Пример #1
0
		public ISecurityObjectId InheritFrom(ISecurityObjectId objectId) {
			if (objectId.ObjectType == type1) {
				if (objectId.SecurityId.Equals(2)) return new SecurityObjectId(1, type1);
			}

			return null;
		}
        public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
        {
            int contactId;
            int entityId;
            EntityType entityType;

            if (objectId is Task)
            {
                var task = (Task)objectId;

                contactId = task.ContactID;
                entityId = task.EntityID;
                entityType = task.EntityType;
            }
            else if (objectId is RelationshipEvent)
            {
                var eventObj = (RelationshipEvent)objectId;

                contactId = eventObj.ContactID;
                entityId = eventObj.EntityID;
                entityType = eventObj.EntityType;
                
            }
            else
            {
                return null;
            }

            if (entityId == 0 && contactId == 0) return null;

            if (entityId == 0)
            return new Company
                {
                    ID = contactId,
                    CompanyName = "fakeCompany"
                };
                
                //   return _daoFactory.GetContactDao().GetByID(contactId);

            switch (entityType)
            {

                case EntityType.Opportunity:
                    return new Deal
                        {
                            ID = entityId,
                            Title = "fakeDeal"
                        };
                   // return _daoFactory.GetDealDao().GetByID(entityId);
                case EntityType.Case:
                    return new Cases
                        {
                            ID = entityId, 
                            Title = "fakeCases"
                        };
                  //  return _daoFactory.GetCasesDao().GetByID(entityId);
            }

            return null;
        }
Пример #3
0
 public void RemoveAllAces(ISecurityObjectId id)
 {
     foreach (var r in GetAces(Guid.Empty, Guid.Empty, id).ToArray())
     {
         RemoveAce(r);
     }
 }
Пример #4
0
        private DenyResult[] GetDenyActions(ISubject subject, IAction[] actions, ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider)
        {
            var denyActions = new List<DenyResult>();
            if (actions == null) actions = new IAction[0];

            if (subject == null)
            {
                denyActions = actions.Select(a => new DenyResult(a, null, null)).ToList();
            }
            else if (subject is ISystemAccount && subject.ID == Constants.CoreSystem.ID)
            {
                // allow all
            }
            else
            {
                ISubject denySubject = null;
                IAction denyAction = null;
                foreach (var action in actions)
                {
                    var allow = azManager.CheckPermission(subject, action, objectId, securityObjProvider, out denySubject, out denyAction);
                    if (!allow)
                    {
                        denyActions.Add(new DenyResult(action, denySubject, denyAction));
                        break;
                    }
                }
            }
            return denyActions.ToArray();
        }
Пример #5
0
        public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
        {
            int calId;
            if (int.TryParse(this.CalendarId, out calId))
                return new Calendar() { Id = this.CalendarId };

            return null;
        }
        public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
        {
 
          //   Constants.Everyone
          // if (_daoFactory.GetManagerDao().GetAll(false).Contains(ASC.Core.CoreContext.UserManager.GetUsers(account.ID)))
          //   return new Action[]
            throw new NotImplementedException();
        }
Пример #7
0
        public IEnumerable<ASC.Common.Security.Authorizing.IRole> GetObjectRoles(ASC.Common.Security.Authorizing.ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
        {
            List<IRole> roles = new List<IRole>();
            if (account.ID.Equals(this.OwnerId))
                roles.Add(ASC.Common.Security.Authorizing.Constants.Owner);

            return roles;
        }
Пример #8
0
        private static bool IsPrivate(ISecurityObjectId entity)
        {

            var entityAces = CoreContext.AuthorizationManager.GetAcesWithInherits(Guid.Empty, _actionRead.ID, entity, GetCRMSecurityProvider());

            return entityAces.Count() > 1;

        }
 public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
 {
     var roles = new List<IRole>();
     if (blogOwner != null && blogOwner.ID.Equals(account.ID))
     {
         roles.Add(ASC.Common.Security.Authorizing.Constants.Owner);
     }
     return roles;
 }
Пример #10
0
        public IEnumerable<Ace> GetAcl(ISubject subject, IAction action, ISecurityObjectId objectId, ISecurityObjectProvider secObjProvider)
        {
            if (subject == null) throw new ArgumentNullException("subject");
            if (action == null) throw new ArgumentNullException("action");

