protected override bool TryAssert(OrganizationServiceContext serviceContext, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies, ContentMap map) { if (entity == null) { throw new ArgumentNullException("entity"); } if (entity.LogicalName == "adx_blog") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_blog ({1}).", right, entity.Id)); return(this.TryAssertBlog(serviceContext, entity, right, dependencies, map)); } if (entity.LogicalName == "adx_blogpost") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_blogpost ({1}).", right, entity.Id)); dependencies.AddEntityDependency(entity); return(this.TryAssertBlogPost(serviceContext, entity, right, dependencies)); } if (entity.LogicalName == "adx_blogpostcomment") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_blogpostcomment ({1}).", right, entity.Id)); dependencies.AddEntityDependency(entity); return(this.TryAssertBlogPostComment(serviceContext, entity, right, dependencies)); } throw new NotSupportedException("Entities of type {0} are not supported by this provider.".FormatWith(entity.LogicalName)); }
protected override bool TryAssert(OrganizationServiceContext serviceContext, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies, ContentMap map) { entity.ThrowOnNull("entity"); dependencies.AddEntityDependency(entity); ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on {1} ""{2}"" ({3}).", right, entity.LogicalName, entity.GetAttributeValue <string>("adx_name"), entity.Id)); switch (entity.LogicalName) { case "adx_ideaforum": dependencies.AddEntitySetDependency("adx_webrole"); return(this.TryAssertIdeaForum(entity, right, dependencies, map)); case "adx_idea": return(this.TryAssertIdea(serviceContext, entity, right, dependencies, map)); case "adx_ideacomment": return(this.TryAssertIdeaComment(serviceContext, entity, right, dependencies, map)); case "adx_ideavote": return(this.TryAssertIdeaVote(serviceContext, entity, right, dependencies, map)); default: throw new NotSupportedException("Entities of type {0} are not supported by this provider.".FormatWith(entity.LogicalName)); } }
public override bool TryAssert(OrganizationServiceContext context, Entity currentEvent, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies) { currentEvent.AssertEntityName("adx_event"); ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("Testing right {0} on event ({1}).", right, currentEvent.Id)); dependencies.AddEntityDependency(currentEvent); dependencies.AddEntitySetDependency("adx_webrole"); dependencies.AddEntitySetDependency("adx_eventaccesspermission"); if (!Roles.Enabled) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, "Roles are not enabled for this application. Allowing Read, but not Change."); // If roles are not enabled on the site, grant Read, deny Change. return(right == CrmEntityRight.Read); } // Windows Live ID Server decided to return null for an unauthenticated user's name // A null username, however, breaks the Roles.GetRolesForUser() because it expects an empty string. var currentUsername = (HttpContext.Current.User != null && HttpContext.Current.User.Identity != null) ? HttpContext.Current.User.Identity.Name ?? string.Empty : string.Empty; var userRoles = Roles.GetRolesForUser(currentUsername); // Get all rules applicable to the event, grouping equivalent rules. (Rules that // target the same event and confer the same right are equivalent.) var ruleGroupings = from rule in GetRulesApplicableToEvent(context, currentEvent, dependencies) let eventReference = rule.GetAttributeValue <EntityReference>("adx_eventid") let rightOption = rule.GetAttributeValue <OptionSetValue>("adx_right") where eventReference != null && rightOption != null group rule by new { EventID = eventReference.Id, Right = rightOption.Value } into ruleGrouping select ruleGrouping; var websiteReference = currentEvent.GetAttributeValue <EntityReference>("adx_websiteid"); foreach (var ruleGrouping in ruleGroupings) { // Collect the names of all the roles that apply to this rule grouping var ruleGroupingRoles = ruleGrouping.SelectMany(rule => rule.GetRelatedEntities(context, "adx_eventaccesspermission_webrole").ToList() .Where(role => BelongsToWebsite(websiteReference, role)) .Select(role => role.GetAttributeValue <string>("adx_name"))); // Determine if the user belongs to any of the roles that apply to this rule grouping var userIsInAnyRoleForThisRule = ruleGroupingRoles.Any(role => userRoles.Any(userRole => userRole == role)); // If the user belongs