protected override AccessResult GetItemAccess(Sitecore.Data.Items.Item item, Account account, AccessRight accessRight, PropagationType propagationType) { // //This method applies the specified AccessRight. Since the custom AccessRight //has been extended to support additional properties (max comments and //time range), these properties must be considered. var result = base.GetItemAccess(item, account, accessRight, propagationType); // // if (result == null || result.Permission != AccessPermission.Allow) { return result; } // // if (accessRight.Name != BucketRights.AddComments) { return result; } // // var right = accessRight as BucketAccessRight; if (right != null) { result = GetItemAccess(item, account, right); } return result; }
protected virtual AccessResult GetPermission(DbItemAccess access, AccessRight accessRight) { if (accessRight == AccessRight.ItemRead) { return this.GetAccessResult(access, i => i.CanRead); } if (accessRight == AccessRight.ItemWrite) { return this.GetAccessResult(access, i => i.CanWrite); } if (accessRight == AccessRight.ItemRename) { return this.GetAccessResult(access, i => i.CanRename); } if (accessRight == AccessRight.ItemCreate) { return this.GetAccessResult(access, i => i.CanCreate); } if (accessRight == AccessRight.ItemDelete) { return this.GetAccessResult(access, i => i.CanDelete); } if (accessRight == AccessRight.ItemAdmin) { return this.GetAccessResult(access, i => i.CanAdmin); } return this.GetDefaultAccessResult(); }
// Methods protected override void AddAccessResultToCache(ISecurable entity, Account account, AccessRight accessRight, AccessResult accessResult, PropagationType propagationType) { if (accessRight.Name != "adoption:change") { base.AddAccessResultToCache(entity, account, accessRight, accessResult, propagationType); } }
protected override void AddAccessResultToCache(ISecurable entity, Account account, AccessRight accessRight, AccessResult accessResult, PropagationType propagationType) { if (accessRight.Name == BucketRights.MakeABucket) { return; } base.AddAccessResultToCache(entity, account, accessRight, accessResult, propagationType); }
public void when_the_user_has_only_read_access_the_builder_should_return_the_display_for_element() { theRightsAre = AccessRight.ReadOnly; var displayTag = new HtmlTag("span"); theRequest.Stub(x => x.BuildForCategory(ElementConstants.Display)).Return(displayTag); theResultingTag.ShouldBeTheSameAs(displayTag); }
protected override void AddAccessResultToCache(ISecurable entity, Account account, AccessRight accessRight, AccessResult accessResult, PropagationType propagationType) { // //Do not cache the access result because the result depends //on the value that is currently set on the item. if (accessRight.Name == BucketRights.AddComments) { return; } base.AddAccessResultToCache(entity, account, accessRight, accessResult, propagationType); }
private void OnLow(InitEvent e) { if (e.IsOwner) { this.AccessRight = AccessRight.Owner; } else if (e.CanChangeWorldOptions) { this.AccessRight = AccessRight.WorldOptions; } }
public override AccessResult GetAccess(Field field, Account account, AccessRight accessRight) { AccessResult result = null; if (ShouldCheckDesignRights(field, accessRight)) { result = GetLayoutFieldAccess(field, account); } return(result ?? base.GetAccess(field, account, accessRight)); }
protected virtual void FillAccessRules(AccessRuleCollection rules, DbItemAccess itemAccess, AccessRight accessRight, Func<DbItemAccess, bool?> canAct) { var canActRest = canAct(itemAccess); if (canActRest == null) { return; } var permission = (bool)canActRest ? SecurityPermission.AllowAccess : SecurityPermission.DenyAccess; rules.Add(AccessRule.Create(Context.User, accessRight, PropagationType.Entity, permission)); }
void AddReportAccessRights() { _right = new AccessRight { CanView = chkReportsView.Checked, UserID = _userID, FormID = ApplicationFroms.frmReportParameters.ToString() }; AddAccessRight(_right); }
