public void Delete(Permission item, CategoryPermissionService categoryPermissionService)
        {
            var catPermForRoles = categoryPermissionService.GetByPermission(item.Id);

            foreach (var categoryPermissionForRole in catPermForRoles)
            {
                categoryPermissionService.Delete(categoryPermissionForRole);
            }
            ContextPerRequest.Db.Permission.Remove(item);
        }
示例#2
0
        /// <summary>
        /// Add a new post
        /// </summary>
        /// <param name="postContent"> </param>
        /// <param name="topic"> </param>
        /// <param name="user"></param>
        /// <param name="permissionService"></param>
        /// <param name="categoryPermissionService"></param>
        /// <param name="memberPointsService"></param>
        /// <param name="permissions"> </param>
        /// <param name="memberService"></param>
        /// <returns>True if post added</returns>
        public Post AddNewPost(string postContent, Topic topic, Member user, PermissionService permissionService, MemberService memberService,
                               CategoryPermissionService categoryPermissionService, MemberPointsService memberPointsService, out PermissionSet permissions)
        {
            // Get the permissions for the category that this topic is in
            permissions = permissionService.GetPermissions(topic.Category, user.Groups.FirstOrDefault(), memberService, categoryPermissionService);

            // Check this users role has permission to create a post
            if (permissions[AppConstants.PermissionDenyAccess].IsTicked || permissions[AppConstants.PermissionReadOnly].IsTicked)
            {
                // Throw exception so Ajax caller picks it up
                throw new ApplicationException(AppHelpers.Lang("Errors.NoPermission"));
            }

            // Has permission so create the post
            var newPost = new Post
            {
                PostContent = postContent,
                Member      = user,
                MemberId    = user.Id,
                Topic       = topic,
                IpAddress   = AppHelpers.GetUsersIpAddress(),
                DateCreated = DateTime.UtcNow,
                DateEdited  = DateTime.UtcNow
            };

            newPost = SanitizePost(newPost);

            var category = topic.Category;

            if (category.ModerateAllPostsInThisCategory == true)
            {
                newPost.Pending = true;
            }

            // create the post
            Add(newPost);

            // Update the users points score and post count for posting
            memberPointsService.Add(new MemberPoints
            {
                Points        = Dialogue.Settings().PointsAddedPerNewPost,
                MemberId      = user.Id,
                RelatedPostId = newPost.Id
            });

            // add the last post to the topic
            topic.LastPost = newPost;

            // Add post to members count
            memberService.AddPostCount(user);

            return(newPost);
        }
        public List <Category> GetAllowedCategories(IMemberGroup role, string actionType, PermissionService permissionService, MemberService memberService, CategoryPermissionService categoryPermissionService)
        {
            var cacheKey = string.Concat("GetAllowedCategoriesCode-", role.Id, "-", actionType);

            return((List <Category>)ApplicationContext.Current.ApplicationCache.RequestCache.GetCacheItem(cacheKey, () =>
            {
                var filteredCats = new List <Category>();
                var allCats = GetAll();
                foreach (var category in allCats)
                {
                    var permissionSet = permissionService.GetPermissions(category, role, memberService, categoryPermissionService);
                    if (!permissionSet[actionType].IsTicked)
                    {
                        // TODO Only add it category is NOT locked
                        filteredCats.Add(category);
                    }
                }
                return filteredCats;
            }));
        }
 public List <Category> GetAllowedCategories(IMemberGroup role, PermissionService permissionService, MemberService memberService, CategoryPermissionService categoryPermissionService)
 {
     return(GetAllowedCategories(role, AppConstants.PermissionDenyAccess, permissionService, memberService, categoryPermissionService));
 }
        /// <summary>
        /// The allowed Categories of a member
        /// </summary>
        /// <param name="memberGroup"></param>
        /// <param name="permissionService"></param>
        /// <param name="memberService"></param>
        /// <param name="categoryPermissionService"></param>
        /// <returns></returns>
        public List <Category> AllowedCreateCategories(IMemberGroup memberGroup, PermissionService permissionService, MemberService memberService, CategoryPermissionService categoryPermissionService)
        {
            var allowedAccessCategories       = GetAllowedCategories(memberGroup, permissionService, memberService, categoryPermissionService);
            var allowedCreateTopicCategories  = GetAllowedCategories(memberGroup, AppConstants.PermissionCreateTopics, permissionService, memberService, categoryPermissionService);
            var allowedCreateTopicCategoryIds = allowedCreateTopicCategories.Select(x => x.Id);

