public SCUpdateObjectAclExecutor(SCOperationType opType, SCAclContainer container) : base(opType) { container.NullCheck("container"); this._Container = container; }
public SCOrganizationRelativeExecutor(SCOperationType opType, SCOrganization parent, SCBase data) : base(opType, data) { parent.NullCheck("organization"); data.ClearRelativeData(); parent.ClearRelativeData(); this._Parent = parent; this._Relation = PrepareRelationObject(parent, data); if (this.OperationType == SCOperationType.AddOrganization) this._AclContainer = PrepareAclContainer(parent, data); if (data is SCUser) { this._TargetParentRelations = data.CurrentParentRelations; if (this.OperationType == SCOperationType.AddUser && this._TargetParentRelations.Count == 0) { SCUser user = (SCUser)data; user.OwnerID = parent.ID; user.OwnerName = parent.Properties.GetValue("Name", string.Empty); } } }
public void AddAclPermissionsTest() { //准备组织数据 SCOrganization organization = SCObjectGenerator.PrepareOrganizationObject(); SCObjectOperations.Instance.AddOrganization(organization, SCOrganization.GetRoot()); //准备应用 SCApplication application = SCObjectGenerator.PrepareApplicationObject(); SCObjectOperations.Instance.AddApplication(application); SCRole role1 = SCObjectGenerator.PrepareRoleObject(); //准备角色 SCObjectOperations.Instance.AddRole(role1, application); //准备人员 SCUser user1 = SCObjectGenerator.PrepareUserObject("RU1", "User1", "RoleUser1"); SCObjectOperations.Instance.AddUser(user1, organization); //将人员添加到角色 SCObjectOperations.Instance.AddMemberToRole(user1, role1); SCRole role2 = SCObjectGenerator.PrepareRoleObject(); //准备角色 SCObjectOperations.Instance.AddRole(role2, application); //准备人员 SCUser user2 = SCObjectGenerator.PrepareUserObject("RU1", "User1", "RoleUser1"); SCObjectOperations.Instance.AddUser(user2, organization); //将人员添加到角色 SCObjectOperations.Instance.AddMemberToRole(user2, role2); //准备Container SCAclContainer container = new SCAclContainer(organization); container.Members.Add("AddChildren", role1); container.Members.Add("AddChildren", role2); Console.WriteLine("Container ID: {0}", container.ContainerID); SCObjectOperations.Instance.UpdateObjectAcl(container); SCAclMemberCollection members = SCAclAdapter.Instance.LoadByContainerID(organization.ID, DateTime.MinValue); Assert.IsTrue(members.ContainsKey("AddChildren", role1.ID)); Assert.AreEqual(SchemaObjectStatus.Normal, members["AddChildren", role1.ID].Status); Assert.IsTrue(members.ContainsKey("AddChildren", role2.ID)); Assert.AreEqual(SchemaObjectStatus.Normal, members["AddChildren", role2.ID].Status); }
private SCAclContainer PrepareAclContainer(AdminUnit parent, AdminUnit currentData) { SCAclContainer result = null; if (currentData is ISCAclContainer) { result = new SCAclContainer(currentData); if (parent != null) { AUCommon.DoDbAction(() => result.Members.CopyFrom(AUAclAdapter.Instance.LoadByContainerID(parent.ID, DateTime.MinValue))); } } return result; }
public AdminUnitExecutor(AUOperationType opType, AdminUnit parent, AdminUnit child) : base(opType, child) { child.NullCheck("child"); child.ClearRelativeData(); if (parent != null) parent.ClearRelativeData(); if (!(opType != AUOperationType.AddAdminUnit | opType != AUOperationType.RemoveAdminUnit)) throw new ApplicationException("此Executor不支持" + opType + "操作"); this.inputParent = parent; if (this.OperationType == AUOperationType.AddAdminUnit) this.aclContainer = PrepareAclContainer(parent, child); }
