public ResponseObject BreakRootMapInheritance(string webUrl, GlymaSecurableObject securableObject) { ResponseObject result = new ResponseObject() { HasError = false }; try { SecurityContextManager context = new SecurityContextManager(webUrl); result = context.BreakRootMapInheritance(securableObject); } catch (Exception ex) { result.HasError = true; result.ErrorMessage = ex.Message; } return result; }
internal ResponseObject BreakRootMapInheritance(GlymaSecurableObject securableObject) { ResponseObject response = new ResponseObject() { HasError = false }; try { GetSecurableContextIdResponse securableContextIdResponse = GetSecurableContextId(); if (!securableContextIdResponse.HasError) { int securableContextId = securableContextIdResponse.Result; SecurableObject obj = GetSecurableObject(securableContextId, securableObject.SecurableObjectUid); GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(this, securableContextId, securableObject); if (obj == null) { obj = securableObjectContext.CreateSecurableObject(true); } if (!obj.BreaksInheritance) { securableObjectContext.SetSecurableObjectInheritance(true); } CopyGroupAssociationsToRootMap(securableObject); } } catch (Exception ex) { response.HasError = true; response.ErrorMessage = ex.Message; } return response; }
/// <summary> /// This method is called by a Glyma Project Manager when they create a new project, it will associate any Glyma Project Manager group the user belongs to /// with the newly created project. /// </summary> /// <param name="webUrl">The URL for the SP site</param> /// <param name="securableObject">Describes the project that was just added</param> /// <returns>A response object indicating if the operation completed without error.</returns> public ResponseObject SetProjectManagerGroupAssociations(string webUrl, GlymaSecurableObject securableObject) { ResponseObject result = new ResponseObject() { HasError = false }; try { SecurityContextManager context = new SecurityContextManager(webUrl); result = context.CurrentUser.SetProjectManagerGroupAssociations(securableObject); } catch (Exception ex) { result.HasError = true; result.ErrorMessage = ex.Message; } return result; }
/// <summary> /// Adds or Removes security associations for a batch of groups. /// </summary> /// <param name="webUrl">The URL for the SP site</param> /// <param name="securityAssociations">The details of the group and the securable object and whether it's an add or remove operation</param> /// <returns>A response object to indicate if it completd without error.</returns> public ResponseObject UpdateSecurityAssociations(string webUrl, IList<GlymaSecurityAssociation> securityAssociations) { ResponseObject result = new ResponseObject() { HasError = false }; SecurityContextManager securityContext = new SecurityContextManager(webUrl); if (securityContext.CurrentUser.IsUserSecurityManager()) { try { foreach (GlymaSecurityAssociation securityAssociation in securityAssociations) { GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(securityContext, securityAssociation.GlymaSecurityGroup, securityAssociation.SecurableObject); if (securityAssociation.Value) { securityAssociationContext.SetSecurityAssociation(securityAssociation.BreakInheritance); } else { securityAssociationContext.RemoveSecurityAssociation(); } } } catch (Exception ex) { result.HasError = true; result.ErrorMessage = ex.Message; } } else { result.HasError = true; result.ErrorMessage = "Access Denied. User does not have permissions to access this web service."; } return result; }
/// <summary> /// This method is called by a Glyma Project Manager when they create a new project, it will associate any Glyma Project Manager group the user belongs to /// with the newly created project. /// </summary> /// <param name="securableObject">Describes the project that was just added</param> /// <returns>A response object indicating if the operation completed without error.