/// <summary>
/// Returns <see cref="SysAdminUnit"/> unique identifiers list, filled with user which allowed
/// <paramref name="operation"/> for <paramref name="emailMessageData"/> related mailbox.
/// </summary>
/// <param name="emailMessageData"><see cref="EmailMessageData"/> instance.</param>
/// <param name="operation"><see cref="EntitySchemaRecordRightOperation"/> instance.</param>
/// <returns><see cref="SysAdminUnit"/> unique identifiers list.</returns>
public IEnumerable <Guid> GetUsersWithRights(Entity emailMessageData,
EntitySchemaRecordRightOperation operation = EntitySchemaRecordRightOperation.Read)
{
if (!NeedSetEmailRecordRights())
{
return(new List <Guid>());
}
return(GetUsersWithRightsForMailbox(emailMessageData, operation));
}
/// <summary>
/// Set entity schema record right level for operation
/// </summary>
/// <param name="sysAdminUnitId">SysAdminUnit id</param>
/// <param name="recordId">Record id</param>
/// <param name="operation">Operation</param>
/// <param name="rightLevel">Right level</param>
/// <param name="sourceId">Source id</param>
/// <returns></returns>
public virtual Guid SetEntitySchemaRecordRightLevel(Guid sysAdminUnitId, Guid recordId, EntitySchemaRecordRightOperation operation,
EntitySchemaRecordRightLevel rightLevel, Guid sourceId)
{
return(_userConnection.DBSecurityEngine
.SetEntitySchemaRecordRightLevel(sysAdminUnitId, _schemaName, recordId, operation, rightLevel, sourceId));
}
/// <summary>
/// Returns list of <see cref="SysAdminUnit"/> unique identifiers. Filled with user which allowed
/// <paramref name="operation"/> for <paramref name="emailMessageData"/> related mailbox.
/// </summary>
/// <param name="emailMessageData"><see cref="EmailMessageData"/> instance.</param>
/// <param name="operation">Administrated record operation code.</param>
/// <returns>List of <see cref="SysAdminUnit"/> unique identifiers. </returns>
protected virtual IEnumerable <Guid> GetUsersWithRightsForMailbox(Entity emailMessageData, EntitySchemaRecordRightOperation operation)
{
Guid mailboxId = emailMessageData.GetTypedColumnValue <Guid>("MailboxSyncSettings");
if (mailboxId.IsEmpty())
{
return(new List <Guid>());
}
var sendAllowedUsersGroup = LoadRightsFromDb(_mailboxRightsSchemaName, mailboxId, (int)operation);
var emailsReadAllowedUsersGroup = LoadRightsFromDb("EmailDefRights", mailboxId, (int)operation).Union(GetFullRightsForCurrentUser());
var sendAllowedUsers = GetUsersFromGroups(sendAllowedUsersGroup.Select(rrp => rrp.SysAdminUnitId));
var emailsReadAllowedUsers = GetUsersFromGroups(emailsReadAllowedUsersGroup.Select(rrp => rrp.SysAdminUnitId));
return(sendAllowedUsers.Where(sau => emailsReadAllowedUsers.Any(erau => erau.Equals(sau))));
}