/// <summary> /// 更新一个容器下的Acl信息 /// </summary> /// <param name="containerID"></param> /// <param name="aclItems"></param> public void Update(SCAclContainer container) { container.NullCheck("container"); container.FillMembersProperties(); ORMappingItemCollection mappings = this.GetMappingInfo(); WhereSqlClauseBuilder builder = new WhereSqlClauseBuilder(); builder.AppendItem("ContainerID", container.ContainerID); string sql = this.GetUpdateSql(container.ContainerID, container.Members); using (TransactionScope scope = TransactionScopeFactory.Create()) { DateTime dt = (DateTime)DbHelper.RunSqlReturnScalar( sql, this.GetConnectionName()); SCActionContext.Current.TimePoint.IsMinValue(() => SCActionContext.Current.TimePoint = dt); //foreach (SCAclItem aclItem in container.Members) //{ // SCSnapshotBasicAdapter.Instance.UpdateCurrentSnapshot(mappings.TableName, // mappings.TableName + "_Current", // ORMapping.GetWhereSqlClauseBuilderByPrimaryKey(aclItem, mappings)); //} scope.Complete(); } }
/// <summary> /// 更新对象的权限信息 /// </summary> /// <param name="container">Acl的容器</param> /// <returns>返回容器本身</returns> public SCAclContainer UpdateObjectAcl(SCAclContainer container) { if (this._NeedCheckPermissions) CheckUpdateAclPermissions(AUOperationType.UpdateObjectAcl, container.ContainerID); AUUpdateObjectAclExecutor executor = new AUUpdateObjectAclExecutor(AUOperationType.UpdateObjectAcl, container); SCAclContainer result = null; ExecuteWithActions(AUOperationType.UpdateObjectAcl, () => SCActionContext.Current.DoActions(() => result = (SCAclContainer)executor.Execute())); return result; }
public void ClearAclMembersTest() { //准备组织数据 SCOrganization organization = SCObjectGenerator.PrepareOrganizationObject(); SCObjectOperations.Instance.AddOrganization(organization, SCOrganization.GetRoot()); //准备应用 SCApplication application = SCObjectGenerator.PrepareApplicationObject(); SCObjectOperations.Instance.AddApplication(application); SCRole role1 = SCObjectGenerator.PrepareRoleObject(); //准备角色 SCObjectOperations.Instance.AddRole(role1, application); //准备人员 SCUser user1 = SCObjectGenerator.PrepareUserObject("RU1", "User1", "RoleUser1"); SCObjectOperations.Instance.AddUser(user1, organization); //将人员添加到角色 SCObjectOperations.Instance.AddMemberToRole(user1, role1); SCRole role2 = SCObjectGenerator.PrepareRoleObject(); //准备角色 SCObjectOperations.Instance.AddRole(role2, application); //准备人员 SCUser user2 = SCObjectGenerator.PrepareUserObject("RU1", "User1", "RoleUser1"); SCObjectOperations.Instance.AddUser(user2, organization); //将人员添加到角色 SCObjectOperations.Instance.AddMemberToRole(user2, role2); //准备Container SCAclContainer container = new SCAclContainer(organization); container.Members.Add("AddChildren", role1); container.Members.Add("AddChildren", role2); SCObjectOperations.Instance.UpdateObjectAcl(container); Console.WriteLine("ContainerID: {0}", container.ContainerID); //清空Members container.Members.Clear(); SCAclMemberCollection originalMembers = SCAclAdapter.Instance.LoadByContainerID(organization.ID, DateTime.MinValue); Assert.IsTrue(container.Members.MergeChangedItems(originalMembers)); SCObjectOperations.Instance.UpdateObjectAcl(container); SCAclMemberCollection members = SCAclAdapter.Instance.LoadByContainerID(organization.ID, DateTime.MinValue); Assert.IsFalse(members.ContainsKey("AddChildren", role1.ID)); Assert.IsFalse(members.ContainsKey("AddChildren", role2.ID)); }
/// <summary> /// 更新一个容器下的Acl信息 /// </summary> /// <param name="containerID"></param> /// <param name="aclItems"></param> public void Update(SCAclContainer container) { container.NullCheck("container"); container.FillMembersProperties(); WhereSqlClauseBuilder builder = new WhereSqlClauseBuilder(); builder.AppendItem("ContainerID", container.ContainerID); string sql = this.GetUpdateSql(container.ContainerID, container.Members); using (TransactionScope scope = TransactionScopeFactory.Create()) { DateTime dt = (DateTime)DbHelper.RunSqlReturnScalar(sql, this.GetConnectionName()); SCActionContext.Current.TimePoint.IsMinValue(() => SCActionContext.Current.TimePoint = dt); scope.Complete(); } }
