internal GetAllSecurityGroupsResponse GetAllGlymaSecurityGroups()
{
GetAllSecurityGroupsResponse result = new GetAllSecurityGroupsResponse()
{
HasError = false
};
IList <string> permissionLevelNames = new List <string>();
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaProjectManager));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapManager));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapAuthor));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapReader));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapReaderOld));
permissionLevelNames.Add(GlymaPermissionLevelHelper.GetPermissionLevelName(GlymaPermissionLevel.GlymaMapAuthorOld));
Dictionary <GlymaPermissionLevel, IList <GlymaSecurityGroup> > results = new Dictionary <GlymaPermissionLevel, IList <GlymaSecurityGroup> >();
foreach (string permissionLevelName in permissionLevelNames)
{
GlymaPermissionLevel permissionLevel = GlymaPermissionLevelHelper.GetPermissionLevelByName(permissionLevelName);
GetSecurityGroupsResponse response = GetSecurityGroups(permissionLevel);
if (!response.HasError)
{
IList <GlymaSecurityGroup> groups = response.Result;
if (results.ContainsKey(permissionLevel))
{
foreach (GlymaSecurityGroup group in groups)
{
if (!results[permissionLevel].Contains(group))
{
results[permissionLevel].Add(group);
}
}
}
else
{
results.Add(permissionLevel, groups);
}
}
else
{
result.HasError = true;
result.ErrorMessage = response.ErrorMessage;
break; //an error occurred so stop at this point
}
}
if (!result.HasError)
{
GlymaSecurityGroupCollection groups = new GlymaSecurityGroupCollection(this, results);
IDictionary <GlymaPermissionLevel, IList <GlymaSecurityGroup> > filteredGroups = groups.FilterGroups();
result.Result = filteredGroups;
}
return(result);
}
/// <summary>
/// Returns a list presenting the SharePoint Security Groups for the current web that have a specified permission associated with them
/// </summary>
/// <param name="webUrl">The URL for the SP site</param>
/// <param name="permissionLevel">The permission level the groups must have</param>
/// <returns>A list of groups (wrapped by a ResponseObject)</returns>
internal GetSecurityGroupsResponse GetSecurityGroups(GlymaPermissionLevel permissionLevel)
{
GetSecurityGroupsResponse result = new GetSecurityGroupsResponse()
{
HasError = false
};
IList <GlymaSecurityGroup> results = new List <GlymaSecurityGroup>();
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(WebUrl))
{
using (SPWeb web = site.OpenWeb())
{
SPRoleDefinition roleDefinition = null;
try
{
// Check if the role exists, if it does a definition will exist
roleDefinition = web.RoleDefinitions[GlymaPermissionLevelHelper.GetPermissionLevelName(permissionLevel)];
}
catch (Exception)
{
//if unable to find the role definition it will throw an exception
}
if (roleDefinition != null)
{
SPRoleAssignmentCollection roleAssignments = web.RoleAssignments;
foreach (SPRoleAssignment roleAssignment in roleAssignments)
{
bool hasRoleDefinition = false;
foreach (
SPRoleDefinition definition in roleAssignment.RoleDefinitionBindings)
{
if (definition.Id == roleDefinition.Id)
{
//The role exists for this role assignment
hasRoleDefinition = true;
break;
}
}
if (hasRoleDefinition)
{
SPGroup group = roleAssignment.Member as SPGroup;
//we only want to look at groups
if (group != null)
{
GlymaSecurityGroup glymaGroup = new GlymaSecurityGroup();
glymaGroup.DisplayName = group.Name;
SecurableContext securableContext = this.GetSecurableContext();
glymaGroup.SecurableContextId = securableContext.SecurableContextId;
GlymaSecurityGroupContext sgc = new GlymaSecurityGroupContext(this, securableContext.SecurableContextId, group.ID, web.ID);
Group glGroup = sgc.GetGroup(group.Name);
if (glGroup == null)
{
glGroup = sgc.CreateGroup(group.Name);
}
if (glGroup != null)
{
glymaGroup.GroupId = glGroup.GroupId;
results.Add(glymaGroup);
}
else
{
result.HasError = true;
result.ErrorMessage = "Failed to create the Group in the Glyma Security Database.";
break;
}
}
}
}
}
else
{
results = new List <GlymaSecurityGroup>(); //there was no role by this name, it has no groups
}
}
}
});
}
catch (Exception ex)
{
//If an error occurs getting the group listing return no groups
result.HasError = true;
result.ErrorMessage = ex.Message;
}
if (!result.HasError)
{
result.Result = results;
}
return(result);
}
/// <summary>
/// This method is called by a Glyma Project Manager when they create a new project, it will associate any Glyma Project Manager group the user belongs to
/// with the newly created project.
/// </summary>
/// <param name="securableObject">Describes the project that was just added</param>
/// <returns>A response object indicating if the operation completed without error.</returns>
internal ResponseObject SetProjectManagerGroupAssociations(GlymaSecurableObject securableObject)
{
ResponseObject result = new ResponseObject()
{
HasError = false
};
try
{
if (this.IsUserProjectManager()) //ensure they are a project manager
{
using (SPSite site = new SPSite(Context.WebUrl))
{
using (SPWeb currentWeb = site.OpenWeb())
{
GetSecurityGroupsResponse response = Context.GetSecurityGroups(GlymaPermissionLevel.GlymaProjectManager);
if (!response.HasError)
{
IList <GlymaSecurityGroup> pmGroupsToAssociate = new List <GlymaSecurityGroup>();
IList <GlymaSecurityGroup> pmGroups = response.Result;
//for any group that is a Glyma Project Manager group
foreach (SPGroup group in CurrentSPUser.Groups)
{
foreach (GlymaSecurityGroup projectManagerGroup in pmGroups)
{
Group glGroup = Context.GetGroup(projectManagerGroup);
if (group.ID == glGroup.GroupSPID)
{
pmGroupsToAssociate.Add(projectManagerGroup);
}
}
}
//Add the security association for every Glyma Project Manager group the current user belongs to.
foreach (GlymaSecurityGroup glGroup in pmGroupsToAssociate)
{
GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(Context, glGroup, securableObject);
ResponseObject addResponse = securityAssociationContext.SetSecurityAssociation(false);
if (addResponse.HasError)
{
//if an error occurs adding the security association for any of the groups stop and return the error
result.HasError = true;
result.ErrorMessage = addResponse.ErrorMessage;
break;
}
}
}
else
{
//there was an error get the groups that have been assigned the permission level of Glyma Project Manager
result.HasError = true;
result.ErrorMessage = response.ErrorMessage;
}
}
}
}
else
{
//Only a Glyma Project Manager can call this method
result.HasError = true;
result.ErrorMessage = "Access Denied. User does not have permissions to access this web service method.";
}
}
catch (Exception ex)
{
result.HasError = true;
result.ErrorMessage = ex.Message;
}
return(result);
}
