private void SetFullAccessToWebAdmin()
{
var permissions = _contentSecurityRepository.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;
permissions.AddEntry(new AccessControlEntry(AdminRoleName, AccessLevel.FullAccess));
_contentSecurityRepository.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
}
private void SetSecurity(ContentReference reference, string role, AccessLevel level)
{
IContentSecurityDescriptor permissions = securityRepository.Get(reference).CreateWritableClone() as IContentSecurityDescriptor;
permissions.AddEntry(new AccessControlEntry(role, level));
securityRepository.Save(reference, permissions, SecuritySaveType.Replace);
}
public ContentApprovalsManagerPageController(
IApprovalDefinitionRepository repoDefinitions,
IContentRepository repoContent,
IApprovalRepository repoApprovals,
IApprovalEngine engine,
UIRoleProvider roles,
UIUserProvider users,
IContentSecurityRepository repoSecurity)
{
this.repoDefinitions = repoDefinitions;
this.repoContent = repoContent;
this.repoApprovals = repoApprovals;
this.engine = engine;
// if the editors role does not exist, create it and assign access rights
if (!roles.RoleExists(editors))
{
roles.CreateRole(editors);
var permissions = repoSecurity.Get(ContentReference.RootPage).CreateWritableClone() as IContentSecurityDescriptor;
permissions.AddEntry(new AccessControlEntry(editors,
AccessLevel.Create | AccessLevel.Edit | AccessLevel.Delete | AccessLevel.Read | AccessLevel.Publish));
repoSecurity.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
}
// create three users and add them to roles
UIUserCreateStatus status;
IEnumerable <string> errors = Enumerable.Empty <string>();
if (users.GetUser(userName1) == null)
{
users.CreateUser(
userName1, password,
email: userName1.ToLower() + emailBase,
passwordQuestion: null, passwordAnswer: null,
isApproved: true, status: out status, errors: out errors);
roles.AddUserToRoles(userName1, new string[] { admins });
}
if (users.GetUser(userName2) == null)
{
users.CreateUser(
userName2, password, userName2.ToLower() + emailBase,
null, null, true, out status, out errors);
roles.AddUserToRoles(userName2, new string[] { editors });
}
if (users.GetUser(userName3) == null)
{
users.CreateUser(
userName3, password, userName3.ToLower() + emailBase,
null, null, true, out status, out errors);
roles.AddUserToRoles(userName3, new string[] { editors });
}
}
/// <summary>
/// Writes additional IContent information to stream
/// </summary>
/// <param name="args"></param>
public virtual void ProcessContent(IVulcanIndexingModifierArgs args)
{
// index ancestors
var ancestors = new List <ContentReference>();
if (_vulcanContentAncestorLoaders?.Any() == true)
{
foreach (var ancestorLoader in _vulcanContentAncestorLoaders)
{
var ancestorsFound = ancestorLoader.GetAncestors(args.Content)?.ToList();
if (ancestorsFound?.Any() == true)
{
ancestors.AddRange(ancestorsFound);
}
}
}
args.AdditionalItems[VulcanFieldConstants.Ancestors] = ancestors.Select(x => x.ToReferenceWithoutVersion()).Distinct();
// index read permission
var permissions = _contentSecurityDescriptor.Get(args.Content.ContentLink);
if (permissions != null) // will be null for commerce products, compatibility handled in commerce modifier
{
args.AdditionalItems[VulcanFieldConstants.ReadPermission] = permissions.Entries.
