/// <summary> /// Retrieves all ActionRight entities which are applyable to a forum. /// </summary> /// <returns>entitycollection with all the action rights requested</returns> public static ActionRightCollection GetAllActionRightsApplybleToAForum() { ActionRightCollection toReturn = new ActionRightCollection(); toReturn.GetMulti((ActionRightFields.AppliesToForum == true), 0, new SortExpression(ActionRightFields.ActionRightID.Ascending())); return(toReturn); }
/// <summary> /// Retrieves all action rights which are system action rights and which aren't applyable to a forum /// </summary> /// <returns>entitycollection with all the system action rights</returns> public static ActionRightCollection GetAllSystemActionRights() { ActionRightCollection toReturn = new ActionRightCollection(); toReturn.GetMulti((ActionRightFields.AppliesToSystem == true), 0, new SortExpression(ActionRightFields.ActionRightID | SortOperator.Ascending)); return(toReturn); }
/// <summary> /// Loads the user and his rights and audits to the session object. /// </summary> /// <param name="user">The user to be added to the session.</param> public static void LoadUserSessionData(UserEntity user) { // Adds the user object to session AddUserObject(user); ActionRightCollection systemActionRights = SecurityGuiHelper.GetSystemActionRightsForUser(user.UserID); // add user system rights to the session object AddSystemActionRights(systemActionRights); AuditActionCollection auditActions = SecurityGuiHelper.GetAuditActionsForUser(user.UserID); // add user audit actions to the session object AddAuditActions(auditActions); ForumRoleForumActionRightCollection forumActionRights = SecurityGuiHelper.GetForumsActionRightsForUser(user.UserID); // add user forums rights to the session object AddForumsActionRights(forumActionRights); // set the last visit date. if ((user.UserID > 0) && (user.LastVisitedDate.HasValue)) { SessionAdapter.AddLastVisitDate(user.LastVisitedDate.Value, true); } else { SessionAdapter.AddLastVisitDate(DateTime.Now, true); } }
/// <summary> /// Determines whether there are system action rights in the session. /// </summary> /// <returns> /// <c>true</c> if system action rights exist in the session; otherwise, <c>false</c>. /// </returns> public static bool HasSystemActionRights() { ActionRightCollection actionRights = GetSystemActionRights(); if (actionRights != null) { return(actionRights.Count > 0); } return(false); }
/// <summary> /// Checks if the user of the current context(session) has the ability to perform the action right on the system. /// If this is correct, true is returned, otherwise false. /// </summary> /// <param name="actionRightID">Actionright to check. This is a system action right</param> /// <returns>True if the user of the current context is allowed to perform the action right on the /// system, false otherwise.</returns> public static bool HasSystemActionRight(ActionRights actionRightID) { ActionRightCollection actionRights = GetSystemActionRights(); if (actionRights != null && actionRights.Count > 0) { // use the FindMatches routine to find all entities which match with the filter on the specified actionrightid return(actionRights.FindMatches((ActionRightFields.ActionRightID == (int)actionRightID)).Count > 0); } return(false); }
private void Page_Load(object sender, System.EventArgs e) { // If the user doesn't have any access rights to management stuff, the user should // be redirected to the default of the global system. if (!SessionAdapter.HasSystemActionRights()) { // doesn't have system rights. redirect. Response.Redirect("../Default.aspx", true); } // Check if the user has the right systemright if (!SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement)) { // no, redirect to admin default page, since the user HAS access to the admin menu. Response.Redirect("Default.aspx", true); } _roleID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["RoleID"]); if (!Page.IsPostBack) { // get the role and show the description RoleEntity role = SecurityGuiHelper.GetRole(_roleID); if (role != null) { tbxRoleDescription.Text = role.RoleDescription; } // get the system rights ActionRightCollection systemActionRights = SecurityGuiHelper.GetAllSystemActionRights(); cblSystemRights.DataSource = systemActionRights; cblSystemRights.DataTextField = "ActionRightDescription"; cblSystemRights.DataValueField = "ActionRightID"; cblSystemRights.DataBind(); // get the action rights set for this role RoleSystemActionRightCollection systemActionRightRoleCombinations = SecurityGuiHelper.GetSystemActionRightRolesForRole(_roleID); // check the checkboxes in the cblSystemRights list if the value matches a row in the datatable foreach (RoleSystemActionRightEntity currentEntity in systemActionRightRoleCombinations) { cblSystemRights.Items.FindByValue(currentEntity.ActionRightID.ToString()).Selected = true; } } }