</returns> internal ResponseObject SetProjectManagerGroupAssociations(GlymaSecurableObject securableObject) { ResponseObject result = new ResponseObject() { HasError = false }; try { if (this.IsUserProjectManager()) //ensure they are a project manager { using (SPSite site = new SPSite(Context.WebUrl)) { using (SPWeb currentWeb = site.OpenWeb()) { GetSecurityGroupsResponse response = Context.GetSecurityGroups(GlymaPermissionLevel.GlymaProjectManager); if (!response.HasError) { IList<GlymaSecurityGroup> pmGroupsToAssociate = new List<GlymaSecurityGroup>(); IList<GlymaSecurityGroup> pmGroups = response.Result; //for any group that is a Glyma Project Manager group foreach (SPGroup group in CurrentSPUser.Groups) { foreach (GlymaSecurityGroup projectManagerGroup in pmGroups) { Group glGroup = Context.GetGroup(projectManagerGroup); if (group.ID == glGroup.GroupSPID) { pmGroupsToAssociate.Add(projectManagerGroup); } } } //Add the security association for every Glyma Project Manager group the current user belongs to. foreach (GlymaSecurityGroup glGroup in pmGroupsToAssociate) { GlymaSecurityAssociationContext securityAssociationContext = new GlymaSecurityAssociationContext(Context, glGroup, securableObject); ResponseObject addResponse = securityAssociationContext.SetSecurityAssociation(false); if (addResponse.HasError) { //if an error occurs adding the security association for any of the groups stop and return the error result.HasError = true; result.ErrorMessage = addResponse.ErrorMessage; break; } } } else { //there was an error get the groups that have been assigned the permission level of Glyma Project Manager result.HasError = true; result.ErrorMessage = response.ErrorMessage; } } } } else { //Only a Glyma Project Manager can call this method result.HasError = true; result.ErrorMessage = "Access Denied. User does not have permissions to access this web service method."; } } catch (Exception ex) { result.HasError = true; result.ErrorMessage = ex.Message; } return result; }
/// <summary> /// Removes the group association if it exists /// </summary> /// <returns>A response object indicating if completed without error</returns> internal ResponseObject RemoveSecurityAssociation() { ResponseObject result = new ResponseObject() { HasError = false }; if (Group != null) { SPSecurity.RunWithElevatedPrivileges(delegate() { try { using (IGlymaSession glymaSession = new WebAppSPGlymaSession(Context.WebUrl)) { using (IDbConnectionAbstraction connectionAbstraction = glymaSession.ConnectionFactory.CreateSecurityDbConnection()) { using (SecurityServiceDataContext dataContext = new SecurityServiceDataContext(connectionAbstraction.Connection)) { Group sgroup = Context.GetGroup(Group); if (sgroup != null) { IEnumerable<GroupAssociation> groupAssociations = null; if (SecurableObject.SecurableParentUid != Guid.Empty) { //removing a root map group association groupAssociations = from ga in dataContext.GroupAssociations where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid == SecurableObject.SecurableParentUid && ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == sgroup.GroupId select ga; } else { //removing a project group association groupAssociations = from ga in dataContext.GroupAssociations where ga.SecurableObjectUid == SecurableObject.SecurableObjectUid && ga.SecurableParentUid.HasValue == false && ga.SecurableContextId == Group.SecurableContextId && ga.GroupId == sgroup.GroupId select ga; } if (groupAssociations.Any()) { dataContext.GroupAssociations.DeleteAllOnSubmit(groupAssociations.ToList()); dataContext.SubmitChanges(); } } } } } } catch (Exception ex) { result.HasError = true; result.ErrorMessage = ex.Message; } }); } else { result.HasError = true; result.ErrorMessage = "The Glyma security group was not known."; } return result; }
/// <summary> /// Adds a security association for a SharePoint group to the security DB /// </summary> /// <param name="breakInheritance">Whether it should have inheritance broken or not</param> /// <returns>A response object indicating if completed without error</returns> internal ResponseObject SetSecurityAssociation(bool breakInheritance) { ResponseObject result = new ResponseObject() { HasError = false }; try { if (Group != null) { Group group = Context.GetGroup(Group); //if (group == null) //{ // //Create the Group since it doesn't exist // group = this.CreateGroup(); //} bool response = this.HasAssociation(); if (!response) { SecurableObject so = Context.GetSecurableObject(Group.SecurableContextId, SecurableObject.SecurableObjectUid); GlymaSecurableObjectContext securableObjectContext = new GlymaSecurableObjectContext(Context, Group.SecurableContextId, SecurableObject); if (so == null) { so = securableObjectContext.CreateSecurableObject(breakInheritance); } //Create the group association since it doesn't exist this.CreateGroupAssociation(group.GroupId); } } else { result.HasError = true; result.ErrorMessage = "The Glyma security group was not known."; } } catch (Exception ex) { result.HasError = true; result.ErrorMessage = ex.Message; } return result; }