Exemplo n.º 1
0
        public void SavePermissions()
        {
            if (itemPermissions == null)
            {
                itemPermissions = GetPermissions(core, item);
            }
            if (itemGrants == null)
            {
                itemGrants = AccessControlGrant.GetGrants(core, item);
            }
            if (unsavedGrants == null)
            {
                unsavedGrants = new List<UnsavedAccessControlGrant>();
            }

            bool simple = item.IsSimplePermissions;

            string mode = core.Http.Form["aclmode"];
            switch (mode)
            {
                case "simple":
                    simple = true;
                    break;
                case "detailed":
                    simple = false;
                    break;
            }

            if (itemPermissions != null)
            {
                if (simple)
                {
                    //
                    // Simple
                    //

                    //HttpContext.Current.Response.Write("Simple<br />");
                    bool first = true;
                    PermissionTypes lastType = PermissionTypes.View;
                    List<PrimitivePermissionGroup> groups = null;

                    foreach (AccessControlPermission itemPermission in itemPermissions)
                    {
                        if (first || itemPermission.PermissionType != lastType)
                        {
                            groups = PermissionGroupSelectBox.FormPermissionGroups(core, "group-select-" + itemPermission.PermissionType.ToString());
                            //HttpContext.Current.Response.Write("Groups: " + groups.Count.ToString() + "<br />");

                            first = false;
                            lastType = itemPermission.PermissionType;
                        }

                        List<ItemKey> keysGranted = new List<ItemKey>();
                        foreach (AccessControlGrant grant in itemGrants)
                        {
                            if (grant.PermissionId == itemPermission.Id)
                            {
                                if (grant.Allow == AccessControlGrants.Allow)
                                {
                                    keysGranted.Add(grant.PrimitiveKey);
                                }
                            }
                        }

                        List<ItemKey> keysPosted = new List<ItemKey>();
                        foreach (PrimitivePermissionGroup ppg in groups)
                        {
                            // Only create if not exists
                            if (!keysGranted.Contains(ppg.ItemKey))
                            {
                                AccessControlGrant newACG = AccessControlGrant.Create(core, ppg.ItemKey, item.ItemKey, itemPermission.Id, AccessControlGrants.Allow);
                                itemGrants.Add(newACG);
                                //HttpContext.Current.Response.Write("Created<br />");
                            }
                            keysPosted.Add(ppg.ItemKey);
                        }

                        List<AccessControlGrant> grantsGrandfathered = new List<AccessControlGrant>();
                        foreach (AccessControlGrant grant in itemGrants)
                        {
                            if (grant.PermissionId == itemPermission.Id)
                            {
                                if (!keysPosted.Contains(grant.PrimitiveKey))
                                {
                                    grantsGrandfathered.Add(grant);
                                }
                            }
                        }

                        foreach (AccessControlGrant grant in grantsGrandfathered)
                        {
                            itemGrants.Remove(grant);
                            grant.Delete();
                            //HttpContext.Current.Response.Write("Deleted<br />");
                        }
                    }

                    item.IsSimplePermissions = true;
                    item.Update();
                }
                else
                {
                    //
                    // Detailed
                    //

                    foreach (AccessControlPermission itemPermission in itemPermissions)
                    {
                        SelectBox groupsSelectBox = BuildGroupsSelectBox(string.Format("new-permission-group[{0}]", itemPermission.Id), item.Owner);

                        foreach (SelectBoxItem gsbi in groupsSelectBox)
                        {
                            if (core.Http.Form[string.Format("new-grant[{0},{1}]", itemPermission.Id, gsbi.Key)] != null)
                            {
                                ItemKey ik = new ItemKey(gsbi.Key);

                                UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit);

                                if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"] != null)
                                {
                                    switch (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"])
                                    {
                                        case "allow":
                                            uacg.Allow = AccessControlGrants.Allow;
                                            break;
                                        case "deny":
                                            uacg.Allow = AccessControlGrants.Deny;
                                            break;
                                        case "inherit":
                                            uacg.Allow = AccessControlGrants.Inherit;
                                            break;
                                    }
                                }

                                try
                                {
                                    AccessControlGrant newACG = AccessControlGrant.Create(core, ik, item.ItemKey, itemPermission.Id, uacg.Allow);
                                    itemGrants.Add(newACG);
                                }
                                catch (InvalidAccessControlGrantException)
                                {
                                }
                            }
                        }