public static bool HasRights(this IPrincipal user, AccessRight right) { bool result = false; var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>(); var Rights = userManager.FindById(user.Identity.GetUserId()).AccessRight; if (Rights.HasFlag(right)) { result = true; } return(result); }
/// <summary> /// Create an new AccessControl from a AccessControl. /// </summary> /// <param name="access">The source object.</param> public AccessControl(AccessControl access) { this.accessControlId = access.AccessControlId; this.user = access.User.Clone() as RightsHolder; this.entity = new Entity(access.Entity); this.tenantId = access.TenantId; this.accessRight = access.AccessRight; this.rowVersion = access.RowVersion; this.dirty = access.Dirty; this.deleted = access.Deleted; this.newRights = access.newRights; }
/// <summary> /// Update the rights with the rights in an existing AccessControl. If our rights have been changed, do nothing. /// </summary> /// <param name="access">The row to copy the rights from.</param> public void Update(AccessControl access) { if (access.RowVersion != this.rowVersion && access.User == user && access.Entity == entity && !this.dirty) { this.accessRight = access.AccessRight; } this.rowVersion = access.RowVersion; }
/// <summary> /// Create an new AccessControl from a AccessControlRow. /// </summary> /// <param name="accessControlRow">The row to base this object on.</param> public AccessControl(AccessControlRow accessControlRow) { this.accessControlId = accessControlRow.AccessControlId; this.user = Entity.New(accessControlRow.RightsHolderRow.EntityRow) as RightsHolder; this.entity = new Entity(accessControlRow.EntityRow); this.tenantId = accessControlRow.TenantRow.TenantId; this.accessRight = accessControlRow.AccessRightRow.AccessRightCode; this.rowVersion = accessControlRow.RowVersion; this.dirty = false; this.deleted = false; this.newRights = false; }
void UpdateReportAccessRights() { _right = new AccessRight { CanView = chkReportsView.Checked, UserID = _userID, FormID = ApplicationFroms.frmReportParameters.ToString(), Id = _rights.Where(r => r.FormID == ApplicationFroms.frmReportParameters.ToString() && r.UserID == _userID).FirstOrDefault().Id }; UpdateAccessRight(_right, ApplicationFroms.frmReportParameters); }
/// <summary> /// Update the rights with the rights in the original AccessControlRow. If our rights have been changed, do nothing. /// </summary> /// <param name="accessControlRow">The row to copy the rights from.</param> public void Update(AccessControlRow accessControlRow) { if (accessControlRow.RowVersion != this.rowVersion && accessControlRow.RightsHolderRow.RightsHolderId == user.EntityId && accessControlRow.EntityRow.EntityId == entity.EntityId && !this.dirty) { this.accessRight = accessControlRow.AccessRightRow.AccessRightCode; } this.rowVersion = accessControlRow.RowVersion; }
public ActionResult Create([Bind(Include = "Id,GroupReport,PlanReport,Database,ManageUsers,AspNetUserId")] AccessRight accessRight) { if (ModelState.IsValid) { db.AccessRights.Add(accessRight); db.SaveChanges(); return(RedirectToAction("Index")); } ViewBag.AspNetUserId = new SelectList(db.AspNetUsers, "Id", "Email", accessRight.AspNetUserId); return(View(accessRight)); }
void AddCompanyAccessRights() { _right = new AccessRight { CanEdit = chkCompanyEdit.Checked, CanView = chkCompanyView.Checked, UserID = _userID, FormID = ApplicationFroms.frmAddCompany.ToString() }; AddAccessRight(_right); }
public async Task <ActionResult> Register(RegisterViewModel model) { if (ModelState.IsValid) { var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; var result = await UserManager.CreateAsync(user, model.Password); if (result.Succeeded) { await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false); using (var db = new ReportsWebAppDBEntities()) { try { var users = (from usr in db.AspNetUsers select usr).Take(2); if (users.Count() == 1) { AccessRight adminRights = new AccessRight() { AspNetUserId = users.First().Id, Database = true, PlanReport = true, GroupReport = true, ManageUsers = true }; db.AccessRights.Add(adminRights); db.SaveChanges(); } } catch (Exception ex) { Logger.Log.Error(ex); } } // For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771 // Send an email with this link // string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); // var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); // await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>"); return(RedirectToAction("Index", "Home")); } AddErrors(result); } // If we got this far, something failed, redisplay form return(View(model)); }
