/// <param name="moduleId"></param> /// <param name="tabId"></param> /// <param name="permissionKey">You can use the constants, but for modules there are only /// those two</param> /// <returns></returns> public static bool canUserAccessModule(UserInfo user, int portalId, int tabId, ModuleInfo moduleInfo, string permissionKey) { var retVal = false; string permissionsString = null; if (moduleInfo.InheritViewPermissions) { var tabPermissionController = new TabPermissionController(); var tabPermissionCollection = tabPermissionController.GetTabPermissionsCollectionByTabID(tabId, portalId); permissionsString = tabPermissionController.GetTabPermissions(tabPermissionCollection, permissionKey); } else { var modulePermissionController = new ModulePermissionController(); var permissionCollection = modulePermissionController.GetModulePermissionsCollectionByModuleID(moduleInfo.ModuleID, tabId); permissionsString = modulePermissionController.GetModulePermissions(permissionCollection, permissionKey); } char[] splitter = { ';' }; var roles = permissionsString.Split(splitter); foreach (var role in roles) { if (role.Length > 0) { if (user != null && user.IsInRole(role)) { retVal = true; } else if (user == null && role.ToLower().Equals("all users")) { retVal = true; } } } return(retVal); }
public virtual void SaveModulePermissions(ModuleInfo objModule) { if (objModule.ModulePermissions != null) { ModulePermissionCollection modulePermissions = ModulePermissionController.GetModulePermissions(objModule.ModuleID, objModule.TabID); if (!modulePermissions.CompareTo(objModule.ModulePermissions)) { dataProvider.DeleteModulePermissionsByModuleID(objModule.ModuleID); foreach (ModulePermissionInfo objModulePermission in objModule.ModulePermissions) { if (objModule.InheritViewPermissions && objModulePermission.PermissionKey == "VIEW") { dataProvider.DeleteModulePermission(objModulePermission.ModulePermissionID); } else { dataProvider.AddModulePermission(objModule.ModuleID, objModulePermission.PermissionID, objModulePermission.RoleID, objModulePermission.AllowAccess, objModulePermission.UserID, UserController.GetCurrentUserInfo().UserID); } } } } }
private void Create_Click(object sender, EventArgs e) { RoleController roleController = new RoleController(); Security.PortalSecurity ps = new Security.PortalSecurity(); txtGroupName.Text = ps.InputFilter(txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoScripting); txtGroupName.Text = ps.InputFilter(txtGroupName.Text, Security.PortalSecurity.FilterFlag.NoMarkup); txtDescription.Text = ps.InputFilter(txtDescription.Text, Security.PortalSecurity.FilterFlag.NoScripting); txtDescription.Text = ps.InputFilter(txtDescription.Text, Security.PortalSecurity.FilterFlag.NoMarkup); if (roleController.GetRoleByName(PortalId, txtGroupName.Text) != null) { lblInvalidGroupName.Visible = true; return; } var modRoles = new List <RoleInfo>(); var modUsers = new List <UserInfo>(); foreach (ModulePermissionInfo modulePermissionInfo in ModulePermissionController.GetModulePermissions(ModuleId, TabId)) { if (modulePermissionInfo.PermissionKey == "MODGROUP" && modulePermissionInfo.AllowAccess) { if (modulePermissionInfo.RoleID > int.Parse(Globals.glbRoleNothing)) { modRoles.Add(roleController.GetRole(modulePermissionInfo.RoleID, PortalId)); } else if (modulePermissionInfo.UserID > Null.NullInteger) { modUsers.Add(UserController.GetUserById(PortalId, modulePermissionInfo.UserID)); } } } var roleInfo = new RoleInfo() { PortalID = PortalId, RoleName = txtGroupName.Text, Description = txtDescription.Text, SecurityMode = SecurityMode.SocialGroup, Status = RoleStatus.Approved, IsPublic = rdAccessTypePublic.Checked }; var userRoleStatus = RoleStatus.Pending; if (GroupModerationEnabled) { roleInfo.Status = RoleStatus.Pending; userRoleStatus = RoleStatus.Pending; } else { userRoleStatus = RoleStatus.Approved; } var objModulePermissions = new