                    }
                    foreach (string key in core.Http.Form.AllKeys)
                    {
                        if (key.StartsWith("allow[", StringComparison.Ordinal) && key.EndsWith("]", StringComparison.Ordinal))
                        {
                            string[] parts = key.Substring(6, key.Length - 7).Split(new char[] { ',' });

                            if (parts.Length == 3)
                            {
                                long itemPermissionId = 0;
                                long primitiveKeyTypeId = 0;
                                long primitiveKeyId = 0;

                                long.TryParse(parts[0], out itemPermissionId);
                                long.TryParse(parts[1], out primitiveKeyTypeId);
                                long.TryParse(parts[2], out primitiveKeyId);

                                //HttpContext.Current.Response.Write("Reading perms key: " + key + "<br />");

                                ItemKey pk = new ItemKey(primitiveKeyId, primitiveKeyTypeId);

                                UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, pk, item.ItemKey, itemPermissionId, AccessControlGrants.Inherit);

                                if (core.Http.Form[key] != null)
                                {
                                    switch (core.Http.Form[key])
                                    {
                                        case "allow":
                                            uacg.Allow = AccessControlGrants.Allow;
                                            break;
                                        case "deny":
                                            uacg.Allow = AccessControlGrants.Deny;
                                            break;
                                        case "inherit":
                                            uacg.Allow = AccessControlGrants.Inherit;
                                            break;
                                    }
                                }

                                foreach (AccessControlGrant grant in itemGrants)
                                {
                                    if (grant.ItemKey.Equals(uacg.ItemKey) && grant.PrimitiveKey.Equals(uacg.PrimitiveKey) && grant.PermissionId.Equals(uacg.PermissionId))
                                    {
                                        //HttpContext.Current.Response.Write("Found grant: " + key + "<br />");
                                        // We only want to trigger a database update if things have changed
                                        if (grant.Allow != uacg.Allow)
                                        {
                                            //HttpContext.Current.Response.Write("Saving perms key: " + key + ", " + uacg.Allow + "<br />");
                                            grant.Allow = uacg.Allow;
                                        }
                                    }
                                }
                            }
                        }
                    }

                    item.IsSimplePermissions = false;
                    item.Update();
                }
            }
        }
Exemplo n.º 2
0
        public void ParseACL(Template template, Primitive owner, string variable)
        {
            Template aclTemplate = new Template("std.acl.html");
            aclTemplate.Medium = core.Template.Medium;
            aclTemplate.SetProse(core.Prose);

            if (itemPermissions == null)
            {
                itemPermissions = GetPermissions(core, item);
            }
            if (itemGrants == null)
            {
                itemGrants = AccessControlGrant.GetGrants(core, item);
            }
            if (unsavedGrants == null)
            {
                unsavedGrants = new List<UnsavedAccessControlGrant>();
            }

            if (itemGrants != null)
            {
                foreach (AccessControlGrant itemGrant in itemGrants)
                {
                    core.PrimitiveCache.LoadPrimitiveProfile(itemGrant.PrimitiveKey);
                }
            }

            bool simple = item.IsSimplePermissions;

            string mode = core.Http["aclmode"];
            switch (mode)
            {
                case "simple":
                    simple = true;
                    break;
                case "detailed":
                    simple = false;
                    break;
            }

            bool first = true;
            PermissionTypes lastType = PermissionTypes.View;
            VariableCollection permissionTypeVariableCollection = null;

            PermissionGroupSelectBox typeGroupSelectBox = null;
            List<PrimitivePermissionGroup> ownerGroups = null;

            if (itemPermissions != null)
            {
                foreach (AccessControlPermission itemPermission in itemPermissions)
                {
                    if (first || itemPermission.PermissionType != lastType)
                    {
                        if (typeGroupSelectBox != null)
                        {
                            permissionTypeVariableCollection.Parse("S_SIMPLE_SELECT", typeGroupSelectBox);
                        }

                        permissionTypeVariableCollection = aclTemplate.CreateChild("permision_types");
                        typeGroupSelectBox = new PermissionGroupSelectBox(core, "group-select-" + itemPermission.PermissionType.ToString(), item.ItemKey);

