public DisplayAccess(Permission permission) { InitializeComponent(); switch (permission.PermissionType) { case PermissionType.Role: break; case PermissionType.TeamRole: image.Image = Properties.Resources.Team; lblTitle.Text = "Role from Team: " + permission.Name; AddToolTip("The user has permissions given via a team their are in"); break; case PermissionType.UserRole: image.Image = Properties.Resources.User; lblTitle.Text = "User Role: " + permission.Name; AddToolTip("The user has permissions given directly from their role"); break; case PermissionType.UserShared: image.Image = Properties.Resources.ShareUser; lblTitle.Text = "Shared with User"; AddToolTip("The record is shared with the user"); break; case PermissionType.TeamShared: image.Image = Properties.Resources.ShareTeam; lblTitle.Text = "Shared with Team: " + permission.Name; AddToolTip("The record is shared with a team that the user belongs to"); break; case PermissionType.UserRelated: image.Image = Properties.Resources.ShareUser; lblTitle.Text = "Related record shared"; if (permission.SharedRecordId != null) { linkRelated.Text = $@"Shared {permission.SharedRecordTable}: {permission.SharedRecordId}"; linkRelated.Tag = permission.SharedRecordUrl; linkRelated.Visible = true; AddToolTip("The record is not directly shared but due to relationships has the permissions of the parent (or higher) which has been shared"); } else { AddToolTip("The record has got inherited permissions, but the parent record can not be found." + Environment.NewLine + "This is usually caused by historic data not been cleaned up correctly"); } break; case PermissionType.TeamRelated: image.Image = Properties.Resources.ShareTeam; lblTitle.Text = $@"Related Record shared with Team {permission.Name}"; if (permission.SharedRecordId != null) { linkRelated.Text = $@"Shared {permission.SharedRecordTable}: {permission.SharedRecordId}"; linkRelated.Tag = permission.SharedRecordUrl; linkRelated.Visible = true; AddToolTip("The record is not directly shared with the team but due to relationships has the permissions of the parent (or higher) which has been shared"); } else { AddToolTip("The record has got inherited permissions to a team, but the parent record can not be found." + Environment.NewLine + "This is usually caused by historic data not been cleaned up correctly"); } break; case PermissionType.Shared: break; case PermissionType.Heirarchy: break; default: image.Visible = false; lblTitle.Text = permission.Name; break; } }
internal void GetShareDetail(List <Privilege> privList, User user, Guid recordId, EntityInfo entity) { // Check POA for Teams var fetchXml = $@" <fetch version='1.0' mapping='logical' distinct='true'> <entity name='principalobjectaccess'> <attribute name='accessrightsmask' /> <attribute name='inheritedaccessrightsmask' /> <filter type='and'> <condition attribute='objecttypecode' operator='eq' value='{entity.Metadata.ObjectTypeCode}'/> </filter> <filter type='and'> <condition attribute='objectid' operator='eq' value='{recordId}'/> </filter> <filter type='and'> <condition attribute='principaltypecode' operator='eq' value='9'/> </filter> <link-entity name='team' from='teamid' to='principalid'> <attribute name='name' alias='teamName' /> <attribute name='teamid' alias='teamId'/> <attribute name='businessunitid' alias='teamBUId'/> <link-entity name='businessunit' from='businessunitid' to='businessunitid'> <attribute name='name' alias='teamBUName' /> </link-entity> <link-entity name='teammembership' from='teamid' to='teamid'> <filter type='and'> <condition attribute='systemuserid' operator='eq' value='{user.Id}'/> </filter> </link-entity> </link-entity> </entity> </fetch>"; var request = new FetchExpression(fetchXml); var response = service.RetrieveMultiple(request); foreach (Entity teamAcc in response.Entities) { Permission permission = new Permission(); permission.PermissionType = (teamAcc.GetAttributeValue <int>("accessrightsmask") > 0) ? PermissionType.TeamShared : PermissionType.TeamRelated; permission.AccessRights = (AccessRights)((permission.PermissionType == PermissionType.TeamShared) ? teamAcc.GetAttributeValue <int>("accessrightsmask") : teamAcc.GetAttributeValue <int>("inheritedaccessrightsmask")); permission.Name = teamAcc.GetAttributeValue <AliasedValue>("teamName").Value.ToString(); permission.BUName = teamAcc.GetAttributeValue <AliasedValue>("teamBUName").Value.ToString(); /* * privSet.Privileges.First(priv => priv.AccessRight = permission.AccessRights) * if (teamAcc.GetAttributeValue<int>("accessrightsmask") > 0) * privilege.Permissions.Add(new Permission { AccessRights = teamAcc[""] }) */ if (permission.PermissionType == PermissionType.TeamRelated) { GetRelatedRecord(permission, recordId, (Guid)teamAcc.GetAttributeValue <AliasedValue>("teamId").Value, entity.LogicalName); } privList.Where(pv => (pv.AccessRight & permission.AccessRights) == pv.AccessRight).ForEach(pv => pv.Permissions.Add(permission)); } fetchXml = $@" <fetch version='1.0' mapping='logical' distinct='true'> <entity name='principalobjectaccess'> <attribute name='accessrightsmask' /> <attribute name='inheritedaccessrightsmask' /> <filter type='and'> <condition attribute='objecttypecode' operator='eq' value='{entity.Metadata.ObjectTypeCode}'/> </filter> <filter type='and'> <condition attribute='objectid' operator='eq' value='{recordId}'/> <condition attribute='principalid' operator='eq' value='{user.Id}'/> </filter> </entity> </fetch>"; request = new FetchExpression(fetchXml); response = service.RetrieveMultiple(request); foreach (Entity userAcc in response.Entities) { Permission permission = new Permission(); permission.PermissionType = (userAcc.GetAttributeValue <int>("accessrightsmask") > 0) ? PermissionType.UserShared : PermissionType.UserRelated; permission.AccessRights = (AccessRights)((permission.PermissionType == PermissionType.UserShared) ? userAcc.GetAttributeValue <int>("accessrightsmask") : userAcc.GetAttributeValue <int>("inheritedaccessrightsmask")); permission.Name = "UserShared"; if (permission.PermissionType == PermissionType.UserRelated) { GetRelatedRecord(permission, recordId, user.Id, entity.LogicalName); } privList.Where(pv => (pv.AccessRight & permission.AccessRights) == pv.AccessRight).ForEach(pv => pv.Permissions.Add(permission)); } //check roles }