/****************************************************************************************************** Related Permissions */ public static Dictionary <PermissionTypeBase, int> GetRelatedPermissions(SecurityContext context, int entityId, PermissionLevel level, bool explicitOnly, int identityId, Func <int, bool> isEnabled) { if (!explicitOnly) { throw new NotSupportedException("Not supported in this version. Use explicitOnly = true"); } SecurityEntity.EnterReadLock(); try { var counters = new int[PermissionTypeBase.PermissionCount]; var identities = new[] { identityId }; var root = SecurityEntity.GetEntitySafe(context, entityId, true); foreach (var entity in new EntityTreeWalker(root)) { // step forward if there is no any setting if (!entity.HasExplicitAcl) { continue; } if (!isEnabled(entity.Id)) { continue; } // if breaked, adding existing parent-s effective identities because all identities are related. var localBits = new PermissionBitMask(); if (!entity.IsInherited && entity.Parent != null) { CollectPermissionsFromLocalAces(context.Evaluator.GetEffectiveEntriesSafe(entity.Parent.Id, identities), localBits); } // adding explicite identities CollectPermissionsFromAces(context.Evaluator.GetExplicitEntriesSafe(entity.Id, identities), level, counters, localBits); } var result = new Dictionary <PermissionTypeBase, int>(); for (var i = 0; i < PermissionTypeBase.PermissionCount; i++) { result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]); } return(result); } finally { SecurityEntity.ExitReadLock(); } }
private AccessControlEntry CreateEmptyAce(AceInfo aceInfo) { var perms = new Permission[PermissionTypeBase.PermissionCount]; for (var i = 0; i < perms.Length; i++) { perms[i] = new Permission { Name = PermissionTypeBase.GetPermissionTypeByIndex(i).Name } } ; return(new AccessControlEntry { IdentityId = aceInfo.IdentityId, LocalOnly = aceInfo.LocalOnly, Permissions = perms }); }
public static Dictionary <PermissionTypeBase, int> GetExplicitPermissionsInSubtree(SecurityContext context, int entityId, int[] identities, bool includeRoot) { SecurityEntity.EnterReadLock(); try { var counters = new int[PermissionTypeBase.PermissionCount]; var root = SecurityEntity.GetEntitySafe(context, entityId, true); foreach (var entity in new EntityTreeWalker(root)) { // step forward if there is no any setting if (!entity.HasExplicitAcl || (entity.Id == entityId && !includeRoot)) { continue; } // if breaked, adding existing parent-s effective identities because all identities are related. var localBits = new PermissionBitMask(); if (!entity.IsInherited && entity.Parent != null && (includeRoot || entity.Parent.Id != entityId)) { CollectPermissionsFromLocalAces(context.Evaluator.GetEffectiveEntriesSafe(entity.Parent.Id, identities), localBits); } // adding explicite identities CollectPermissionsFromAces(context.Evaluator.GetExplicitEntriesSafe(entity.Id, identities), PermissionLevel.AllowedOrDenied, counters, localBits); } var result = new Dictionary <PermissionTypeBase, int>(); for (var i = 0; i < PermissionTypeBase.PermissionCount; i++) { result.Add(PermissionTypeBase.GetPermissionTypeByIndex(i), counters[i]); } return(result); } finally { SecurityEntity.ExitReadLock(); } }