public static Permission GetPermissions(int categoryId, IGraffitiUser user, bool calledFromMultipleCategoryPage) { string[] roles; // if there is no users, setup the roles collection to be everyone if (user == null) { roles = new string[1] { GraffitiUsers.EveryoneRole }; } else // get the users roles roles = user.Roles; Permission p = new Permission(); // if the user is an admin, they have access to everything if(GraffitiUsers.IsAdmin(user)) { p.Read = true; p.Edit = true; p.Publish = true; return p; } // determines if category permissions are setup, which overrides individual role permissions bool setInCategoryPermissions = false; if (categoryId != -1 || calledFromMultipleCategoryPage) { foreach (string role in roles) { foreach (RoleCategoryPermissions rcp in GetRoleCategoryPermissions()) { if (rcp.RoleName == role) { if (rcp.CategoryId == categoryId || calledFromMultipleCategoryPage) { // only set it if it's false. if another permissions allowed this category, // the user has permissions if (!p.Read) p.Read = rcp.HasRead; if (!p.Edit) p.Edit = rcp.HasEdit; if (!p.Publish) p.Publish = rcp.HasPublish; } setInCategoryPermissions = true; } } } } if (!setInCategoryPermissions) { foreach (string role in roles) { foreach (RolePermissions rp in GetRolePermissions()) { if (rp.RoleName == role) { // only set it if it's false. if another permissions allowed, // the user has permissions if (!p.Read) p.Read = rp.HasRead; if (!p.Edit) p.Edit = rp.HasEdit; if (!p.Publish) p.Publish = rp.HasPublish; } } } } return p; }
public static Permission GetPermissions(int categoryId, IGraffitiUser user, bool calledFromMultipleCategoryPage) { string[] roles; // if there is no users, setup the roles collection to be everyone if (user == null) { roles = new string[1] { GraffitiUsers.EveryoneRole }; } else // get the users roles { roles = user.Roles; } Permission p = new Permission(); // if the user is an admin, they have access to everything if (GraffitiUsers.IsAdmin(user)) { p.Read = true; p.Edit = true; p.Publish = true; return(p); } // determines if category permissions are setup, which overrides individual role permissions bool setInCategoryPermissions = false; if (categoryId != -1 || calledFromMultipleCategoryPage) { foreach (string role in roles) { foreach (RoleCategoryPermissions rcp in GetRoleCategoryPermissions()) { if (rcp.RoleName == role) { if (rcp.CategoryId == categoryId || calledFromMultipleCategoryPage) { // only set it if it's false. if another permissions allowed this category, // the user has permissions if (!p.Read) { p.Read = rcp.HasRead; } if (!p.Edit) { p.Edit = rcp.HasEdit; } if (!p.Publish) { p.Publish = rcp.HasPublish; } } setInCategoryPermissions = true; } } } } if (!setInCategoryPermissions) { foreach (string role in roles) { foreach (RolePermissions rp in GetRolePermissions()) { if (rp.RoleName == role) { // only set it if it's false. if another permissions allowed, // the user has permissions if (!p.Read) { p.Read = rp.HasRead; } if (!p.Edit) { p.Edit = rp.HasEdit; } if (!p.Publish) { p.Publish = rp.HasPublish; } } } } } return(p); }