to one of the roles... if (userIsInAnyRoleForThisRule) { if (ruleGrouping.Key.Right != RestrictRead) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("User has right Change on forum ({0}). Permission granted.", ruleGrouping.Key.EventID)); // ...the user has all rights. return(true); } } // If the user does not belong to any of the roles, the rule restricts read, and the desired right // is read... else if (ruleGrouping.Key.Right == RestrictRead && right == CrmEntityRight.Read) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("User does not have right Read due to read restriction on event ({0}). Permission denied.", ruleGrouping.Key.EventID)); // ...the user has no right. return(false); } } //Get all membership type applicable to the event var membershipTypes = currentEvent.GetRelatedEntities(context, "adx_event_membershiptype"); //If the event has membership types, specific user has right to access it. If there is no membership type, every user has right. if (membershipTypes.Any()) { var contact = PortalContext.Current.User; //Anonymouse user has no right. if (contact == null) { return(false); } foreach (var membershipType in membershipTypes) { if (contact.GetRelatedEntities(context, "adx_membership_contact").Any(m => m.GetAttributeValue <EntityReference>("adx_membershiptypeid") == membershipType.ToEntityReference())) { return(true); } } return(false); } // If none of the above rules apply, assert on parent webpage. var parentWebPage = currentEvent.GetRelatedEntity(context, "adx_webpage_event"); // If there is no parent web page, grant Read by default, and deny Change. if (parentWebPage == null) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, "No access control rules apply to the current user and event. Allowing Read, but not Change."); return(right == CrmEntityRight.Read); } ADXTrace.Instance.TraceInfo(TraceCategory.Application, "No access control rules apply to the current user and event. Asserting right on parent web page."); return(_webPageAccessControlProvider.TryAssert(context, parentWebPage, right, dependencies)); }
/// <summary> The add dependencies. </summary> /// <param name="dependencies"> The dependencies. </param> /// <param name="entity"> The entity. </param> /// <param name="attributes"> The attributes. </param> protected void AddDependencies(CrmEntityCacheDependencyTrace dependencies, Entity entity, string[] attributes) { attributes.ForEach(dependencies.AddEntitySetDependency); dependencies.AddEntityDependency(entity); }
public override bool TryAssert(OrganizationServiceContext serviceContext, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies) { entity.ThrowOnNull("entity"); if (entity.LogicalName == "adx_issueforum") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_issueforum ({1}).", right, entity.Id)); dependencies.AddEntityDependency(entity); dependencies.AddEntitySetDependency("adx_webrole"); return(right == CrmEntityRight.Change ? UserInRole("adx_webrole_issueforum_write", false, serviceContext, entity, dependencies) : UserInRole("adx_webrole_issueforum_read", true, serviceContext, entity, dependencies) || UserInRole("adx_webrole_issueforum_write", false, serviceContext, entity, dependencies)); } if (entity.LogicalName == "adx_issue") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_issue ({1}).", right, entity.Id)); dependencies.AddEntityDependency(entity); var issueForum = entity.GetRelatedEntity(serviceContext, new Relationship("adx_issueforum_issue")); if (issueForum == null) { return(false); } var approved = entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false); // If the right being asserted is Read, and the issue is approved, assert whether the issue forum is readable. if (right == CrmEntityRight.Read && approved) { return(TryAssert(serviceContext, issueForum, right, dependencies)); } return(TryAssert(serviceContext, issueForum, CrmEntityRight.Change, dependencies)); } if (entity.LogicalName == "adx_issuecomment") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_issuecomment ({1}).", right, entity.Id)); dependencies.AddEntityDependency(entity); var issue = entity.GetRelatedEntity(serviceContext, new Relationship("adx_issue_issuecomment")); if (issue == null) { return(false); } var approved = entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false); // If the right being asserted is Read, and the comment is approved, assert whether the issue is readable. if (right == CrmEntityRight.Read && approved) { return(TryAssert(serviceContext, issue, right, dependencies)); } return(TryAssert(serviceContext, issue, CrmEntityRight.Change, dependencies)); } if (entity.LogicalName == "adx_issuevote") { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on adx_issuevote ({1}).", entity.Id)); dependencies.AddEntityDependency(entity); var issue = entity.GetRelatedEntity(serviceContext, new Relationship("adx_issue_issuevote")); return(issue != null && TryAssert(serviceContext, issue, right, dependencies)); } throw new NotSupportedException("Entities of type {0} are not supported by this provider.".FormatWith(entity.LogicalName)); }