public bool HasSystemWideAccess(PartAccess partAccess, AccessRight right) { var session = CurrentSession; if (session == null) { return(false); } else { return(session.HasSystemWideAccess(partAccess, right)); } }
public bool HasAccess(Contact contact, PartAccess partAccess, AccessRight right) { var session = CurrentSession; if (session == null) { return(false); } else { return(session.HasAccess(contact, partAccess, right)); } }
public bool HasAccess(Group group, PartAccess partAccess, AccessRight right) { var session = CurrentSession; if (session == null) { return(false); } else { return(session.HasAccess(group, partAccess, right)); } }
void UpdateCompanyAccessRights() { _right = new AccessRight { CanEdit = chkCompanyEdit.Checked, CanView = chkCompanyView.Checked, UserID = _userID, FormID = ApplicationFroms.frmAddCompany.ToString(), Id = _rights.Where(r => r.FormID == ApplicationFroms.frmAddCompany.ToString() && r.UserID == _userID).FirstOrDefault().Id }; UpdateAccessRight(_right, ApplicationFroms.frmAddCompany); }
/// <summary> /// Tests if a group has a given right to this file. /// </summary> /// <param name="g">Name of the group.</param> /// <param name="r">Right to test.</param> /// <returns>True if the group is authorized, false otherwise.</returns> public bool Test(Group g, AccessRight r) { var info = FindAccessInfo(g); if (info != null) { return(info.Test(r)); } else { return(false); } }
private static bool HasCustomPublishAccess(Item item, User user) { AccessRight itemPublish = AccessRight.FromName("item:publish"); if (itemPublish != null) { using (new SecurityEnabler()) { return(AuthorizationManager.IsAllowed(item, itemPublish, user)); } } return(true); }
private void OnInitLow(InitEvent e) { if (e.IsOwner) { this.AccessRight = AccessRight.Owner; } else if (e.CanEdit) { this.AccessRight = AccessRight.Edit; } new MetaChangedEvent(e.Owner, e.Plays, e.CurrentWoots, e.TotalWoots, e.WorldName) .RaiseIn(this.BotBits); }
// GET: AccessRights/Details/5 public ActionResult Details(int?id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } AccessRight accessRight = db.AccessRights.Find(id); if (accessRight == null) { return(HttpNotFound()); } return(View(accessRight)); }
public bool HasSystemWideAccess(PartAccess partAccess, AccessRight right) { foreach (var rolePermission in _access .Where(rp => rp.Permission.Part.Value == partAccess) .Where(rp => rp.Permission.Right.Value >= right)) { switch (rolePermission.Permission.Subject.Value) { case SubjectAccess.SystemWide: return(true); } } return(false); }
/// <summary> /// Creates a new group with a given default access right. /// </summary> /// <param name="name">Name of the group.</param> /// <param name="defaultRight">Access right to add to all files.</param> /// <param name="canCreateFiles">If true, the group members will be allows to create new files.</param> public void CreateNewGroup(string name, AccessRight defaultRight, bool canCreateFiles) { if (groups.Contains(name)) { Console.WriteLine("[ERROR] Group with the name {0} already exists!", name); return; } Group group = new Group { Name = name, CanCreateFiles = canCreateFiles, DefaultAccessRight = defaultRight }; groups.Add(group); AddAccessRightToSubDirectory(group, defaultRight, ""); }
public bool HasRights(Guid listId, ICollection <int> trusteeIds, AccessRight accessRights) { bool result = false; var db = GetObjectContext(); { var accessItems = db.AccessControlLists.Where(item => item.ListMetadataId == listId && trusteeIds.Contains(item.TrusteeId)); if (accessItems.Any()) { var maxAccessRight = accessItems.Max(item => item.AccessRight); result = maxAccessRight >= (int)accessRights; } } return(result); }
