/// <summary>
/// Inits the specified owner.
/// </summary>
/// <param name="owner">The owner.</param>
/// <param name="controlInfo">The control info.</param>
public void Init(IIbnContainer owner, IbnControlInfo controlInfo)
{
_ownerContainer = owner;
_info = controlInfo;
using (IDataReader reader = DBDirectory.GetRoot(owner.Key))
{
if (reader.Read())
{
_root = new DirectoryInfo(this, reader);
}
}
if (_root == null)
{
using (IDataReader reader = DBDirectory.CreateRoot(owner.Key, "root", this.CurrentUserId, DateTime.Now))
{
if (reader.Read())
{
_root = new DirectoryInfo(this, reader);
}
}
AccessControlList rootAcl = AccessControlList.GetACL(_root.Id);
foreach (AccessControlEntry ace in _info.DefaultAccessControlList.GetACL(_ownerContainer.Key))
{
rootAcl.Add(ace);
}
if (rootAcl.Count > 0)
{
AccessControlList.SetACL(this, rootAcl);
}
}
}
/// <summary>
/// Sets the ACL.
/// </summary>
/// <param name="control">The control.</param>
/// <param name="acl">The acl.</param>
/// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
public static void SetACL(IIbnControl control, AccessControlList acl)
{
if(control==null)
throw new ArgumentNullException("control");
if(acl==null)
throw new ArgumentNullException("acl");
if(acl.OwnerDirectoryId == 0)
throw new ArgumentException("You can not use a dettached ACL.","acl");
using(DBTransaction tran = DBHelper2.DBHelper.BeginTransaction())
{
// Step 2. Update Inherited ACEs
if(acl.IsInheritedChanged)
{
if(acl.IsInherited)
{
DBAccessControlList.TurnOnIsInherited(acl.Id);
}
else
{
DBAccessControlList.TurnOffIsInherited(acl.Id,false);
}
}
// Step 3. Update Common ACEs
if(acl.IsChanged)
{
DBAccessControlList.Clear(acl.Id);
foreach(AccessControlEntry ace in acl)
{
if(!ace.IsIherited)
{
DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,ace.Action,ace.Allow, false);
if(ace.Allow)
{
foreach(string BaseAction in control.GetBaseActions(ace.Action))
{
DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
}
}
else
{
foreach(string BaseAction in control.GetDerivedActions(ace.Action))
{
DBAccessControlList.AddAce(acl.Id,ace.Role,ace.PrincipalId,BaseAction,ace.Allow, true);
}
}
}
}
}
// Step 4. Update child ACL
DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);
tran.Commit();
}
}
/// <summary>
/// Sets the ACL.
/// </summary>
/// <param name="control">The control.</param>
/// <param name="acl">The acl.</param>
/// <param name="ValidateACL">if set to <c>true</c> [validate ACL].</param>
public static void SetACL(IIbnControl control, AccessControlList acl)
{
if (control == null)
{
throw new ArgumentNullException("control");
}
if (acl == null)
{
throw new ArgumentNullException("acl");
}
if (acl.OwnerDirectoryId == 0)
{
throw new ArgumentException("You can not use a dettached ACL.", "acl");
}
using (DBTransaction tran = DBHelper2.DBHelper.BeginTransaction())
{
// Step 2. Update Inherited ACEs
if (acl.IsInheritedChanged)
{
if (acl.IsInherited)
{
DBAccessControlList.TurnOnIsInherited(acl.Id);
}
else
{
DBAccessControlList.TurnOffIsInherited(acl.Id, false);
}
}
// Step 3. Update Common ACEs
if (acl.IsChanged)
{
DBAccessControlList.Clear(acl.Id);
foreach (AccessControlEntry ace in acl)
{
if (!ace.IsIherited)
{
DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, ace.Action, ace.Allow, false);
if (ace.Allow)
{
foreach (string BaseAction in control.GetBaseActions(ace.Action))
{
DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
}
}
else
{
foreach (string BaseAction in control.GetDerivedActions(ace.Action))
{
DBAccessControlList.AddAce(acl.Id, ace.Role, ace.PrincipalId, BaseAction, ace.Allow, true);
}
}
}
}
}
// Step 4. Update child ACL
DBAccessControlList.RefreshInheritedACL(acl.OwnerDirectoryId);
tran.Commit();
}
}
/// <summary>
/// Gets the ACL.
/// </summary>
/// <param name="DirectoryId">The directory id.</param>
/// <returns></returns>
public static AccessControlList GetACL(int DirectoryId)
{
using(IDataReader reader = DBAccessControlList.GetAcl(DirectoryId))
{
AccessControlList retVal = new AccessControlList(reader);
return retVal;
}
}