                        permissionTypeVariableCollection.Parse("TITLE", AccessControlLists.PermissionTypeToString(itemPermission.PermissionType));

                        first = false;
                        lastType = itemPermission.PermissionType;
                    }

                    if (simple)
                    {
                        if (ownerGroups == null)
                        {
                            ownerGroups = new List<PrimitivePermissionGroup>();
                            int itemGroups = 0;

                            Type type = item.GetType();
                            if (type.GetMethod(type.Name + "_GetItemGroups", new Type[] { typeof(Core) }) != null)
                            {
                                ownerGroups.AddRange((List<PrimitivePermissionGroup>)type.InvokeMember(type.Name + "_GetItemGroups", BindingFlags.Public | BindingFlags.Static | BindingFlags.InvokeMethod, null, null, new object[] { core }));
                                itemGroups = ownerGroups.Count;
                            }

                            ownerGroups.AddRange(core.GetPrimitivePermissionGroups(owner));
                        }

                        VariableCollection permissionVariableCollection = permissionTypeVariableCollection.CreateChild("permission_desc");
                        permissionVariableCollection.Parse("ID", itemPermission.Id.ToString());
                        permissionVariableCollection.Parse("TITLE", itemPermission.Name);
                        permissionVariableCollection.Parse("DESCRIPTION", itemPermission.Description);

                        if (itemGrants != null)
                        {
                            foreach (AccessControlGrant itemGrant in itemGrants)
                            {
                                if (itemGrant.PermissionId == itemPermission.Id)
                                {
                                    switch (itemGrant.Allow)
                                    {
                                        case AccessControlGrants.Allow:
                                            PrimitivePermissionGroup ppg = null;

                                            ppg = new PrimitivePermissionGroup(itemGrant.PrimitiveKey, string.Empty, string.Empty);
                                            foreach (PrimitivePermissionGroup p in ownerGroups)
                                            {
                                                if (ppg.ItemKey.Equals(p.ItemKey))
                                                {
                                                    ppg = p;
                                                    break;
                                                }
                                            }

                                            if (!typeGroupSelectBox.ItemKeys.Contains(ppg))
                                            {
                                                typeGroupSelectBox.ItemKeys.Add(ppg);
                                            }
                                            break;
                                        default:
                                            break;
                                    }
                                }
                            }
                        }
                    }
                    else
                    {
                        VariableCollection permissionVariableCollection = permissionTypeVariableCollection.CreateChild("permission");
                        permissionVariableCollection.Parse("ID", itemPermission.Id.ToString());
                        permissionVariableCollection.Parse("TITLE", itemPermission.Name);
                        permissionVariableCollection.Parse("DESCRIPTION", itemPermission.Description);

                        SelectBox groupsSelectBox = BuildGroupsSelectBox(string.Format("new-permission-group[{0}]", itemPermission.Id), owner);

                        if (itemGrants != null)
                        {
                            foreach (AccessControlGrant itemGrant in itemGrants)
                            {
                                if (itemGrant.PermissionId == itemPermission.Id)
                                {
                                    string gsbk = string.Format("{0},{1}", itemGrant.PrimitiveKey.TypeId, itemGrant.PrimitiveKey.Id);
                                    if (groupsSelectBox.ContainsKey(gsbk))
                                    {
                                        groupsSelectBox[gsbk].Selectable = false;
                                    }

                                    VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant");

                                    if (groupsSelectBox.ContainsKey(gsbk))
                                    {
                                        string text = groupsSelectBox[gsbk].Text;
                                        if (text.StartsWith(" -- ", StringComparison.Ordinal))
                                        {
                                            text = text.Substring(4);
                                        }
                                        grantVariableCollection.Parse("DISPLAY_NAME", text);
                                        groupsSelectBox[gsbk].Selectable = false;
                                    }
                                    else
                                    {
                                        try
                                        {
                                            grantVariableCollection.Parse("DISPLAY_NAME", core.PrimitiveCache[itemGrant.PrimitiveKey].DisplayName);
                                        }
                                        catch
                                        {
                                            grantVariableCollection.Parse("DISPLAY_NAME", "{{ERROR LOADING PRIMITIVE(" + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + ":" + (new ItemType(core, itemGrant.PrimitiveKey.TypeId)).Namespace + ")}}");
                                        }
                                    }