ModulePermissionCollection(CBO.FillCollection(DataProvider.Instance().GetModulePermissionsByModuleID(ModuleId, -1), typeof(ModulePermissionInfo))); if (ModulePermissionController.HasModulePermission(objModulePermissions, "MODGROUP")) { roleInfo.Status = RoleStatus.Approved; userRoleStatus = RoleStatus.Approved; } roleInfo.RoleGroupID = DefaultRoleGroupId; roleInfo.RoleID = roleController.AddRole(roleInfo); roleInfo = roleController.GetRole(roleInfo.RoleID, PortalId); var groupUrl = Globals.NavigateURL(GroupViewTabId, "", new String[] { "groupid=" + roleInfo.RoleID.ToString() }); if (groupUrl.StartsWith("http://") || groupUrl.StartsWith("https://")) { const int startIndex = 8; // length of https:// groupUrl = groupUrl.Substring(groupUrl.IndexOf("/", startIndex, StringComparison.InvariantCultureIgnoreCase)); } roleInfo.Settings.Add("URL", groupUrl); roleInfo.Settings.Add("GroupCreatorName", UserInfo.DisplayName); roleInfo.Settings.Add("ReviewMembers", chkMemberApproved.Checked.ToString()); TestableRoleController.Instance.UpdateRoleSettings(roleInfo, true); if (inpFile.PostedFile != null && inpFile.PostedFile.ContentLength > 0) { IFileManager _fileManager = FileManager.Instance; IFolderManager _folderManager = FolderManager.Instance; var rootFolderPath = PathUtils.Instance.FormatFolderPath(PortalSettings.HomeDirectory); IFolderInfo groupFolder = _folderManager.GetFolder(PortalSettings.PortalId, "Groups/" + roleInfo.RoleID); if (groupFolder == null) { groupFolder = _folderManager.AddFolder(PortalSettings.PortalId, "Groups/" + roleInfo.RoleID); } if (groupFolder != null) { var fileName = Path.GetFileName(inpFile.PostedFile.FileName); var fileInfo = _fileManager.AddFile(groupFolder, fileName, inpFile.PostedFile.InputStream, true); roleInfo.IconFile = "FileID=" + fileInfo.FileId; roleController.UpdateRole(roleInfo); } } var notifications = new Notifications(); roleController.AddUserRole(PortalId, UserId, roleInfo.RoleID, userRoleStatus, true, Null.NullDate, Null.NullDate); if (roleInfo.Status == RoleStatus.Pending) { //Send notification to Group Moderators to approve/reject group. notifications.AddGroupNotification(Constants.GroupPendingNotification, GroupViewTabId, ModuleId, roleInfo, UserInfo, modRoles, modUsers); } else { //Send notification to Group Moderators informing of new group. notifications.AddGroupNotification(Constants.GroupCreatedNotification, GroupViewTabId, ModuleId, roleInfo, UserInfo, modRoles, modUsers); //Add entry to journal. GroupUtilities.CreateJournalEntry(roleInfo, UserInfo); } Response.Redirect(Globals.NavigateURL(GroupViewTabId, "", new String[] { "groupid=" + roleInfo.RoleID.ToString() })); }
public static bool HasEditPermissions(int ModuleId, int Tabid) { return(ModulePermissionController.HasModulePermission(ModulePermissionController.GetModulePermissions(ModuleId, Tabid), "EDIT")); }
/// ----------------------------------------------------------------------------- /// <summary> /// Gets the ModulePermissions from the Data Store /// </summary> /// ----------------------------------------------------------------------------- private void GetModulePermissions() { _ModulePermissions = new ModulePermissionCollection(ModulePermissionController.GetModulePermissions(ModuleID, TabId)); _PermissionsList = null; }
/// ----------------------------------------------------------------------------- /// <summary> /// Gets the ModulePermissions from the Data Store. /// </summary> /// ----------------------------------------------------------------------------- private void GetModulePermissions() { this._ModulePermissions = new ModulePermissionCollection(ModulePermissionController.GetModulePermissions(this.ModuleID, this.TabId)); this._PermissionsList = null; }