public override bool TryAssert(OrganizationServiceContext context, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies) { if (entity == null || right == CrmEntityRight.Change) { return(false); } dependencies.AddEntityDependency(entity); dependencies.AddEntitySetDependency("adx_webrole"); dependencies.AddEntitySetDependency("adx_webrole_contact"); dependencies.AddEntitySetDependency("adx_webrole_account"); dependencies.AddEntitySetDependency("adx_websiteaccess"); var entityName = entity.LogicalName; // Weblinks require some special handling. if (entityName == "adx_weblink") { var weblinkPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_weblink"); // If a weblink has a publishing state, and that state is not visible, state access is // denied (unless the user can preview). if (weblinkPublishingState != null && !weblinkPublishingState.GetAttributeValue <bool?>("adx_isvisible").GetValueOrDefault()) { dependencies.AddEntityDependency(weblinkPublishingState); return(UserCanPreview(context, entity)); } var weblinkPage = context.RetrieveRelatedEntity(entity, "adx_webpage_weblink"); // If a weblink has an associated page, and page validation is not disabled, return the // result of assertion on that page. if (weblinkPage != null && !entity.GetAttributeValue <bool?>("adx_disablepagevalidation").GetValueOrDefault(false)) { return(TryAssert(context, weblinkPage, right, dependencies)); } } if (entityName == "adx_idea") { return(entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false)); } if (entityName == "adx_ideacomment") { return(entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false)); } EntityReference publishingStateReference = null; Entity entityPublishingState = null; switch (entityName) { case "adx_webpage": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; case "adx_weblinkset": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; case "adx_webfile": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; case "adx_communityforum": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; case "adx_communityforumpost": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; case "adx_ad": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; // legacy entities case "adx_event": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_event"); break; case "adx_eventschedule": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_eventschedule"); break; case "adx_eventspeaker": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_eventspeaker"); break; case "adx_eventsponsor": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_eventsponsor"); break; case "adx_survey": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_survey"); break; } if (publishingStateReference != null) { entityPublishingState = context.RetrieveSingle( "adx_publishingstate", new[] { "adx_isvisible" }, new Condition("adx_publishingstateid", ConditionOperator.Equal, publishingStateReference.Id)); } if (entityPublishingState == null) { return(true); } dependencies.AddEntityDependency(entityPublishingState); if (entityPublishingState.GetAttributeValue <bool?>("adx_isvisible").GetValueOrDefault()) { return(true); } return(UserCanPreview(context, entityPublishingState)); }