                                    RadioList allowrl = new RadioList("allow[" + itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]");
                                    SelectBox allowsb = new SelectBox("allow[" + itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]");
                                    Button deleteButton = new Button("delete", "Delete", itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString());

                                    allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow"));
                                    allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny"));
                                    allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit"));

                                    allowsb.Add(new SelectBoxItem("allow", "Allow"));
                                    allowsb.Add(new SelectBoxItem("deny", "Deny"));
                                    allowsb.Add(new SelectBoxItem("inherit", "Inherit"));

                                    switch (itemGrant.Allow)
                                    {
                                        case AccessControlGrants.Allow:
                                            allowrl.SelectedKey = "allow";
                                            allowsb.SelectedKey = "allow";
                                            break;
                                        case AccessControlGrants.Deny:
                                            allowrl.SelectedKey = "deny";
                                            allowsb.SelectedKey = "deny";
                                            break;
                                        case AccessControlGrants.Inherit:
                                            allowrl.SelectedKey = "inherit";
                                            allowsb.SelectedKey = "inherit";
                                            break;
                                    }

                                    if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"] != null)
                                    {
                                        allowrl.SelectedKey = core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"];
                                    }

                                    grantVariableCollection.Parse("S_GRANT", allowsb);

                                    grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]);
                                    grantVariableCollection.Parse("S_DENY", allowrl["deny"]);
                                    grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]);

                                    grantVariableCollection.Parse("S_DELETE", deleteButton);

                                    grantVariableCollection.Parse("ID", string.Format("{0},{1}", itemGrant.PrimitiveKey.TypeId, itemGrant.PrimitiveKey.Id));
                                    grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString());
                                    grantVariableCollection.Parse("IS_NEW", "FALSE");
                                }
                            }

                            foreach (AccessControlGrant itemGrant in itemGrants)
                            {
                                VariableCollection grantsVariableCollection = template.CreateChild("grants");
                            }
                        }

                        if (core.Http.Form["save"] == null)
                        {
                            foreach (SelectBoxItem gsbi in groupsSelectBox)
                            {
                                if (core.Http.Form[string.Format("new-grant[{0},{1}]", itemPermission.Id, gsbi.Key)] != null)
                                {
                                    ItemKey ik = new ItemKey(gsbi.Key);

                                    UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit);

                                    VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant");

                                    grantVariableCollection.Parse("DISPLAY_NAME", gsbi.Text);

                                    RadioList allowrl = new RadioList("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");
                                    SelectBox allowsb = new SelectBox("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");

                                    allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow"));
                                    allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny"));
                                    allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit"));

                                    allowsb.Add(new SelectBoxItem("allow", "Allow"));
                                    allowsb.Add(new SelectBoxItem("deny", "Deny"));
                                    allowsb.Add(new SelectBoxItem("inherit", "Inherit"));

                                    if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"] != null)
                                    {
                                        allowrl.SelectedKey = core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"];
                                    }
                                    else
                                    {
                                        switch (uacg.Allow)
                                        {
                                            case AccessControlGrants.Allow:
                                                allowrl.SelectedKey = "allow";
                                                allowsb.SelectedKey = "allow";
                                                break;
                                            case AccessControlGrants.Deny:
                                                allowrl.SelectedKey = "deny";
                                                allowsb.SelectedKey = "deny";
                                                break;
                                            case AccessControlGrants.Inherit:
                                                allowrl.SelectedKey = "inherit";
                                                allowsb.SelectedKey = "inherit";
                                                break;
                                        }
                                    }

                                    grantVariableCollection.Parse("S_GRANT", allowsb);

                                    grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]);
                                    grantVariableCollection.Parse("S_DENY", allowrl["deny"]);
                                    grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]);

                                    grantVariableCollection.Parse("ID", string.Format("{0},{1}", ik.TypeId, ik.Id));
                                    grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString());
                                    grantVariableCollection.Parse("IS_NEW", "TRUE");

                                    gsbi.Selectable = false;
                                }
                            }
                        }

                        if (core.Http.Form[string.Format("add-permission[{0}]", itemPermission.Id)] != null)
                        {
                            string groupSelectBoxId = core.Http.Form[string.Format("new-permission-group[{0}]", itemPermission.Id)];