Where(x =>
x.Access.HasFlag(AccessLevel.Read) ||
x.Access.HasFlag(AccessLevel.Administer) ||
x.Access.HasFlag(AccessLevel.FullAccess)).Select(x => x.Name);
}
// index VulcanSearchableAttribute
var contents = new List <string>();
var properties = args.Content.GetType().GetProperties().Where(prop => Attribute.IsDefined(prop, typeof(VulcanSearchableAttribute)));
foreach (var p in properties)
{
var value = p.GetValue(args.Content);
// Property to string conversions
if (p.PropertyType == typeof(ContentArea))
{
value = (value as ContentArea).GetContentAreaContents();
}
var v = value?.ToString();
if (!string.IsNullOrWhiteSpace(v))
{
contents.Add(v);
}
}
args.AdditionalItems[VulcanFieldConstants.CustomContents] = string.Join(" ", contents);
}
private void AddRole(string roleName, AccessLevel accessLevel, IContentSecurityRepository securityRepository)
{
if (!UIRoleProvider.RoleExists(roleName))
{
UIRoleProvider.CreateRole(roleName);
var permissions = (IContentSecurityDescriptor)securityRepository.Get(ContentReference.RootPage).CreateWritableClone();
permissions.AddEntry(new AccessControlEntry(roleName, accessLevel));
securityRepository.Save(ContentReference.RootPage, permissions, SecuritySaveType.Replace);
securityRepository.Save(ContentReference.WasteBasket, permissions, SecuritySaveType.Replace);
}
}
private void SetSecurity(ContentReference reference, string role, AccessLevel level, bool overrideInherited = false)
{
IContentSecurityDescriptor permissions = securityRepository.Get(reference).CreateWritableClone() as IContentSecurityDescriptor;
if (overrideInherited)
{
if (permissions.IsInherited)
{
permissions.ToLocal();
}
}
permissions.AddEntry(new AccessControlEntry(role, level));
securityRepository.Save(reference, permissions, SecuritySaveType.Replace);
}
private void SetAccessControlListForContent(ContentReference reference, string role, AccessLevel level)
{
IContentSecurityRepository contentSecurityRepository = ServiceLocator.Current.GetInstance <IContentSecurityRepository>();
IContentSecurityDescriptor permissions = contentSecurityRepository.Get(reference).CreateWritableClone() as IContentSecurityDescriptor;
//Not IContentSecurityDescriptor
if (permissions == null)
{
return;
}
permissions.AddEntry(new AccessControlEntry(role, level));
contentSecurityRepository.Save(reference, permissions, SecuritySaveType.Replace);
}
public bool ContainRolesHavingAccessToPage(IContent page, UserRole[] userRoles, bool isOwner = false)
{
var pageSecurity = _contentSecurityRepository.Get(page.ContentLink).CreateWritableClone() as IContentSecurityDescriptor;
if (pageSecurity == null)
{
return(false);
}
var roleEntities = pageSecurity.Entries;
//TODO: will update later when GetRolesForUser return list containing "Owner" role(if the user is owner of customerID)
return(roleEntities.Where(item => item.Access != AccessLevel.NoAccess && item.Access != AccessLevel.Undefined)
.Any(item => item.Name.Equals("everyone", StringComparison.OrdinalIgnoreCase) ||
userRoles.Any(x => x.RoleName == item.Name ||
(isOwner && !string.IsNullOrEmpty(item.Name) && item.Name.ToLower().Contains("owner")))));
}
private ContentReference CreateRootFolder(string rootName, Guid rootGuid)
{
_contentRootService.Register <ContentFolder>(rootName, rootGuid, ContentReference.RootPage);
var fieldRoot = _contentRootService.Get(rootName);
var securityDescriptor = _contentSecurityRepository.Get(fieldRoot).CreateWritableClone() as IContentSecurityDescriptor;
if (securityDescriptor != null)
{
securityDescriptor.IsInherited = false;
var everyoneEntry = securityDescriptor.Entries.FirstOrDefault(e => e.Name.Equals("everyone", StringComparison.InvariantCultureIgnoreCase));
if (everyoneEntry != null)
{
securityDescriptor.RemoveEntry(everyoneEntry);
_contentSecurityRepository.Save(fieldRoot, securityDescriptor, SecuritySaveType.Replace);
}
}
return(fieldRoot);
}