public override bool TryAssert(OrganizationServiceContext context, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies) { if (entity == null || right == CrmEntityRight.Change) { return(false); } dependencies.AddEntityDependency(entity); dependencies.AddEntitySetDependency("adx_webrole"); dependencies.AddEntitySetDependency("adx_webrole_contact"); dependencies.AddEntitySetDependency("adx_webrole_account"); dependencies.AddEntitySetDependency("adx_websiteaccess"); var entityName = entity.LogicalName; if (entityName == "adx_idea") { return(entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false)); } if (entityName == "adx_ideacomment") { return(entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false)); } EntityReference publishingStateReference = null; Entity entityPublishingState = null; switch (entityName) { case "adx_communityforumpost": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; case "adx_ad": publishingStateReference = entity.GetAttributeValue <EntityReference>("adx_publishingstateid"); break; // legacy entities case "adx_event": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_event"); break; case "adx_eventschedule": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_eventschedule"); break; case "adx_eventspeaker": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_eventspeaker"); break; case "adx_eventsponsor": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_eventsponsor"); break; case "adx_survey": entityPublishingState = context.RetrieveRelatedEntity(entity, "adx_publishingstate_survey"); break; } if (publishingStateReference != null) { entityPublishingState = context.RetrieveSingle( "adx_publishingstate", new[] { "adx_isvisible" }, new Condition("adx_publishingstateid", ConditionOperator.Equal, publishingStateReference.Id)); } if (entityPublishingState == null) { return(true); } dependencies.AddEntityDependency(entityPublishingState); if (entityPublishingState.GetAttributeValue <bool?>("adx_isvisible").GetValueOrDefault()) { return(true); } return(UserCanPreview(context, entityPublishingState)); }
/// <summary> /// Test whether or not an Entity's published dates are visible in the current context. /// </summary> /// <param name="context">OrganizationServiceContext</param> /// <param name="entity">CRM Entity</param> /// <param name="right">Entity Right</param> /// <param name="dependencies">Cache Dependency Trace</param> /// <param name="map">Content Map</param> /// <returns></returns> protected override bool TryAssert(OrganizationServiceContext context, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies, ContentMap map) { if (entity == null || right == CrmEntityRight.Change) { return(false); } dependencies.AddEntityDependency(entity); dependencies.AddEntitySetDependency("adx_webrole"); dependencies.AddEntitySetDependency("adx_websiteaccess"); var entityName = entity.LogicalName; var releaseDate = DateTime.MinValue; var expiryDate = DateTime.MaxValue; if (entityName == "adx_webpage" || entityName == "adx_webfile" || entityName == "adx_event" || entityName == "adx_survey" || entityName == "adx_ad") { releaseDate = entity.GetAttributeValue <DateTime?>("adx_releasedate").GetValueOrDefault(DateTime.MinValue); expiryDate = entity.GetAttributeValue <DateTime?>("adx_expirationdate").GetValueOrDefault(DateTime.MaxValue); } else if (entityName == "adx_weblink") { if (!entity.GetAttributeValue <bool?>("adx_disablepagevalidation").GetValueOrDefault(false)) { var pageReference = entity.GetAttributeValue <EntityReference>("adx_pageid"); if (pageReference != null) { WebPageNode rootPage; if (map.TryGetValue(pageReference, out rootPage)) { var weblinkWebPage = HttpContext.Current.GetContextLanguageInfo().FindLanguageSpecificWebPageNode(rootPage, false); if (weblinkWebPage != null) { return(TryAssert(context, weblinkWebPage.ToEntity(), right, dependencies)); } } } } return(true); } else if (entityName == "adx_shortcut") { if (!entity.GetAttributeValue <bool?>("adx_disabletargetvalidation").GetValueOrDefault(false)) { var pageReference = entity.GetAttributeValue <EntityReference>("adx_webpageid"); var webFileReference = entity.GetAttributeValue <EntityReference>("adx_webfileid"); if (pageReference != null) { WebPageNode rootPage; if (map.TryGetValue(pageReference, out rootPage)) { var shortcutWebPage = HttpContext.Current.GetContextLanguageInfo().FindLanguageSpecificWebPageNode(rootPage, false); if (shortcutWebPage != null) { return(TryAssert(context, shortcutWebPage.ToEntity(), right, dependencies)); } } } else if (webFileReference != null) { WebFileNode webFile; if (map.TryGetValue(webFileReference, out webFile)) { return(TryAssert(context, webFile.ToEntity(), right, dependencies)); } } } var parentPageReference = entity.GetAttributeValue <EntityReference>("adx_parentpage_webpageid"); if (parentPageReference != null) { WebPageNode rootPage; if (map.TryGetValue(parentPageReference, out rootPage)) { var parentPage = HttpContext.Current.GetContextLanguageInfo().FindLanguageSpecificWebPageNode(rootPage, false); return(TryAssert(context, parentPage.ToEntity(), right, dependencies)); } } return(true); } return(UserCanPreview(context, entity) || InnerTryAssert(releaseDate, expiryDate)); }
