private void CheckAvailability(List<SearchResultItem> results) { if (results.Count == 0) { return; } if (!cmsConfiguration.Security.AccessControlEnabled) { // If security is not enabled, all content is available return; } // Create query var principal = securityService.GetCurrentPrincipal(); var urls = results.Select(r => r.Link).ToArray(); var query = repository.AsQueryable<Page>(p => urls.Contains(p.PageUrl)); var pages = query .SelectMany(c => c.AccessRules, (page, accessRule) => new { PageUrl = page.PageUrl, AccessRule = accessRule }) .ToList(); foreach (var pageUrl in pages.Select(p => p.PageUrl).Distinct()) { var page = pages.First(p => p.PageUrl == pageUrl); IList<IAccessRule> accessRules = pages.Where(p => p.PageUrl == pageUrl).Select(p => p.AccessRule).Cast<IAccessRule>().ToList(); var level = accessControlService.GetAccessLevel(accessRules, principal); if (level < AccessLevel.Read) { results.Where(r => r.Link == page.PageUrl).ToList().ForEach(r => r.IsDenied = true); } } results.ForEach(p => { if (p.IsDenied) { p.Link = string.Empty; p.FormattedUrl = LuceneGlobalization.SearchResults_Secured_LinkTitle; p.Title = LuceneGlobalization.SearchResults_Secured_Title; p.Snippet = LuceneGlobalization.SearchResults_Secured_Snippet; } }); }
private void SyncRoles(IList<RoleCheckBox> checkBoxes, IList<Role> roles) { var selectedRoles = new List<Role>(); foreach (var role in Database.Session.Query<Role>()) { var checkbox = checkBoxes.Single(a => a.Id == role.Id); checkbox.Name = role.Name; if(checkbox.IsChecked) selectedRoles.Add(role); } foreach (var toAdd in selectedRoles.Where(a => !roles.Contains(a))) roles.Add(toAdd); foreach (var toRemove in roles.Where(a => !selectedRoles.Contains(a)).ToList()) roles.Remove(toRemove); }