public static AccessRights Map(AccessRight source) { switch (source) { case AccessRight.Listen: return(AccessRights.Listen); case AccessRight.Manage: return(AccessRights.Manage); case AccessRight.ManageNotificationHub: return(AccessRights.ManageNotificationHub); case AccessRight.Send: return(AccessRights.Send); default: throw new ArgumentOutOfRangeException(nameof(source)); } }
/// <summary> /// Adds a given right to a group. /// </summary> /// <param name="g">Name of the group.</param> /// <param name="r">Right to add.</param> public void AddRight(Group g, AccessRight r) { var info = FindAccessInfo(g); if (info != null) { info.AddRight(r); } else { Access.Add(new AccessInfo { Group = g, Right = r, GroupDummy = g.Name }); } }
protected override AccessResult GetAccessCore(ISecurable entity, Account account, AccessRight accessRight) { var uniqueId = entity.GetUniqueId(); if (string.IsNullOrEmpty(uniqueId)) { return this.GetDefaultAccessResult(); } var id = uniqueId.Substring(uniqueId.IndexOf("{", StringComparison.Ordinal), uniqueId.IndexOf("}", StringComparison.Ordinal) - uniqueId.IndexOf("{", StringComparison.Ordinal) + 1); var itemId = ID.Parse(id); var item = this.DataStorage.GetFakeItem(itemId); return this.GetPermission(item.Access, accessRight); }
public static bool TryParseAccessRight(this BaseCommand command, string accessRightName, out AccessRight accessRight) { accessRight = null; try { accessRight = AccessRight.FromName(accessRightName); } catch (Exception ex) { command.WriteError(new ErrorRecord(ex, "sitecore_invalid_access_right", ErrorCategory.InvalidArgument, null)); return(false); } return(true); }
// GET: AccessRights/Edit/5 public ActionResult Edit(int?id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } AccessRight accessRight = db.AccessRights.Find(id); if (accessRight == null) { return(HttpNotFound()); } ViewBag.AspNetUserId = new SelectList(db.AspNetUsers, "Id", "Email", accessRight.AspNetUserId); return(View(accessRight)); }
public bool HasAccess(AccessRight[] userAccessRights, AccessRight requiredAccessRight) { if (userAccessRights.Contains(AccessRight.Full) || userAccessRights.Length >= 4) { return(true); } foreach (var right in userAccessRights) { if (right == requiredAccessRight) { return(true); } } return(false); }
/// <summary> /// The method that matches incoming number to a collection of permissions /// </summary> /// <param name="value">The number of bit-vector that comes and needs to be converted to list</param> /// <param name="repository">A layer to get permissions from database</param> /// <returns>A collection of permissions</returns> private static IEnumerable <Permission> MatchPermissions(int value, IPermissionRepository repository) { AccessRight vector = (AccessRight)value; var accessRights = vector .ToString() .Split(',') .Select(x => Enum.Parse(typeof(AccessRight), x)) .Cast <AccessRight>(); var result = repository.Get(new List <Expression <Func <Permission, bool> > >() { perm => accessRights.Contains(perm.AccessRights) }); return(result); }
public static string Translate(this AccessRight right, Translator translator) { switch (right) { case AccessRight.None: return(translator.Get("Enum.AccessRight.None", "Value 'None' in AccessRight enum", "None")); case AccessRight.Read: return(translator.Get("Enum.AccessRight.Read", "Value 'Read' in AccessRight enum", "Read")); case AccessRight.Write: return(translator.Get("Enum.AccessRight.Write", "Value 'Write' in AccessRight enum", "Write")); default: throw new NotSupportedException(); } }
protected override AccessResult GetItemAccess(Data.Items.Item item, Account account, AccessRight accessRight, PropagationType propagationType) { var result = base.GetItemAccess(item, account, accessRight, propagationType); if (result.IsNull() || result.Permission != AccessPermission.Allow) { return result; } if (accessRight.Name != BucketRights.MakeABucket) { return result; } var right = accessRight as BucketAccessRight; if (right.IsNotNull()) { result = this.GetItemAccess(item, account, right); } return result; }
