Exemplo n.º 1
0
        public bool GrantPermission(User user, StandardPermissionAttributes permissionAttribute, string attributeValue, bool removeOnly, User administrator)
        {
            //to apply permissions we add or remove from the permissions list attached to the user details, we also maintain a string in the legacy semicolon seperated format for apps/code which still requires the older format.
            var userDetails = dataModel.Users.FirstOrDefault(u => u.ID == user.ID);
            if (userDetails != null)
            {
                UserPermissionsContainer userPermissions = new UserPermissionsContainer();
                if (!String.IsNullOrEmpty(user.Permissions))
                {
                    userPermissions = JsonConvert.DeserializeObject<UserPermissionsContainer>(user.Permissions);
                }

                //apply permission to legacypermission tag of user details
                string attributeTag = "[" + permissionAttribute.ToString() + "=" + attributeValue + "];";

                if (userPermissions.LegacyPermissions == null) userPermissions.LegacyPermissions = "";
                if (userPermissions.Permissions == null) userPermissions.Permissions = new List<UserPermission>();

                if (!removeOnly)
                {
                    //add permission

                    //append permission attribute for user

                    //legacy format is [AttributeName1=Value];[AttributeName2=Value]; -legacy  format is maintained as LegacyPermissions  field in JSON format, for older apps (mainly older versions of OCM app)
                    if (!userPermissions.LegacyPermissions.Contains(attributeTag))
                    {
                        if (!userPermissions.LegacyPermissions.EndsWith(";") && userPermissions.LegacyPermissions != "") userPermissions.LegacyPermissions += ";";
                        userPermissions.LegacyPermissions += attributeTag;

                        //add permission to main permission list
                        if (permissionAttribute == StandardPermissionAttributes.CountryLevel_Editor)
                        {
                            var permission = new UserPermission();
                            if (attributeValue != "All")
                            {
                                permission.CountryID = int.Parse(attributeValue);
                            }
                            permission.Level = PermissionLevel.Editor;
                            userPermissions.Permissions.Add(permission);
                        }

                        //TODO: administrator permissions
                        AuditLogManager.Log(administrator, AuditEventType.PermissionGranted, "User: "******"; Permission:" + permissionAttribute.ToString(), null);
                    }
                }
                else
                {
                    //remove permission
                    userPermissions.LegacyPermissions = userPermissions.LegacyPermissions.Replace(attributeTag, "");

                    if (permissionAttribute == StandardPermissionAttributes.CountryLevel_Editor)
                    {
                        if (attributeValue != "All")
                        {
                            int countryID = int.Parse(attributeValue);
                            userPermissions.Permissions.RemoveAll(p => p.Level == PermissionLevel.Editor && p.CountryID == countryID);
                        }
                        else
                        {
                            userPermissions.Permissions.RemoveAll(p => p.Level == PermissionLevel.Editor);
                        }
                    }
                    AuditLogManager.Log(administrator, AuditEventType.PermissionRemoved, "User: "******"; Permission:" + permissionAttribute.ToString(), null);
                }

                //remove requested permission attribute if it exists
                if (userDetails.PermissionsRequested != null)
                {
                    userDetails.PermissionsRequested = userDetails.PermissionsRequested.Replace(attributeTag, "");
                }

                userDetails.Permissions = JsonConvert.SerializeObject(userPermissions, Formatting.None, new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
                dataModel.SaveChanges();
                return true;
            }
            else
            {
                return false;
            }
        }
Exemplo n.º 2
0
        public void ConvertUserPermissions()
        {
            //perform batch upgrade of all user permisions to include JSON formatted permissions and legacy format string
            var userList = dataModel.Users.Where(u => u.Permissions != null);
            foreach (var user in userList)
            {
                if (!user.Permissions.Contains("{"))
                {
                    List<UserPermission> permissions = new List<UserPermission>();

                    //parse permissions
                    var pList = user.Permissions.Split(';');
                    foreach (var p in pList)
                    {
                        var legacyPermission = p.Trim();
                        if (!String.IsNullOrEmpty(legacyPermission))
                        {
                            var permission = new UserPermission();
                            //[CountryLevel_Editor=All];[Administrator=true];
                            bool parsedOK = false;
                            if (legacyPermission.StartsWith("[CountryLevel_Editor"))
                            {
                                permission.Level = PermissionLevel.Editor;
                                if (!legacyPermission.Contains("=All"))
                                {
                                    var countryIDString = legacyPermission.Substring(p.IndexOf("=") + 1, legacyPermission.IndexOf("]") - (legacyPermission.IndexOf("=") + 1));
                                    permission.CountryID = int.Parse(countryIDString);
                                }
                                parsedOK = true;
                            }

                            if (legacyPermission.StartsWith("[Administrator=true]"))
                            {
                                permission.Level = PermissionLevel.Admin;
                                parsedOK = true;
                            }

                            if (!parsedOK)
                            {
                                throw new Exception("Failed to parse permission: User" + user.ID + " :" + user.Permissions);
                            }
                            else
                            {
                                permissions.Add(permission);
                            }
                        }
                    }

                    UserPermissionsContainer allPermissions = new UserPermissionsContainer()
                    {
                        LegacyPermissions = user.Permissions, //preserve permissions string for legacy users
                        Permissions = permissions  //express permission as a list of permission objects
                    };

                    user.Permissions = JsonConvert.SerializeObject(allPermissions, Formatting.None, new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
                }
            }

            dataModel.SaveChanges();
        }