            if (allowedAccessCategories.Any())
            {
                allowedAccessCategories.RemoveAll(x => allowedCreateTopicCategoryIds.Contains(x.Id));
                allowedAccessCategories.RemoveAll(x => memberGroup.Name != AppConstants.AdminRoleName && x.LockCategory);
            }
            return(allowedAccessCategories);
        }
        /// <summary>
        /// Returns permission set based on category and role
        /// </summary>
        /// <param name="category"></param>
        /// <param name="memberGroup"></param>
        /// <param name="memberService"></param>
        /// <param name="categoryPermissionService"></param>
        /// <returns></returns>
        public PermissionSet GetPermissions(Category category, IMemberGroup memberGroup, MemberService memberService, CategoryPermissionService categoryPermissionService)
        {
            if (memberGroup == null)
            {
                // This can only happen if the user has deleted a group, and not reassigned them
                // so in this occasion we just set them to a guest until the admin assigns them a new group
                memberGroup = memberService.GetGroupByName(AppConstants.GuestRoleName);
            }

            // Pass the role in to see select which permissions to apply
            // Going to cache this per request, just to help with performance
            var objectContextKey = string.Concat("GetPermissions", "-", category.Id, "-", memberGroup.Id);

            if (!HttpContext.Current.Items.Contains(objectContextKey))
            {
                switch (memberGroup.Name)
                {
                case AppConstants.AdminRoleName:
                    _permissions = GetAdminPermissions(category, memberGroup);
                    break;

                case AppConstants.GuestRoleName:
                    _permissions = GetGuestPermissions(category, memberGroup, categoryPermissionService);
                    break;

                default:
                    _permissions = GetOtherPermissions(category, memberGroup, categoryPermissionService);
                    break;
                }

                HttpContext.Current.Items.Add(objectContextKey, _permissions);
            }

            return(HttpContext.Current.Items[objectContextKey] as PermissionSet);
        }
        /// <summary>
        /// Get permissions for roles other than those specially treated in this class
        /// </summary>
        /// <param name="category"></param>
        /// <param name="memberGroup"></param>
        /// <param name="categoryPermissionService"></param>
        /// <returns></returns>
        private PermissionSet GetOtherPermissions(Category category, IMemberGroup memberGroup, CategoryPermissionService categoryPermissionService)
        {
            // Get all permissions
            var permissionList = GetAll();

            // Get the known permissions for this role and category
            var categoryRow = categoryPermissionService.GetCategoryRow(memberGroup.Id, category.Id);
            //var categoryRowPermissions = categoryRow.ToDictionary(catRow => catRow.Permission);

            // Load up the results with the permisions for this role / cartegory. A null entry for a permissions results in a new
            // record with a false value
            var permissions = new List <CategoryPermission>();

            foreach (var permission in permissionList)
            {
                permissions.Add(categoryRow.ContainsKey(permission)
                                    ? categoryRow[permission]
                                    : new CategoryPermission {
                    Category = category, MemberGroup = memberGroup, IsTicked = false, Permission = permission
                });
            }

            var permissionSet = new PermissionSet(permissions);

            return(permissionSet);
        }
        /// <summary>
        /// Guest = Not logged in, so only need to check the access permission
        /// </summary>
        /// <param name="category"></param>
        /// <param name="memberGroup"></param>
        /// <param name="categoryPermissionService"></param>
        private PermissionSet GetGuestPermissions(Category category, IMemberGroup memberGroup, CategoryPermissionService categoryPermissionService)
        {
            // Get all the permissions
            var permissionList = GetAll();

            // Make a CategoryPermissionForRole for each permission that exists,
            // but only set the read-only permission to true for this role / category. All others false
            var permissions = permissionList.Select(permission => new CategoryPermission
            {
                Category    = category,
                IsTicked    = permission.Name == AppConstants.PermissionReadOnly,
                MemberGroup = memberGroup,
                Permission  = permission
            }).ToList();


            // Deny Access may have been set (or left null) for guest for the category, so need to read for it
            var denyAccessPermission = categoryPermissionService.GetByRole(memberGroup.Id)
                                       .FirstOrDefault(x => x.CategoryId == category.Id &&
                                                       x.Permission.Name == AppConstants.PermissionDenyAccess &&
                                                       x.MemberGroupId == memberGroup.Id);

            // Set the Deny Access value in the results. If it's null for this role/category, record it as false in the results
            var categoryPermissionForRole = permissions.FirstOrDefault(x => x.Permission.Name == AppConstants.PermissionDenyAccess);

            if (categoryPermissionForRole != null)
            {
                categoryPermissionForRole.IsTicked = denyAccessPermission != null && denyAccessPermission.IsTicked;
            }

            var permissionSet = new PermissionSet(permissions);


            return(permissionSet);
        }