public static ActionResult Save(ItemGrant grant, long groupId, string connectionString, string instanceName) { if (grant == null || string.IsNullOrEmpty(connectionString) || string.IsNullOrEmpty(instanceName)) { return(ActionResult.NoAction); } string source = "ItemGrant::Save"; /* CREATE PROCEDURE Core_ItemGrant_Save * @GroupId bigint, * @ItemName nvarchar(50), * @CanRead bit, * @CanWrite bit, * @CanDelete bit */ var res = ActionResult.NoAction; using (SqlCommand cmd = new SqlCommand("Core_ItemGrant_Save")) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(DataParameter.Input("@GroupId", groupId)); cmd.Parameters.Add(DataParameter.Input("@ItemName", grant.ItemName, 50)); cmd.Parameters.Add(DataParameter.Input("@CanRead", grant.Read)); cmd.Parameters.Add(DataParameter.Input("@CanWrite", grant.Write)); cmd.Parameters.Add(DataParameter.Input("@CanDelete", grant.Delete)); using (SqlConnection cnn = new SqlConnection(connectionString)) { cmd.Connection = cnn; try { cmd.CommandTimeout = 120; cmd.Connection.Open(); cmd.ExecuteNonQuery(); res.SetSuccess(); } catch (NullReferenceException ex) { ExceptionManager.LogException(ex as Exception, source); res.SetFail(ex); } catch (SqlException ex) { ExceptionManager.LogException(ex as Exception, source); res.SetFail(ex); } catch (NotSupportedException ex) { ExceptionManager.LogException(ex as Exception, source); res.SetFail(ex); } } } return(res); }
public static ItemGrant ByItem(ApplicationUser user, string itemName) { ItemGrant res = ItemGrant.Empty; if (user.Core) { res.Delete = true; res.Write = true; res.Read = true; res.ItemName = itemName; res.ItemLabel = itemName; } else if (user.Grants.Any(g => g.ItemName.Equals(itemName, StringComparison.OrdinalIgnoreCase))) { res = user.Grants.Where(g => g.ItemName.Equals(itemName, StringComparison.OrdinalIgnoreCase)).First(); } return(res); }
/*public void GetGrants() * { * this.grants = ItemGrant.ByGroup(this.Id).ToList(); * }*/ public void GetGrants(string connectionString) { this.grants = ItemGrant.ByGroup(this.Id, connectionString).ToList(); }
/*public static ItemGrant ByItem(string itemName) * { * if (string.IsNullOrEmpty(itemName)) * { * return ItemGrant.Empty; * } * * if (SecurityPersistence.UserEffectiveGrants(HttpContext.Current.Session["InstanceName"] as string, HttpContext.Current.Session["User"] as ApplicationUser).Any(g => g.ItemName.Equals(itemName, StringComparison.OrdinalIgnoreCase))) * { * return SecurityPersistence.UserEffectiveGrants(HttpContext.Current.Session["InstanceName"] as string, HttpContext.Current.Session["User"] as ApplicationUser).Where(g => g.ItemName.Equals(itemName, StringComparison.OrdinalIgnoreCase)).First(); * } * * return ItemGrant.Empty; * }*/ public static ActionResult SetGroupGrant(ReadOnlyCollection <ItemGrant> grants, long groupId, string connectionString) { var res = ActionResult.NoAction; if (grants == null) { return(res); } //// Instance instance = HttpContext.Current.Session["Instance"] as Instance; //// CustomerFramework customerConfig = HttpContext.Current.Session["FrameworkCustomer"] as CustomerFramework; if (1 == 2) { /*using (SqlCommand cmd = new SqlCommand()) * { * cmd.CommandText = string.Format( * CultureInfo.InvariantCulture, * @"DELETE FROM Grant_Item WHERE GroupId = {0}", * groupId); * cmd.CommandType = CommandType.Text; * using (SqlConnection cnn = new SqlConnection(customerConfig.Config.ConnectionString)) * { * cmd.Connection = cnn; * cmd.Connection.Open(); * cmd.ExecuteNonQuery(); * cmd.Connection.Close(); * } * } * * Parallel.ForEach(grants, * () => * { * var con = new SqlConnection(customerConfig.Config.ConnectionString); * var cmd = con.CreateCommand(); * con.Open(); * cmd.CommandText = "Core_ItemGrant_Save"; * cmd.CommandType = CommandType.StoredProcedure; * cmd.Parameters.Add(new SqlParameter("@GroupId", SqlDbType.BigInt)); * cmd.Parameters.Add(new SqlParameter("@ItemName", SqlDbType.NVarChar, 50)); * cmd.Parameters.Add(new SqlParameter("@CanRead", SqlDbType.Bit)); * cmd.Parameters.Add(new SqlParameter("@CanWrite", SqlDbType.Bit)); * cmd.Parameters.Add(new SqlParameter("@CanDelete", SqlDbType.Bit)); * cmd.Prepare(); * return new { Conn = con, Cmd = cmd }; * }, * (grant, pls, localInit) => * { * localInit.Cmd.Parameters["@GroupId"].Value = groupId; * localInit.Cmd.Parameters["@ItemName"].Value = grant.ItemName; * localInit.Cmd.Parameters["@CanRead"].Value = grant.Read; * localInit.Cmd.Parameters["@CanWrite"].Value = grant.Write; * localInit.Cmd.Parameters["@CanDelete"].Value = grant.Delete; * localInit.Cmd.ExecuteNonQuery(); * return localInit; * }, * (localInit) => * { * localInit.Cmd.Dispose(); * localInit.Conn.Dispose(); * SecurityPersistence.LoadGroupGrant(instance.Name, groupId); * }); * * res.SetSuccess();*/ } else { string errorMessage = string.Empty; foreach (ItemGrant grant in grants) { ActionResult t = ItemGrant.Save(grant, groupId, connectionString); if (!t.Success) { errorMessage += t.MessageError; } } if (!string.IsNullOrEmpty(errorMessage)) { res.SetFail(errorMessage); } else { res.SetSuccess(); } } return(res); }
/*/// <summary> * /// Gets grants for a security group * /// </summary> * /// <param name="groupId">Security group identifier</param> * /// <returns>Readonly collection of group grants</returns> * public static ReadOnlyCollection<ItemGrant> ByGroup(long groupId) * { * CustomerFramework customerConfig = HttpContext.Current.Session["FrameworkCustomer"] as CustomerFramework; * return ByGroup(groupId, customerConfig.Config.ConnectionString); * }*/ /// <summary> /// Gets grants for a security group /// </summary> /// <param name="groupId">Security group identifier</param> /// <param name="connectionString">String connection to data base</param> /// <returns>Readonly collection of group grants</returns> public static ReadOnlyCollection <ItemGrant> ByGroup(long groupId, string connectionString) { string source = string.Format(CultureInfo.InvariantCulture, "ItemGrant::ByGroup({0})", groupId); List <ItemGrant> res = new List <ItemGrant>(); using (SqlCommand cmd = new SqlCommand("Grant_Item_ByGroup")) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(DataParameter.Input("@GroupId", groupId)); using (SqlConnection cnn = new SqlConnection(connectionString)) { try { cmd.Connection = cnn; cmd.Connection.Open(); using (SqlDataReader rdr = cmd.ExecuteReader()) { while (rdr.Read()) { ItemGrant newItemGrant = new ItemGrant() { ItemName = rdr.GetString(ColumnsGrantItemGet.ItemName).ToUpperInvariant(), Read = rdr.GetBoolean(ColumnsGrantItemGet.CanRead), Write = rdr.GetBoolean(ColumnsGrantItemGet.CanWrite), Delete = rdr.GetBoolean(ColumnsGrantItemGet.CanDelete) }; newItemGrant.PreventNullFieldsGrant(); res.Add(newItemGrant); } } } catch (NullReferenceException ex) { ExceptionManager.LogException(ex as Exception, source); } catch (ArgumentNullException ex) { ExceptionManager.LogException(ex as Exception, source); } catch (ArgumentException ex) { ExceptionManager.LogException(ex as Exception, source); } catch (FormatException ex) { ExceptionManager.LogException(ex as Exception, source); } catch (SqlException ex) { ExceptionManager.LogException(ex as Exception, source); } catch (NotSupportedException ex) { ExceptionManager.LogException(ex as Exception, source); } } } return(new ReadOnlyCollection <ItemGrant>(res)); }