public static void ValidateCanViewFlowByName(NodeVisit visit, string flowName) { if (!visit.IsFlowPermittedByName(flowName, FlowRoleType.View)) { ThrowInsuficientPrivileges(); } }
internal static bool CanViewFlowByName(string flowName) { NodeVisit adminVisit = VisitHelper.GetVisit(); if ((adminVisit != null) && (adminVisit.Account != null)) { return(adminVisit.IsFlowPermittedByName(flowName, FlowRoleType.View)); } return(false); }
protected bool FilterSearchParamsForVisit(ActivitySearchParams search, NodeVisit visit, out bool addFlowIsNullQuery) { if (visit.IsAdmin) { addFlowIsNullQuery = false; } else { IList <string> flowNames = null; if (CollectionUtils.IsNullOrEmpty(search.FlowNames)) { addFlowIsNullQuery = true; flowNames = GetAllFlowNames(visit); if (CollectionUtils.IsNullOrEmpty(flowNames)) { flowNames = new List <string>(1); flowNames.Add("____BOGUS____FLOW____NAME____"); } } else { addFlowIsNullQuery = false; flowNames = new List <string>(); foreach (string flowName in search.FlowNames) { if (visit.IsFlowPermittedByName(flowName, FlowRoleType.View)) { flowNames.Add(flowName); } } if (flowNames.Count == 0) { // Flows were specified to search on, but none of the flows are allowed for the user, // so return no results return(false); } } search.FlowNames = flowNames; } return(true); }
public ICollection <string> GetAllWebMethodNames(NodeVisit visit) { ICollection <string> webMethodNames = new List <string>(); DoSimpleQueryWithRowCallbackDelegate( TABLE_NAME, null, null, "WebMethod", "DISTINCT FlowName;WebMethod", delegate(IDataReader reader) { string flowName = reader.GetString(0); string webMethod = reader.GetString(1); if (!string.IsNullOrEmpty(webMethod)) { if (string.IsNullOrEmpty(flowName) || visit.IsFlowPermittedByName(flowName, FlowRoleType.View)) { webMethodNames.Add(webMethod); } } }); return(webMethodNames); }
protected void ValidateUserPermissions(NodeVisit nodeVisit, string flowName, string serviceName, NodeMethod webMethod, Activity activity) { bool hasPermission = nodeVisit.IsFlowPermittedByName(flowName, FlowRoleType.Endpoint); if (!hasPermission) { string message = string.Format("User \"{0}\" is not authorized to access the flow \"{1}\"", nodeVisit.Account.NaasAccount, flowName); activity.AppendFormat("Raising exception: " + message); throw new UnauthorizedAccessException(message); } if (string.IsNullOrEmpty(serviceName)) { activity.AppendFormat("User {0} authorized for flow {1} and method {2}", nodeVisit.Account.NaasAccount, flowName, webMethod.ToString()); } else { activity.AppendFormat("User {0} authorized for flow {1} and operation {2} and method {3}", nodeVisit.Account.NaasAccount, flowName, serviceName, webMethod.ToString()); } }
protected bool CanUserAccessFlowByName(NodeVisit visit, string flowName, bool checkCanEdit) { return(visit.IsFlowPermittedByName(flowName, checkCanEdit ? FlowRoleType.Modify : FlowRoleType.View)); }