public bool TryAssertRightProperty(OrganizationServiceContext context, string rightPropertyName, CrmEntityCacheDependencyTrace dependencies) { // If Roles are not enabled on the site, deny permission. if (!Roles.Enabled) { ADXTrace.Instance.TraceError(TraceCategory.Application, "Roles are not enabled for this application. Permission denied."); return(false); } dependencies.AddEntitySetDependency("adx_webrole"); dependencies.AddEntitySetDependency("adx_webrole_contact"); dependencies.AddEntitySetDependency("adx_webrole_account"); dependencies.AddEntityDependency(_website); var userRoles = this.GetUserRoles(); if (!userRoles.Any()) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, "No roles were found for the current user. Permission denied."); return(false); } var websiteaccessFetch = new Fetch { Entity = new FetchEntity("adx_websiteaccess", new [] { "adx_manageweblinksets", "adx_previewunpublishedentities" }) { Filters = new[] { new Filter { Conditions = new[] { new Condition( "adx_websiteid", ConditionOperator.Equal, this._website.Id), } } } } }; var rules = context.RetrieveMultiple(websiteaccessFetch).Entities; // If no access permissions are defined for this site, deny permission. if (!rules.Any()) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, "No website access permission rules were found for the current website. Permission denied."); return(false); } dependencies.AddEntityDependencies(rules); foreach (var rule in rules) { var ruleRoles = context.RetrieveRelatedEntities(rule, "adx_websiteaccess_webrole", new [] { "adx_name" }).Entities; if (ruleRoles == null) { continue; } var ruleRoleNames = ruleRoles.Select(role => role.GetAttributeValue <string>("adx_name")); var roleIntersection = ruleRoleNames.Intersect(userRoles, StringComparer.InvariantCulture); // If the user is in any of the roles associated with the permission rule, and // the rightsPredicate evaluates to true for the given rule, grant permission. if (roleIntersection.Any() && rule.GetAttributeValue <bool?>(rightPropertyName).GetValueOrDefault(false)) { return(true); } } // If no permission rules meet the necessary conditions, deny permission. return(false); }
protected virtual bool TestFeedback(OrganizationServiceContext context, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies) { ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format(@"Testing right {0} on feedback ({1}).", right, entity.Id)); dependencies.AddEntityDependency(entity); EntityReference relatedReference = entity.GetAttributeValue <EntityReference>("regardingobjectid"); if (relatedReference == null) { return(false); } // Determine the primary ID attribute of the regarding object var request = new RetrieveEntityRequest { LogicalName = relatedReference.LogicalName, EntityFilters = EntityFilters.Entity }; var response = context.Execute(request) as RetrieveEntityResponse; if (response == null || response.EntityMetadata == null) { return(false); } var primaryIdAttribute = response.EntityMetadata.PrimaryIdAttribute; // Retrieve the regarding object var relatedEntity = context.CreateQuery(relatedReference.LogicalName) .FirstOrDefault(e => e.GetAttributeValue <Guid>(primaryIdAttribute) == relatedReference.Id); if (relatedEntity == null) { return(false); } var approved = entity.GetAttributeValue <bool?>("adx_approved").GetValueOrDefault(false); // If the right being asserted is Read, and the comment is approved, assert whether the post is readable. if (right == CrmEntityRight.Read && approved) { return(TryAssert(context, relatedEntity, right, dependencies)); } var author = entity.GetAttributeValue <EntityReference>("createdbycontact"); // If there's no author on the post for some reason, only allow posts that are published, and pass the same assertion on the blog. if (author == null) { return(approved && TryAssert(context, relatedEntity, right, dependencies)); } var portal = PortalCrmConfigurationManager.CreatePortalContext(); // If we can't get a current portal user, only allow posts that are published, and pass the same assertion on the blog. if (portal == null || portal.User == null) { return(approved && TryAssert(context, relatedEntity, right, dependencies)); } return(TryAssert(context, relatedEntity, right, dependencies)); }