                            ItemKey ik = new ItemKey(groupSelectBoxId);

                            UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit);

                            VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant");

                            grantVariableCollection.Parse("DISPLAY_NAME", groupsSelectBox[groupSelectBoxId].Text);

                            RadioList allowrl = new RadioList("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");
                            SelectBox allowsb = new SelectBox("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");

                            allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow"));
                            allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny"));
                            allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit"));

                            allowsb.Add(new SelectBoxItem("allow", "Allow"));
                            allowsb.Add(new SelectBoxItem("deny", "Deny"));
                            allowsb.Add(new SelectBoxItem("inherit", "Inherit"));

                            switch (uacg.Allow)
                            {
                                case AccessControlGrants.Allow:
                                    allowrl.SelectedKey = "allow";
                                    allowsb.SelectedKey = "allow";
                                    break;
                                case AccessControlGrants.Deny:
                                    allowrl.SelectedKey = "deny";
                                    allowsb.SelectedKey = "deny";
                                    break;
                                case AccessControlGrants.Inherit:
                                    allowrl.SelectedKey = "inherit";
                                    allowsb.SelectedKey = "inherit";
                                    break;
                            }

                            grantVariableCollection.Parse("S_GRANT", allowsb);

                            grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]);
                            grantVariableCollection.Parse("S_DENY", allowrl["deny"]);
                            grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]);

                            grantVariableCollection.Parse("ID", string.Format("{0},{1}", ik.TypeId, ik.Id));
                            grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString());
                            grantVariableCollection.Parse("IS_NEW", "TRUE");

                            groupsSelectBox[groupSelectBoxId].Selectable = false;
                        }

                        permissionVariableCollection.Parse("S_PERMISSION_GROUPS", groupsSelectBox);

                        RadioList allowNewrl = new RadioList("new-permission-group-allow");
                        SelectBox allowNewsb = new SelectBox("new-permission-group-allow");

                        allowNewrl.Add(new RadioListItem(allowNewrl.Name, "allow", "Allow"));
                        allowNewrl.Add(new RadioListItem(allowNewrl.Name, "deny", "Deny"));
                        allowNewrl.Add(new RadioListItem(allowNewrl.Name, "inherit", "Inherit"));

                        allowNewsb.Add(new SelectBoxItem("allow", "Allow"));
                        allowNewsb.Add(new SelectBoxItem("deny", "Deny"));
                        allowNewsb.Add(new SelectBoxItem("inherit", "Inherit"));

                        allowNewrl.SelectedKey = "inherit";
                        allowNewsb.SelectedKey = "inherit";

                        permissionVariableCollection.Parse("S_GRANT", allowNewsb);

                        permissionVariableCollection.Parse("S_ALLOW", allowNewrl["allow"].ToString());
                        permissionVariableCollection.Parse("S_DENY", allowNewrl["deny"].ToString());
                        permissionVariableCollection.Parse("S_INHERIT", allowNewrl["inherit"].ToString());
                    }
                }

                if (typeGroupSelectBox != null)
                {
                    permissionTypeVariableCollection.Parse("S_SIMPLE_SELECT", typeGroupSelectBox);
                }
            }

            if (string.IsNullOrEmpty(variable))
            {
                variable = "S_PERMISSIONS";
            }

            /*PermissionGroupSelectBox groupSelectBox = new PermissionGroupSelectBox(core, "group-select", item.ItemKey);
            groupSelectBox.SelectMultiple = true;

            aclTemplate.Parse("S_SIMPLE_SELECT", groupSelectBox);*/

            if (simple)
            {
                aclTemplate.Parse("IS_SIMPLE", "TRUE");
            }

            aclTemplate.Parse("U_DETAILED", Access.BuildAclUri(core, item, false));
            aclTemplate.Parse("U_SIMPLE", Access.BuildAclUri(core, item, true));

            HiddenField modeField = new HiddenField("aclmode");
            if (simple)
            {
                modeField.Value = "simple";
            }
            else
            {
                modeField.Value = "detailed";
            }

            aclTemplate.Parse("S_ACLMODE", modeField);

            template.ParseRaw(variable, aclTemplate.ToString());
        }