public static BasicGeography[] GetNodesInAuthorityForOrganization(BasicAuthority authority, int organizationId, RoleType[] roleTypes) { Organizations organizationLine = Organization.FromIdentity(organizationId).GetLine(); // Build lookup tables Dictionary <int, BasicOrganization> orgLookup = new Dictionary <int, BasicOrganization>(); foreach (BasicOrganization organization in organizationLine) { orgLookup[organization.OrganizationId] = organization; } Dictionary <RoleType, bool> roleLookup = new Dictionary <RoleType, bool>(); foreach (RoleType roleType in roleTypes) { roleLookup[roleType] = true; } // Create list List <BasicGeography> result = new List <BasicGeography>(); if (authority.AllPersonRoles.Length > 0) { Dictionary <int, BasicGeography> geoDict = GeographyCache.GetGeographyHashtable(Geography.RootIdentity); foreach (BasicPersonRole role in authority.AllPersonRoles) { if (orgLookup.ContainsKey(role.OrganizationId)) { if (roleLookup.ContainsKey(role.Type)) { result.Add(geoDict[role.GeographyId]); } } } } return(result.ToArray()); }
public static People FilterPeopleToMatchAuthority(People people, Authority authority, int gracePeriod) { // First: If sysadmin, return the whole list uncensored. if (IsSystemAdministrator(authority)) { return(people); } SwarmDb databaseRead = SwarmDb.GetDatabaseForReading(); if (gracePeriod == -1) { gracePeriod = Membership.GracePeriod; } Dictionary <int, List <BasicMembership> > membershipTable = databaseRead.GetMembershipsForPeople(people.Identities, gracePeriod); Dictionary <int, int> geographyTable = databaseRead.GetPeopleGeographies(people.Identities); Dictionary <int, Person> clearedPeople = new Dictionary <int, Person>(); // TODO: Add org admin role, able to see previous members that aren't anonymized yet // Clear by organization roles foreach (BasicPersonRole role in authority.OrganizationPersonRoles) { Dictionary <int, BasicOrganization> clearedOrganizations = OrganizationCache.GetOrganizationHashtable(role.OrganizationId); foreach (Person person in people) { // Is the organization cleared in this officer's role for this to-be-viewed member? if (membershipTable.ContainsKey(person.Identity)) { foreach (BasicMembership membership in membershipTable[person.Identity]) { if (clearedOrganizations.ContainsKey(membership.OrganizationId) && authority.HasPermission(Permission.CanSeePeople, membership.OrganizationId, person.GeographyId, Flag.Default)) { if (membership.Active || (membership.Expires > DateTime.Now.AddDays(-gracePeriod) && membership.Expires.AddDays(1) > membership.DateTerminated && authority.HasPermission(Permission.CanSeeExpiredDuringGracePeriod, membership.OrganizationId, person.GeographyId, Flag.Default))) { clearedPeople[person.Identity] = person; break; } } } } /* -- commented out. This means "does the current authority have Org Admin privileges over Person"? * else if (CanSeeNonMembers) * { //person isn't member anywhere * clearedPeople[person.Identity] = person; * }*/ } } // Clear by node roles: // // For each node role, check if each member is in a cleared geography AND a cleared organization. // If so, permit view of this member. (A person in a branch of a geographical area for organizations X and Z // should see only people of those organizations only on those nodes.) foreach (BasicPersonRole role in authority.LocalPersonRoles) { Dictionary <int, BasicGeography> clearedGeographies = GeographyCache.GetGeographyHashtable(role.GeographyId); Dictionary <int, BasicOrganization> clearedOrganizations = OrganizationCache.GetOrganizationHashtable(role.OrganizationId); foreach (Person person in people) { // Is the node AND the organization cleared in this officer's role for this to-be-viewed member? if (membershipTable.ContainsKey(person.Identity)) { foreach (BasicMembership membership in membershipTable[person.Identity]) { int organizationClear = 0; int geographyClear = 0; if (clearedOrganizations.ContainsKey(membership.OrganizationId)) { organizationClear = membership.OrganizationId; if (clearedGeographies.ContainsKey(geographyTable[person.Identity])) { geographyClear = geographyTable[person.Identity]; } if (organizationClear > 0 && geographyClear > 0 && authority.HasPermission(Permission.CanSeePeople, organizationClear, geographyClear, Flag.Default)) { if (membership.Active || (membership.Expires > DateTime.Now.AddDays(-gracePeriod) && membership.Expires.AddDays(1) > membership.DateTerminated && authority.HasPermission(Permission.CanSeeExpiredDuringGracePeriod, membership.OrganizationId, person.GeographyId, Flag.Default))) { clearedPeople[person.Identity] = person; break; } } } } } } } // End: Assemble an array of the resulting cleared people People result = new People(); foreach (Person clearedPerson in clearedPeople.Values) { result.Add(clearedPerson); } return(result); }
public static Memberships FilterMembershipsToMatchAuthority(Memberships memberships, Geography personGeography, Authority authority) { // First: If sysadmin, return the whole list uncensored. if (IsSystemAdministrator(authority)) { return(memberships); } Dictionary <int, Membership> clearedMemberships = new Dictionary <int, Membership>(); // foreach (BasicPersonRole role in authority.OrganizationPersonRoles) { Dictionary <int, BasicOrganization> clearedOrganizations = OrganizationCache.GetOrganizationHashtable(role.OrganizationId); foreach (Membership membership in memberships) { bool organizationClear = clearedOrganizations.ContainsKey(membership.OrganizationId); if (organizationClear && authority.HasPermission(Permission.CanViewMemberships, membership.OrganizationId, membership.Person.GeographyId, Flag.Default)) { clearedMemberships[membership.Identity] = membership; } } } foreach (BasicPersonRole role in authority.LocalPersonRoles) { Dictionary <int, BasicGeography> clearedGeographies = GeographyCache.GetGeographyHashtable(role.GeographyId); Dictionary <int, BasicOrganization> clearedOrganizations = OrganizationCache.GetOrganizationHashtable(role.OrganizationId); bool geographyClear = clearedGeographies.ContainsKey(personGeography.Identity); geographyClear = geographyClear && authority.HasPermission(Permission.CanViewMemberships, role.OrganizationId, personGeography.Identity, Flag.Default); if (geographyClear) { foreach (Membership membership in memberships) { bool organizationClear = clearedOrganizations.ContainsKey(membership.OrganizationId); if (organizationClear) { clearedMemberships[membership.Identity] = membership; } } } } // Assemble the array Memberships result = new Memberships(); foreach (Membership membership in clearedMemberships.Values) { result.Add(membership); } return(result); }