private bool InnerTryAssert(OrganizationServiceContext context, Entity entity, CrmEntityRight right, CrmEntityCacheDependencyTrace dependencies) { if (entity == null) { return(false); } if (right == CrmEntityRight.Read && (!_publishedDatesAccessProvider.TryAssert(context, entity) || !_publishingStateAccessProvider.TryAssert(context, entity))) { // We let the date and state access providers handle their own caching logic, so we signal any // caching providers above this one to not cache this result. dependencies.IsCacheable = false; return(false); } dependencies.AddEntityDependency(entity); var entityName = entity.LogicalName; CrmEntityInactiveInfo inactiveInfo; if (CrmEntityInactiveInfo.TryGetInfo(entityName, out inactiveInfo) && inactiveInfo.IsInactive(entity)) { return(false); } if (entityName == "adx_webpage") { return(TestWebPage(context, entity, right, dependencies)); } if (entityName == "feedback") { return(TestFeedback(context, entity, right, dependencies)); } if (entityName == "adx_event") { return(TestEvent(context, entity, right, dependencies)); } if (entityName == "adx_eventschedule") { return(TestEventSchedule(context, entity, right, dependencies)); } if ((entityName == "adx_eventspeaker" || entityName == "adx_eventsponsor") && right == CrmEntityRight.Read) { return(true); } if (entityName == "adx_communityforum") { return(TestForum(context, entity, right, dependencies)); } if (entityName == "adx_communityforumthread") { return(TestForumThread(context, entity, right, dependencies)); } if (entityName == "adx_communityforumpost") { return(TestForumPost(context, entity, right, dependencies)); } if (entityName == "adx_communityforumannouncement") { return(TestForumAnnouncement(context, entity, right, dependencies)); } if (entityName == "adx_forumthreadtype") { return(right == CrmEntityRight.Read); } if ((entityName == "adx_pagetemplate" || entityName == "adx_publishingstate" || "adx_websitelanguage" == entityName) && right == CrmEntityRight.Read) { return(true); } if (entityName == "adx_webfile") { return(TestWebFile(context, entity, right, dependencies)); } if (entityName == "adx_contentsnippet" || entityName == "adx_weblinkset" || entityName == "adx_weblink" || entityName == "adx_sitemarker") { return(TestWebsiteAccessPermission(context, entity, right, dependencies)); } if (entityName == "adx_shortcut") { return(TestShortcut(context, entity, right, dependencies)); } if (entityName == "adx_blog") { return(TestBlog(context, entity, right, dependencies)); } if (entityName == "adx_blogpost") { return(TestBlogPost(context, entity, right, dependencies)); } if (entityName == "adx_ideaforum") { return(TestIdeaForum(context, entity, right, dependencies)); } if (entityName == "adx_idea") { return(TestIdea(context, entity, right, dependencies)); } if (entityName == "adx_ideacomment") { return(TestIdeaComment(context, entity, right, dependencies)); } if (entityName == "adx_ideavote") { return(TestIdeaVote(context, entity, right, dependencies)); } if (entityName == "adx_issueforum") { return(TestIssueForum(context, entity, right, dependencies)); } if (entityName == "adx_issue") { return(TestIssue(context, entity, right, dependencies)); } if (entityName == "adx_issuecomment") { return(TestIssueComment(context, entity, right, dependencies)); } if (entityName == "adx_adplacement" || entityName == "adx_ad") { return(right == CrmEntityRight.Read); } if (entityName == "email") { return(right == CrmEntityRight.Read); } if (entityName == "incident" && right == CrmEntityRight.Read) { return(IsPublicCase(entity)); } if (IsPortalKbArticle(entity)) { return(right == CrmEntityRight.Read); } if (IsPublicKnowledgeArticle(entity)) { return(right == CrmEntityRight.Read); } if (IsCategory(entity)) { return(right == CrmEntityRight.Read); } if (IsAnnotation(entity)) { return(right == CrmEntityRight.Read); } // To allow note attachments to be read by the customer to which the order or quote belongs. if (entityName == "salesorder" || entityName == "quote") { var customerid = entity.GetAttributeValue <EntityReference>("customerid"); var portalContext = PortalCrmConfigurationManager.CreatePortalContext(PortalName); return(right == CrmEntityRight.Read && customerid != null && portalContext != null && portalContext.User != null && customerid.Equals(portalContext.User.ToEntityReference())); } if (TestServiceRequest(context, entity)) { return(right == CrmEntityRight.Read); } Entity parentPermit; if (TryGetParentPermit(context, entity, out parentPermit)) { return(TestParentPermit(context, parentPermit, right)); } return(false); }