            return CoreContext.AuthorizationManager
                .GetAcesWithInherits(subject.ID, action.ID, objectId, secObjProvider)
                .Select(r => new Ace(r.ActionId, r.Reaction));
        }
Пример #11
0
		public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
		{
			var roles = new List<IRole>();
			if (Equals(account.ID, this.UserID))
			{
				roles.Add(Constants.Owner);
			}
			return roles;
		}
        public IEnumerable<ASC.Common.Security.Authorizing.IRole> GetObjectRoles(ASC.Common.Security.Authorizing.ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
        {
            var roles = new List<IRole>();

            if (!Guid.Empty.Equals(Object.OwnerID) && Object.OwnerID.Equals(account.ID))
            {
                roles.Add(ASC.Common.Security.Authorizing.Constants.Owner);
            }

            return roles;
        }
 public bool NextInherit()
 {
     if (currSecObjProvider == null || !currSecObjProvider.InheritSupported) return false;
     currObjId = currSecObjProvider.InheritFrom(currObjId);
     if (currObjId == null) return false;
     if (currObjIdAsProvider)
     {
         currSecObjProvider = currObjId as ISecurityObjectProvider;
     }
     callContext.ObjectsStack.Insert(0, CurrentObjectId);
     return currSecObjProvider != null;
 }
Пример #14
0
        public bool CheckPermission(ISubject subject, IAction action, ISecurityObjectId objectId,
                                    ISecurityObjectProvider securityObjProvider, out ISubject denySubject,
                                    out IAction denyAction)
        {
            if (subject == null) throw new ArgumentNullException("subject");
            if (action == null) throw new ArgumentNullException("action");

            var acl = GetAzManagerAcl(subject, action, objectId, securityObjProvider);
            denySubject = acl.DenySubject;
            denyAction = acl.DenyAction;
            return acl.IsAllow;
        }
Пример #15
0
 public void Demand(ISubject subject, ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider, params IAction[] actions)
 {
     var denyActions = GetDenyActions(subject, actions, objectId, securityObjProvider);
     if (0 < denyActions.Length)
     {
         throw new AuthorizingException(
             subject,
             Array.ConvertAll(denyActions, r => r.TargetAction),
             Array.ConvertAll(denyActions, r => r.DenySubject),
             Array.ConvertAll(denyActions, r => r.DenyAction));
     }
 }
 public AzObjectSecurityProviderHelper(ISecurityObjectId objectId, ISecurityObjectProvider secObjProvider)
 {
     if (objectId == null) throw new ArgumentNullException("objectId");
     currObjIdAsProvider = false;
     currObjId = objectId;
     currSecObjProvider = secObjProvider;
     if (currSecObjProvider == null && currObjId is ISecurityObjectProvider)
     {
         currObjIdAsProvider = true;
         currSecObjProvider = (ISecurityObjectProvider) currObjId;
     }
     callContext = new SecurityCallContext();
 }
        public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
        {
            var roles = new List<IRole>();

            var userGroups = new List<GroupInfo>(
                CoreContext.UserManager.GetUserGroups(account.ID, IncludeType.Distinct | IncludeType.InChild)
            );

            if (userGroups.Contains(groupInfo))
            {
                roles.Add(ASC.Common.Security.Authorizing.Constants.Member);
            }

            return roles;
        }
Пример #18
0
		public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext) {
			var roles = new List<IRole>();

			if (objectId.ObjectType == type1) {
				if (objectId.SecurityId.Equals(1) && account.Equals(Domain.accountNik)) {
					roles.Add(Constants.Owner);
					roles.Add(Constants.Self);
				}
				if (objectId.SecurityId.Equals(3) && account.Equals(Domain.accountAnton)) {
					roles.Add(Constants.Owner);
				}
			}

			return roles;
		}
Пример #19
0
        public static bool CheckPermissions(ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider, params IAction[] actions)
        {
            if (IsAdministrator()) return true;
            if (IsOutsider())
            {
                var actionArray = actions ?? new IAction[0];
                var containsReadAction = false;
                foreach (var action in actionArray)
                {
                    containsReadAction = action.ID.Equals(new Guid("{E0759A42-47F0-4763-A26A-D5AA665BEC35}"));//"Read forum post action"
                }
                if (!containsReadAction) return false;
            }

            return SecurityContext.CheckPermissions(objectId, securityObjProvider, actions);
        }
Пример #20
0
 internal IEnumerable<ISubject> GetSubjects(ISubject subject, ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider)
 {
     var subjects = new List<ISubject>();
     subjects.Add(subject);
     subjects.AddRange(
         roleProvider.GetRoles(subject)
             .ConvertAll(r => { return (ISubject)r; })
         );
     if (objectId != null)
     {
         var secObjProviderHelper = new AzObjectSecurityProviderHelper(objectId, securityObjProvider);
         do
         {
             if (!secObjProviderHelper.ObjectRolesSupported) continue;
             foreach (IRole role in secObjProviderHelper.GetObjectRoles(subject))
             {
                 if (!subjects.Contains(role)) subjects.Add(role);
             }
         } while (secObjProviderHelper.NextInherit());
     }
     return subjects;
 }
        public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
        {
            if (!(objectId is Task)) return null;

