/// <summary>
/// Gets the ACL.
/// </summary>
/// <param name="ReportId">The directory id.</param>
/// <returns></returns>
public static ReportAccessControList GetACL(int ReportId)
{
using (IDataReader reader = DBReportAccessControList.GetAcl(ReportId))
{
ReportAccessControList retVal = new ReportAccessControList(reader);
return(retVal);
}
}
/// <summary>
/// Sets the ACL.
/// </summary>
/// <param name="control">The control.</param>
/// <param name="acl">The acl.</param>
/// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
public static void SetACL(IIbnControl control, ReportAccessControList acl)
{
if(control==null)
throw new ArgumentNullException("control");
if(acl==null)
throw new ArgumentNullException("acl");
if(acl.OwnerReportId == 0)
throw new ArgumentException("You can not use a dettached ACL.","acl");
// Validation 1 - 2
// if(ValidateACL)
// {
// if(acl.Count==0)
// throw new AllUserAccessWillBeDeniedException();
// }
using(Mediachase.IBN.Database.DbTransaction tran = Mediachase.IBN.Database.DbTransaction.Begin())
{
// Step 3. Update Common ACEs
if(acl.IsChanged)
{
DBReportAccessControList.Clear(acl.Id);
foreach(ReportAccessControlEntry ace in acl)
{
DBReportAccessControList.AddAce(acl.Id,ace.Role,ace.PrincipalId,ace.Action,ace.Allow, false);
if(ace.Allow)
{
foreach(string BaseAction in control.GetBaseActions(ace.Action))
{
DBReportAccessControList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
}
}
else
{
foreach(string BaseAction in control.GetDerivedActions(ace.Action))
{
DBReportAccessControList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
}
}
}
}
// Validation 2 - 2
// if(ValidateACL)
// {
// if(!DBFileStorage.CanUserRunAction(Security.CurrentUser.UserID, control.OwnerContainer.Key , acl.OwnerReportId, "Admin"))
// throw new AdminAccessWillBeDeniedException();
// }
tran.Commit();
}
}
/// <summary>
/// Gets the ACL.
/// </summary>
/// <param name="ReportId">The directory id.</param>
/// <returns></returns>
public static ReportAccessControList GetACL(int ReportId)
{
using(IDataReader reader = DBReportAccessControList.GetAcl(ReportId))
{
ReportAccessControList retVal = new ReportAccessControList(reader);
return retVal;
}
}
/// <summary>
/// Sets the ACL.
/// </summary>
/// <param name="control">The control.</param>
/// <param name="acl">The acl.</param>
/// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
public static void SetACL(IIbnControl control, ReportAccessControList acl)
{
if (control == null)
{
throw new ArgumentNullException("control");
}
if (acl == null)
{
throw new ArgumentNullException("acl");
}
if (acl.OwnerReportId == 0)
{
throw new ArgumentException("You can not use a dettached ACL.", "acl");
}
// Validation 1 - 2
// if(ValidateACL)
// {
// if(acl.Count==0)
// throw new AllUserAccessWillBeDeniedException();
// }
using (Mediachase.IBN.Database.DbTransaction tran = Mediachase.IBN.Database.DbTransaction.Begin())
{
// Step 3. Update Common ACEs
if (acl.IsChanged)
{
DBReportAccessControList.Clear(acl.Id);
foreach (ReportAccessControlEntry ace in acl)
{
DBReportAccessControList.AddAce(acl.Id, ace.Role, ace.PrincipalId, ace.Action, ace.Allow, false);
if (ace.Allow)
{
foreach (string BaseAction in control.GetBaseActions(ace.Action))
{
DBReportAccessControList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
}
}
else
{
foreach (string BaseAction in control.GetDerivedActions(ace.Action))
{
DBReportAccessControList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
}
}
}
}
// Validation 2 - 2
// if(ValidateACL)
// {
// if(!DBFileStorage.CanUserRunAction(Security.CurrentUser.UserID, control.OwnerContainer.Key , acl.OwnerReportId, "Admin"))
// throw new AdminAccessWillBeDeniedException();
// }
tran.Commit();
}
}
private DataTable ACLToDateTable(ReportAccessControList ACLr)
{
DataTable dt = new DataTable();
DataRow dr;
dt.Columns.Add(new DataColumn("ID",typeof(int)));
dt.Columns.Add(new DataColumn("Weight",typeof(int)));
dt.Columns.Add(new DataColumn("Name", typeof(string)));
dt.Columns.Add(new DataColumn("Allow",typeof(bool)));
foreach (ReportAccessControlEntry ACEr in ACLr)
{
dr = dt.NewRow();
dr["ID"] = ACEr.Id;
dr["Weight"] = (ACEr.IsRoleAce)? 0 : ((Mediachase.IBN.Business.User.IsGroup(ACEr.PrincipalId))? 1 : 2);
dr["Name"] = (ACEr.IsRoleAce)? ACEr.Role : ACEr.PrincipalId.ToString();
dr["Allow"]=ACEr.Allow;
dt.Rows.Add(dr);
}
return dt;
}