protected override object DoOperation(AUObjectOperationContext context) { int replacedCount = 0; //取父级的权限定义 var aclMembers = Adapters.AUAclAdapter.Instance.LoadByContainerID(((SchemaObjectBase)(this._Parent)).ID, DateTime.MinValue); InSqlClauseBuilder inBuilder = new InSqlClauseBuilder("ID"); inBuilder.AppendItem((from acl in aclMembers select acl.MemberID).ToArray()); WhereSqlClauseBuilder where = new WhereSqlClauseBuilder(); where.AppendItem("Status", (int)SchemaObjectStatus.Normal); if (inBuilder.IsEmpty) where.AppendItem("1", "2"); if (this._Candidates.Count > 0) { ProcessProgress.Current.MaxStep = this._Candidates.Count; ProcessProgress.Current.CurrentStep = 0; ProcessProgress.Current.Output.WriteLine("正在替换子对象ACL"); foreach (SchemaObjectBase candidate in this._Candidates) { string objName = candidate.Properties.GetValue("Name", string.Empty); try { Debug.Assert(this._Parent != null, "容器对象为null"); var oldItems = AUAclAdapter.Instance.LoadByContainerID(candidate.ID, DateTime.MinValue); var container = new SCAclContainer(candidate); foreach (var item in aclMembers) if (item.Status == SchemaObjectStatus.Normal) container.Members.Add(new SCAclItem() { ContainerPermission = item.ContainerPermission, MemberID = item.MemberID, MemberSchemaType = item.MemberSchemaType }); if (oldItems != null) { container.Members.MergeChangedItems(oldItems); } Facade.DefaultInstance.UpdateObjectAcl(container); AUCommon.DoDbAction(() => { if (SCDataOperationLockContext.Current.Lock != null && (replacedCount) % 5 == 0) SCDataOperationLockContext.Current.ExtendLock(); }); replacedCount++; ProcessProgress.Current.StatusText = string.Format("已替换\"{0}\"的Acl", objName); ProcessProgress.Current.Increment(); ProcessProgress.Current.Response(); } catch (System.Exception ex) { throw new ApplicationException(string.Format("替换对象{0}({1})的Acl出错: {2}", objName, candidate.ID, ex.Message)); } } } else { ProcessProgress.Current.Output.WriteLine("当前对象没有子对象ACL"); ProcessProgress.Current.CurrentStep = ProcessProgress.Current.MaxStep = 1; } ProcessProgress.Current.StatusText = string.Format("总共替换了{0:#,##0}个对象的Acl", replacedCount); ProcessProgress.Current.Response(); return this._Parent; }
private static void InnerDoSave(SCAclMemberCollection aclMembers, SchemaObjectBase obj, bool inheritRights) { HashSet<string> roleIds = new HashSet<string>(); aclMembers.ForEach(m => roleIds.Add(m.MemberID)); var roles = PCService.Instance.LoadRoleByIds(roleIds.ToArray()); var pmDefs = GetPermissionDefinitions(obj.SchemaType); var container = new SCAclContainer(obj); foreach (var acl in aclMembers) { Debug.Assert(acl.ContainerID == obj.ID, "ACL的容器ID必须与对象的ID一致"); container.Members.Add(acl.ContainerPermission, roles.Find(m => m.ID == acl.MemberID)); } //if (obj is SCOrganization) //{ // if (obj.Properties.GetValue("AllowAclInheritance", false) != inheritRights) // { // obj.Properties.SetValue("AllowAclInheritance", inheritRights); // // TODO:换更合适的方式 // PC.Executors.SCObjectOperations.Instance.UpdateOrganization((SCOrganization)obj); // } //} SCAclMemberCollection originalMembers = PC.Adapters.SCAclAdapter.Instance.LoadByContainerID(obj.ID, DateTime.MinValue); if (container.Members.MergeChangedItems(originalMembers)) AU.Operations.Facade.InstanceWithPermissions.UpdateObjectAcl(container); }
private SCAclContainer PrepareAclContainer(SCOrganization parent, SCBase currentData) { SCAclContainer result = null; if (currentData is ISCAclContainer) { result = new SCAclContainer(currentData); result.Members.CopyFrom(SCAclAdapter.Instance.LoadByContainerID(parent.ID, DateTime.MinValue)); } return result; }
public void UpdateObjectAcl(string ownerID, ClientAclItem[] clientAcls) { var owner = AUCommon.DoDbProcess(() => SchemaObjectAdapter.Instance.Load(ownerID)); if (owner == null || owner.Status != SchemaObjectStatus.Normal) throw new InvalidOperationException("指定对象不存在或已删除"); SCAclContainer container = new SCAclContainer(owner); foreach (ClientAclItem item in clientAcls) { if (item.Status == ClientSchemaObjectStatus.Normal) container.Members.Add(item.ToSCAcl()); } container.Members.MergeChangedItems(AUAclAdapter.Instance.LoadByContainerID(ownerID, DateTime.MinValue)); this.Facade.UpdateObjectAcl(container); }