private bool UserHasRightToDownload(EntityToken file)
        {
            var userToken = UserValidationFacade.GetUserToken();
            var userPermissionDefinitions      = PermissionTypeFacade.GetUserPermissionDefinitions(userToken.Username);
            var userGroupPermissionDefinitions = PermissionTypeFacade.GetUserGroupPermissionDefinitions(userToken.Username);

            var requiredPermissions = DownloadFileActionToken.RequiredPermissionTypes;

            return(SecurityResolver.Resolve(userToken, requiredPermissions, file, userPermissionDefinitions, userGroupPermissionDefinitions)
                   == SecurityResult.Allowed);
        }
        public static IEnumerable <Element> FilterActions(this IEnumerable <Element> elements)
        {
            if (elements == null)
            {
                throw new ArgumentNullException("elements");
            }

#if NO_SECURITY
            return(elements);
#else
            UserToken userToken = UserValidationFacade.GetUserToken();

            IEnumerable <UserPermissionDefinition>      userPermissionDefinitions     = PermissionTypeFacade.GetUserPermissionDefinitions(userToken.Username);
            IEnumerable <UserGroupPermissionDefinition> userGroupPermissionDefinition = PermissionTypeFacade.GetUserGroupPermissionDefinitions(userToken.Username);

            foreach (Element element in elements)
            {
                if (PermissionTypeFacade.IsSubBrachContainingPermissionTypes(userToken, element.ElementHandle.EntityToken, userPermissionDefinitions, userGroupPermissionDefinition))
                {
                    List <ElementAction> actionsToRemove = new List <ElementAction>();
                    foreach (ElementAction elementAction in element.Actions)
                    {
                        if (SecurityResolver.Resolve(userToken, elementAction.ActionHandle.ActionToken, element.ElementHandle.EntityToken, userPermissionDefinitions, userGroupPermissionDefinition) == SecurityResult.Disallowed)
                        {
                            actionsToRemove.Add(elementAction);
                        }
                    }

                    foreach (ElementAction elementAction in actionsToRemove)
                    {
                        element.RemoveAction(elementAction);
                    }

                    // Drag & drop security
                    if (element.MovabilityInfo != null)
                    {
                        if (SecurityResolver.Resolve(userToken, new DragAndDropActionToken(), element.ElementHandle.EntityToken, userPermissionDefinitions, userGroupPermissionDefinition) == SecurityResult.Disallowed)
                        {
                            element.RemoveMovabilityInfo();
                        }
                    }

                    yield return(element);
                }
            }
#endif
        }
Exemplo n.º 3
0
        internal static IEnumerable <Element> FilterActions(this IEnumerable <Element> elements,
                                                            UserToken userToken,
                                                            ICollection <UserPermissionDefinition> userPermissionDefinitions,
                                                            ICollection <UserGroupPermissionDefinition> userGroupPermissionDefinition)
        {
            Verify.ArgumentNotNull(elements, nameof(elements));

#if NO_SECURITY
            return(elements);
#else
            foreach (var element in elements)
            {
                var actionsToRemove = new List <ElementAction>();
                foreach (ElementAction elementAction in element.Actions)
                {
                    if (SecurityResolver.Resolve(userToken, elementAction.ActionHandle.ActionToken,
                                                 element.ElementHandle.EntityToken, userPermissionDefinitions,
                                                 userGroupPermissionDefinition) == SecurityResult.Disallowed)
                    {
                        actionsToRemove.Add(elementAction);
                    }
                }

                foreach (ElementAction elementAction in actionsToRemove)
                {
                    element.RemoveAction(elementAction);
                }