private static extern IntPtr CreateEventEx( IntPtr eventAttributes, [MarshalAs(UnmanagedType.LPTStr)]string name, CreateEventFlags flags, AccessRight desiredAccess);
protected override AccessResult GetAccessCore(ISecurable entity, Account account, AccessRight accessRight) { return new AccessResult(AccessPermission.Allow, new AccessExplanation("Always allow authorization provider used")); }
/// <summary> /// The get access core. /// </summary> /// <param name="entity"> /// The entity. /// </param> /// <param name="account"> /// The account. /// </param> /// <param name="accessRight"> /// The access right. /// </param> /// <returns> /// The <see cref="AccessResult"/>. /// </returns> protected override AccessResult GetAccessCore(ISecurable entity, Account account, AccessRight accessRight) { if (!this.accessRules.ContainsKey(entity.GetUniqueId())) { return new AccessResult(AccessPermission.Allow, new AccessExplanation(account.Name, accessRight)); } AccessRuleCollection rule = this.accessRules[entity.GetUniqueId()]; return new AccessResult(rule.Helper.GetAccessPermission(account, accessRight, PropagationType.Any), new AccessExplanation("Memory authorization provider found it correct.")); }
public void when_the_user_has_full_rights_return_null_so_that_the_construction_can_continue_to_the_next_in_the_chain() { theRightsAre = AccessRight.All; theResultingTag.ShouldBeNull(); }
private string GetAccessPermission(AccessRuleCollection rules, Sitecore.Security.Accounts.Account account, AccessRight accessRight, AccessPermission accessPermission, string sExistingPermissions) { if ((rules.Helper.GetAccessPermission(account, accessRight, PropagationType.Descendants) == accessPermission) && (sExistingPermissions.IndexOf(accessRight.Name) == -1)) { sExistingPermissions += accessRight.Name + "|"; } return sExistingPermissions; }
protected override AccessResult GetAccessCore(ISecurable entity, Account account, AccessRight accessRight) { return new AccessResult(AccessPermission.Allow, new AccessExplanation("Everything is allowed by design.")); }
internal AccessRoomEvent(AccessRight newRights) { this.NewRights = newRights; }
protected override AccessResult GetAccessCore(ISecurable entity, Account account, AccessRight accessRight) { throw new System.NotImplementedException(); }
/// <summary> /// Checking on if user has in its claims the specific one neeeded /// </summary> /// <param name="value">Value of Permissions claim</param> /// <param name="permission">The permission for specific action</param> /// <returns>True if there is such a permission for user</returns> private static bool hasFlag(string value, AccessRight permission) { return ((AccessRight)Enum.Parse(typeof(AccessRight), value)) .HasFlag(permission); }
public PrincipalRole(string name, AccessRight[] rights) { this.Name = name; this.Rights = rights; }
public static bool TryParseAccessRight(this BaseCommand command, string accessRightName, out AccessRight accessRight) { accessRight = null; try { accessRight = AccessRight.FromName(accessRightName); } catch (Exception ex) { command.WriteError(new ErrorRecord(ex, "sitecore_invalid_access_right", ErrorCategory.InvalidArgument, null)); return false; } return true; }
public void return_an_element_that_is_not_authorized_if_there_are_not_rights() { theRightsAre = AccessRight.None; theResultingTag.Authorized().ShouldBeFalse(); }
public void when_the_user_has_only_read_access_the_builder_should_return_the_display_for_element() { theRightsAre = AccessRight.ReadOnly; var displayTag = new HtmlTag("span"); services.MockFor<ITagGenerator<TheModel>>().Stub(x => x.DisplayFor(theRequest)).Return(displayTag); theResultingTag.ShouldBeTheSameAs(displayTag); }
protected override AccessResult GetAccessCore(ISecurable entity, Account account, AccessRight accessRight) { return new AccessResult(AccessPermission.Allow, new AccessExplanation("fake")); }
public override AccessResult GetAccess(ISecurable entity, Account account, AccessRight accessRight) { return this.CurrentProvider.GetAccess(entity, account, accessRight); }