            var task = (Task)objectId;

            if (task.EntityID == 0 && task.ContactID == 0) return null;

            if (task.EntityID == 0)
                return _daoFactory.GetContactDao().GetByID(task.ContactID);

            switch (task.EntityType)
            {

                case EntityType.Opportunity:
                    return _daoFactory.GetDealDao().GetByID(task.EntityID);
                case EntityType.Case:
                    return _daoFactory.GetCasesDao().GetByID(task.EntityID);
            }

            return null;
        }
Пример #22
0
        public IEnumerable<AzRecord> GetAcesWithInherits(Guid subjectId, Guid actionId, ISecurityObjectId objectId, ISecurityObjectProvider secObjProvider)
        {
            if (objectId == null)
            {
                return GetAces(subjectId, actionId, null);
            }

            var result = new List<AzRecord>();
            var aces = service.GetAces(CoreContext.TenantManager.GetCurrentTenant().TenantId, default(DateTime));
            result.AddRange(FilterAces(aces, subjectId, actionId, objectId));

            var inherits = new List<AzRecord>();
            var secObjProviderHelper = new AzObjectSecurityProviderHelper(objectId, secObjProvider);
            while (secObjProviderHelper.NextInherit())
            {
                inherits.AddRange(FilterAces(aces, subjectId, actionId, secObjProviderHelper.CurrentObjectId));
            }

            inherits.AddRange(FilterAces(aces, subjectId, actionId, null));

            result.AddRange(DistinctAces(inherits));
            return result;
        }
Пример #23
0
        internal AzManagerAcl GetAzManagerAcl(ISubject subject, IAction action, ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider)
        {
            if (action.AdministratorAlwaysAllow && (Constants.Admin.ID == subject.ID || roleProvider.IsSubjectInRole(subject, Constants.Admin)))
            {
                return AzManagerAcl.Allow;
            }

            var acl = AzManagerAcl.Default;
            var exit = false;

            foreach (var s in GetSubjects(subject, objectId, securityObjProvider))
            {
                var aceList = permissionProvider.GetAcl(s, action, objectId, securityObjProvider);
                foreach (var ace in aceList)
                {
                    if (ace.Reaction == AceType.Deny && !exit)
                    {
                        acl.IsAllow = false;
                        acl.DenySubject = s;
                        acl.DenyAction = action;
                        exit = true;
                    }
                    if (ace.Reaction == AceType.Allow && !exit)
                    {
                        acl.IsAllow = true;
                        if (!action.Conjunction)
                        {
                            // disjunction: first allow and exit
                            exit = true;
                        }
                    }
                    if (exit) break;
                }
                if (exit) break;
            }
            return acl;
        }
Пример #24
0
 public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
 {
     return(new Topic {
         ID = TopicID
     });
 }
Пример #25
0
 public bool Check(ISubject subject, ISecurityObjectId objectId, ISecurityObjectProvider securityObjProvider, params IAction[] actions)
 {
     var denyActions = GetDenyActions(subject, actions, objectId, securityObjProvider);
     return denyActions.Length == 0;
 }
Пример #26
0
		/// <inheritdoc/>
        public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
        {
            throw new NotImplementedException();
        }
Пример #27
0
		/// <inheritdoc/>
        public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
        {
            return new IRole[0];
        }
Пример #28
0
        public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
        {
            var roles = new List<IRole>();
            if (account.ID.Equals(PosterID))
                roles.Add(Common.Security.Authorizing.Constants.Owner);

            return roles;
        }
Пример #29
0
 public IEnumerable<IRole> GetObjectRoles(ISubject account, ISecurityObjectId objectId, SecurityCallContext callContext)
 {
     throw new NotImplementedException();
 }
Пример #30
0
 public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
 {
     var s = objectId as WebItemSecurityObject;
     if (s != null)
     {
         var parent = WebItemSecurityObject.Create(WebItemManager.Instance.GetParentItemID(s.WebItemId).ToString("N")) as WebItemSecurityObject;
         return parent != null && parent.WebItemId != s.WebItemId && parent.WebItemId != Guid.Empty ? parent : null;
     }
     return null;
 }
Пример #31
0
 public ISecurityObjectId InheritFrom(ISecurityObjectId objectId)
 {
     return new Topic {ID = TopicID };
 }