                // Drag & drop security
                if (element.MovabilityInfo != null)
                {
                    if (SecurityResolver.Resolve(userToken, new DragAndDropActionToken(),
                                                 element.ElementHandle.EntityToken, userPermissionDefinitions,
                                                 userGroupPermissionDefinition) == SecurityResult.Disallowed)
                    {
                        element.RemoveMovabilityInfo();
                    }
                }

                yield return(element);
            }
#endif
        }
        /// <exclude />
        public static FlowToken Execute(EntityToken entityToken, ActionToken actionToken, FlowControllerServicesContainer flowControllerServicesContainer, TaskManagerEvent taskManagerEvent)
        {
            if (entityToken == null)
            {
                throw new ArgumentNullException("entityToken");
            }
            if (actionToken == null)
            {
                throw new ArgumentNullException("actionToken");
            }


            string username = UserValidationFacade.GetUsername();

#if NO_SECURITY
#else
            HookingFacade.EnsureInitialization();

            IEnumerable <UserPermissionDefinition>      userPermissionDefinitions      = PermissionTypeFacade.GetUserPermissionDefinitions(username);
            IEnumerable <UserGroupPermissionDefinition> userGroupPermissionDefinitions = PermissionTypeFacade.GetUserGroupPermissionDefinitions(username);
            SecurityResult securityResult = SecurityResolver.Resolve(UserValidationFacade.GetUserToken(), actionToken, entityToken, userPermissionDefinitions, userGroupPermissionDefinitions);
            if (securityResult != SecurityResult.Allowed && !(entityToken is SecurityViolationWorkflowEntityToken))
            {
                return(ExecuteSecurityViolation(actionToken, entityToken, flowControllerServicesContainer));
            }
#endif

            bool ignoreLocking = actionToken.IsIgnoreEntityTokenLocking();

            if (!ignoreLocking && ActionLockingFacade.IsLocked(entityToken))
            {
                return(ExecuteEntityTokenLocked(actionToken, entityToken, flowControllerServicesContainer));
            }

            IActionExecutor actionExecutor = ActionExecutorCache.GetActionExecutor(actionToken);

            ActionEventSystemFacade.FireOnBeforeActionExecution(entityToken, actionToken);

            FlowToken flowToken;
            using (TaskContainer taskContainer = TaskManagerFacade.CreateNewTasks(entityToken, actionToken, taskManagerEvent))
            {
                ITaskManagerFlowControllerService taskManagerService = null;
                if (flowControllerServicesContainer.GetService(typeof(ITaskManagerFlowControllerService)) == null)
                {
                    taskManagerService = new TaskManagerFlowControllerService(taskContainer);
                    flowControllerServicesContainer.AddService(taskManagerService);
                }

                try
                {
                    if (actionExecutor is IActionExecutorSerializedParameters)
                    {
                        string serializedEntityToken = EntityTokenSerializer.Serialize(entityToken);
                        string serializedActionToken = ActionTokenSerializer.Serialize(actionToken);

                        flowToken = Execute(actionExecutor as IActionExecutorSerializedParameters,
                                            serializedEntityToken, serializedActionToken, actionToken,
                                            flowControllerServicesContainer);
                    }
                    else
                    {
                        flowToken = Execute(actionExecutor, entityToken, actionToken,
                                            flowControllerServicesContainer);
                    }
                }
                finally
                {
                    if (taskManagerService != null)
                    {
                        flowControllerServicesContainer.RemoveService(taskManagerService);
                    }
                }

                taskContainer.SetOnIdleTaskManagerEvent(new FlowTaskManagerEvent(flowToken));
                taskContainer.UpdateTasksWithFlowToken(flowToken);

                taskContainer.SaveTasks();
            }

            ActionEventSystemFacade.FireOnAfterActionExecution(entityToken, actionToken, flowToken);

            IManagementConsoleMessageService managementConsoleMessageService = flowControllerServicesContainer
                                                                               .GetService <IManagementConsoleMessageService>();
            if (managementConsoleMessageService != null)
            {
                FlowControllerFacade.RegisterNewFlowInformation(flowToken, entityToken, actionToken,
                                                                managementConsoleMessageService.CurrentConsoleId);
            }
            else
            {
                Log.LogWarning(nameof(ActionExecutorFacade), "Missing ManagementConsoleMessageService, can not register the flow");
            }

            return(flowToken);
        }