/// <summary> /// Determines whether the user can administrate the system in one way or the other. /// </summary> /// <returns>true if the user can administrate system, user or security</returns> public static bool CanAdministrate() { ActionRightCollection actionRights = GetSystemActionRights(); if ((actionRights == null) || (actionRights.Count <= 0)) { return(false); } // use FindMatches to determine if there are actionrights present which allow administation. List <int> toFind = new List <int>(); toFind.Add((int)ActionRights.SystemManagement); toFind.Add((int)ActionRights.SecurityManagement); toFind.Add((int)ActionRights.UserManagement); return(actionRights.FindMatches((ActionRightFields.ActionRightID == toFind)).Count > 0); }
/// <summary> /// Gets the system action rights for user. /// </summary> /// <param name="userID">The user ID.</param> /// <param name="actionRights">The action rights to be returned.</param> /// <returns>filled collection</returns> public static ActionRightCollection GetSystemActionRightsForUser(int userID) { ActionRightCollection actionRights = new ActionRightCollection(); // the subquery in the filter requires joins as the filter's subquery has to filter on fields in related entities: // WHERE ActionRightID IN (SELECT ActionRightID FROM RoleSystemActionRight INNER JOIN Role ... INNER JOIN RoleUser ... WHERE RoleUser.UserID=userID) RelationCollection relations = new RelationCollection(); relations.Add(RoleSystemActionRightEntity.Relations.RoleEntityUsingRoleID); relations.Add(RoleEntity.Relations.RoleUserEntityUsingRoleID); PredicateExpression filter = new PredicateExpression(); // retrieve system action rights only. filter.Add(ActionRightFields.AppliesToSystem == true); filter.Add(new FieldCompareSetPredicate( ActionRightFields.ActionRightID, RoleSystemActionRightFields.ActionRightID, SetOperator.In, (RoleUserFields.UserID == userID), relations)); actionRights.GetMulti(filter); return(actionRights); }
private void Page_Load(object sender, System.EventArgs e) { // If the user doesn't have any access rights to management stuff, the user should // be redirected to the default of the global system. if (!SessionAdapter.HasSystemActionRights()) { // doesn't have system rights. redirect. Response.Redirect("../Default.aspx", true); } // Check if the user has the right systemright bool hasAccess = SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement); if (!hasAccess) { // no, redirect to admin default page, since the user HAS access to the admin menu. Response.Redirect("Default.aspx", true); } _roleID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["RoleID"]); if (!Page.IsPostBack) { // get the role and show the description RoleEntity role = SecurityGuiHelper.GetRole(_roleID); if (!role.IsNew) { _roleDescription = role.RoleDescription; } // store in viewstate. ViewState.Add("sRoleDescription", _roleDescription); // Get all sections, which do have a forum. DataView sections = SectionGuiHelper.GetAllSectionsWStatisticsAsDataView(true); cbxSections.DataSource = sections; cbxSections.DataTextField = "SectionName"; cbxSections.DataValueField = "SectionID"; cbxSections.DataBind(); if (cbxSections.Items.Count > 0) { cbxSections.Items[0].Selected = true; } FillForumList(); // get the forum action rights ActionRightCollection actionRights = SecurityGuiHelper.GetAllActionRightsApplybleToAForum(); cblForumRights.DataSource = actionRights; cblForumRights.DataTextField = "ActionRightDescription"; cblForumRights.DataValueField = "ActionRightID"; cblForumRights.DataBind(); // Reflect action rights for current selected forum for this role ReflectCurrentActionRights(); } else { // read role description from viewstate _roleDescription = ViewState["sRoleDescription"].ToString(); _forumID = HnDGeneralUtils.TryConvertToInt(cbxForums.SelectedItem.Value); } }
/// <summary> /// Adds the system action rights collection to the session. /// If the object already exists, it is overwritten with the new value. /// </summary> /// <param name="actionRights">The action rights.</param> private static void AddSystemActionRights(ActionRightCollection actionRights) { //Adds a new item to the session-state collection. //If the name parameter refers to an existing session state item, the existing item is overwritten with the specified value. HttpContext.Current.Session.Add("systemActionRights", actionRights); }