/// <summary> /// Determines whether the user has the permission to the module. /// </summary> /// <param name="moduleInfo">The module.</param> /// <param name="permissionKey">The permission's key</param> /// <returns> /// <c>true</c> if the user has the permission to the module; otherwise, <c>false</c>. /// </returns> private static bool HasModulePermission(ModuleInfo moduleInfo, string permissionKey) { return(ModulePermissionController.CanAdminModule(moduleInfo) || ModulePermissionController.HasModulePermission(ModulePermissionController.GetModulePermissions(moduleInfo.ModuleID, moduleInfo.TabID), permissionKey)); }
private ModuleInfo FillModuleInfo(IDataReader dr, bool CheckForOpenDataReader, bool IncludePermissions) { ModuleInfo objModuleInfo = new ModuleInfo(); ModulePermissionController objModulePermissionController = new ModulePermissionController(); // read datareader bool canContinue = true; if (CheckForOpenDataReader) { canContinue = false; if (dr.Read()) { canContinue = true; } } if (canContinue) { objModuleInfo.PortalID = Convert.ToInt32(Null.SetNull(dr["PortalID"], objModuleInfo.PortalID)); objModuleInfo.TabID = Convert.ToInt32(Null.SetNull(dr["TabID"], objModuleInfo.TabID)); objModuleInfo.TabModuleID = Convert.ToInt32(Null.SetNull(dr["TabModuleID"], objModuleInfo.TabModuleID)); objModuleInfo.ModuleID = Convert.ToInt32(Null.SetNull(dr["ModuleID"], objModuleInfo.ModuleID)); objModuleInfo.ModuleDefID = Convert.ToInt32(Null.SetNull(dr["ModuleDefID"], objModuleInfo.ModuleDefID)); objModuleInfo.ModuleOrder = Convert.ToInt32(Null.SetNull(dr["ModuleOrder"], objModuleInfo.ModuleOrder)); objModuleInfo.PaneName = Convert.ToString(Null.SetNull(dr["PaneName"], objModuleInfo.PaneName)); objModuleInfo.ModuleTitle = Convert.ToString(Null.SetNull(dr["ModuleTitle"], objModuleInfo.ModuleTitle)); objModuleInfo.CacheTime = Convert.ToInt32(Null.SetNull(dr["CacheTime"], objModuleInfo.CacheTime)); objModuleInfo.Alignment = Convert.ToString(Null.SetNull(dr["Alignment"], objModuleInfo.Alignment)); objModuleInfo.Color = Convert.ToString(Null.SetNull(dr["Color"], objModuleInfo.Color)); objModuleInfo.Border = Convert.ToString(Null.SetNull(dr["Border"], objModuleInfo.Border)); objModuleInfo.IconFile = Convert.ToString(Null.SetNull(dr["IconFile"], objModuleInfo.IconFile)); objModuleInfo.AllTabs = Convert.ToBoolean(Null.SetNull(dr["AllTabs"], objModuleInfo.AllTabs)); int intVisibility = 0; if (((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 0) || ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == Null.NullInteger)) { objModuleInfo.Visibility = VisibilityState.Maximized; } else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 1) { objModuleInfo.Visibility = VisibilityState.Minimized; } else if ((Convert.ToInt32(Null.SetNull(dr["Visibility"], intVisibility))) == 2) { objModuleInfo.Visibility = VisibilityState.None; } objModuleInfo.IsDeleted = Convert.ToBoolean(Null.SetNull(dr["IsDeleted"], objModuleInfo.IsDeleted)); objModuleInfo.Header = Convert.ToString(Null.SetNull(dr["Header"], objModuleInfo.Header)); objModuleInfo.Footer = Convert.ToString(Null.SetNull(dr["Footer"], objModuleInfo.Footer)); objModuleInfo.StartDate = Convert.ToDateTime(Null.SetNull(dr["StartDate"], objModuleInfo.StartDate)); objModuleInfo.EndDate = Convert.ToDateTime(Null.SetNull(dr["EndDate"], objModuleInfo.EndDate)); objModuleInfo.ContainerSrc = Convert.ToString(Null.SetNull(dr["ContainerSrc"], objModuleInfo.ContainerSrc)); objModuleInfo.DisplayTitle = Convert.ToBoolean(Null.SetNull(dr["DisplayTitle"], objModuleInfo.DisplayTitle)); objModuleInfo.DisplayPrint = Convert.ToBoolean(Null.SetNull(dr["DisplayPrint"], objModuleInfo.DisplayPrint)); objModuleInfo.DisplaySyndicate = Convert.ToBoolean(Null.SetNull(dr["DisplaySyndicate"], objModuleInfo.DisplaySyndicate)); objModuleInfo.InheritViewPermissions = Convert.ToBoolean(Null.SetNull(dr["InheritViewPermissions"], objModuleInfo.InheritViewPermissions)); objModuleInfo.DesktopModuleID = Convert.ToInt32(Null.SetNull(dr["DesktopModuleID"], objModuleInfo.DesktopModuleID)); objModuleInfo.FriendlyName = Convert.ToString(Null.SetNull(dr["FriendlyName"], objModuleInfo.FriendlyName)); objModuleInfo.Description = Convert.ToString(Null.SetNull(dr["Description"], objModuleInfo.Description)); objModuleInfo.Version = Convert.ToString(Null.SetNull(dr["Version"], objModuleInfo.Version)); objModuleInfo.IsPremium = Convert.ToBoolean(Null.SetNull(dr["IsPremium"], objModuleInfo.IsPremium)); objModuleInfo.IsAdmin = Convert.ToBoolean(Null.SetNull(dr["IsAdmin"], objModuleInfo.IsAdmin)); objModuleInfo.BusinessControllerClass = Convert.ToString(Null.SetNull(dr["BusinessControllerClass"], objModuleInfo.BusinessControllerClass)); objModuleInfo.SupportedFeatures = Convert.ToInt32(Null.SetNull(dr["SupportedFeatures"], objModuleInfo.SupportedFeatures)); objModuleInfo.ModuleControlId = Convert.ToInt32(Null.SetNull(dr["ModuleControlId"], objModuleInfo.ModuleControlId)); objModuleInfo.ControlSrc = Convert.ToString(Null.SetNull(dr["ControlSrc"], objModuleInfo.ControlSrc)); int intControlType = 0; if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -3) { objModuleInfo.ControlType = SecurityAccessLevel.ControlPanel; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -2) { objModuleInfo.ControlType = SecurityAccessLevel.SkinObject; } else if (((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == -1) || ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == Null.NullInteger)) { objModuleInfo.ControlType = SecurityAccessLevel.Anonymous; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 0) { objModuleInfo.ControlType = SecurityAccessLevel.View; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 1) { objModuleInfo.ControlType = SecurityAccessLevel.Edit; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 2) { objModuleInfo.ControlType = SecurityAccessLevel.Admin; } else if ((Convert.ToInt32(Null.SetNull(dr["ControlType"], intControlType))) == 3) { objModuleInfo.ControlType = SecurityAccessLevel.Host; } objModuleInfo.ControlTitle = Convert.ToString(Null.SetNull(dr["ControlTitle"], objModuleInfo.ControlTitle)); objModuleInfo.HelpUrl = Convert.ToString(Null.SetNull(dr["HelpUrl"], objModuleInfo.HelpUrl)); if (IncludePermissions) { if (objModuleInfo != null) { //Get the Module permissions first (then we can parse the collection to determine the View/Edit Roles) objModuleInfo.ModulePermissions = objModulePermissionController.GetModulePermissionsCollectionByModuleID(objModuleInfo.ModuleID, objModuleInfo.TabID); objModuleInfo.AuthorizedEditRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "EDIT"); if (objModuleInfo.AuthorizedEditRoles == ";") { // this code is here for legacy support - the AuthorizedEditRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objModuleInfo.AuthorizedEditRoles = Convert.ToString(Null.SetNull(dr["AuthorizedEditRoles"], objModuleInfo.AuthorizedEditRoles)); } catch { // the AuthorizedEditRoles field was removed from the Tabs table in 3.0 } } try { if (objModuleInfo.InheritViewPermissions) { TabPermissionController objTabPermissionController = new TabPermissionController(); TabPermissionCollection objTabPermissionCollection = objTabPermissionController.GetTabPermissionsCollectionByTabID(objModuleInfo.TabID, objModuleInfo.PortalID); objModuleInfo.AuthorizedViewRoles = objTabPermissionController.GetTabPermissions(objTabPermissionCollection, "VIEW"); } else { objModuleInfo.AuthorizedViewRoles = objModulePermissionController.GetModulePermissions(objModuleInfo.ModulePermissions, "VIEW"); } if (objModuleInfo.AuthorizedViewRoles == ";") { // this code is here for legacy support - the AuthorizedViewRoles were stored as a concatenated list of roleids prior to DNN 3.0 try { objModuleInfo.AuthorizedViewRoles = Convert.ToString(Null.SetNull(dr["AuthorizedViewRoles"], objModuleInfo.AuthorizedViewRoles)); } catch { // the AuthorizedViewRoles field was removed from the Tabs table in 3.0 } } } catch { } } } } else { objModuleInfo = null; } return(objModuleInfo); }