newEntry.SetPermissionsBits(0, 0);
}
}
var entries = PermissionEvaluator.Instance.SetAcl(ed.Acl);
return entries;
}
public IEnumerable<SecurityEntry> GetEntriesFromAcl(AclEditor ed, SnAccessControlList origAcl, SnAccessControlList acl)
{
return (IEnumerable<SecurityEntry>)CallPrivateStaticMethod("GetEntriesFromAcl", new Type[] { typeof(AclEditor), typeof(SnAccessControlList), typeof(SnAccessControlList) }, ed, origAcl, acl);
}
public AclEditorAccessor(AclEditor target) : base(target) { }