public static void ReplicateItems(DbConnection sqlConnection, int[] articleIds, int[] fieldIds) { var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); var sql = (dbType == DatabaseType.SqlServer) ? "qp_replicate_items" : "call qp_replicate_items(@ids, @attr_ids);"; using (var cmd = DbCommandFactory.Create(sql, sqlConnection)) { if (dbType == DatabaseType.SqlServer) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add(new SqlParameter("@ids", SqlDbType.NVarChar, -1) { Value = string.Join(",", articleIds) }); cmd.Parameters.Add(new SqlParameter("@attr_ids", SqlDbType.NVarChar, -1) { Value = string.Join(",", fieldIds) }); } else { cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", articleIds, dbType)); cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@attr_ids", fieldIds, dbType)); } cmd.Parameters.AddWithValue("@modification_update_interval", -1); cmd.ExecuteNonQuery(); } }
private static Dictionary <int, int?> GetPermissionLevels(DbConnection sqlConnection, int[] ids, int userId, int groupId, string entityTypeName, string parentEntityTypeName = "", int parentId = 0) { var result = new Dictionary <int, int?>(); var securitySql = Common.GetPermittedItemsAsQuery(sqlConnection, userId, groupId, PermissionLevel.Deny, PermissionLevel.FullAccess, entityTypeName, parentEntityTypeName, parentId); var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); var sql = $@" select i.id, pi.permission_level from {SqlQuerySyntaxHelper.IdList(dbType, "@ids", "i")} left join ({securitySql}) as pi on pi.{entityTypeName}_id = i.id " ; using (var cmd = DbCommandFactory.Create(sql, sqlConnection)) { cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", ids, dbType)); using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { result[Convert.ToInt32(reader["id"])] = Converter.ToNullableInt32(reader["permission_level"]); } } } return(result); }
private static Dictionary <int, bool> CheckSecurity(DbConnection sqlConnection, int parentId, IEnumerable <int> testIds, int userId, int startLevel, string entityName, string parentEntityName, string columnName) { var granted = new Dictionary <int, bool>(); var securitySql = Common.GetPermittedItemsAsQuery(sqlConnection, userId, 0, startLevel, PermissionLevel.FullAccess, entityName, parentEntityName, parentId); var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); var trueValue = SqlQuerySyntaxHelper.ToBoolSql(dbType, true); var falseValue = SqlQuerySyntaxHelper.ToBoolSql(dbType, false); var sql = $@" select i.id, {SqlQuerySyntaxHelper.CastToBool(dbType, $"case when pi.{columnName} is null then {falseValue} else {trueValue} end")} as granted from {SqlQuerySyntaxHelper.IdList(dbType, "@ids", "i")} left join ({securitySql}) as pi on pi.{columnName} = i.id " ; using (var cmd = DbCommandFactory.Create(sql, sqlConnection)) { cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", testIds, dbType)); using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { granted[Convert.ToInt32(reader["id"])] = (bool)reader["granted"]; } } } return(granted); }
public static void UpdateNotForReplication(DbConnection sqlConnection, int[] ids, int userId) { var dbType = DatabaseTypeHelper.ResolveDatabaseType(sqlConnection); var setTrue = dbType == DatabaseType.SqlServer ? "1" : "true"; var sql = $@" UPDATE CONTENT_ITEM SET NOT_FOR_REPLICATION = {setTrue}, MODIFIED = {SqlQuerySyntaxHelper.Now(dbType)}, LAST_MODIFIED_BY = @userId WHERE {SqlQuerySyntaxHelper.IsFalse(dbType, "NOT_FOR_REPLICATION")} AND CONTENT_ITEM_ID IN (select id from {Common.IdList(dbType, "@ids")}); "; using (var cmd = DbCommandFactory.Create(sql, sqlConnection)) { cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", ids, dbType)); cmd.Parameters.AddWithValue("@userId", userId); cmd.ExecuteNonQuery(); } }
public static RelationSecurityInfo GetRelationSecurityInfo(DbConnection dbConnection, int contentId, int[] ids) { var dbType = DatabaseTypeHelper.ResolveDatabaseType(dbConnection); var result = new RelationSecurityInfo(); var pathRows = GetRelationSecurityFields(dbConnection); var securityPathes = new List <List <RelationSecurityPathItem> >(); var finder = new RelationSecurityPathFinder(pathRows.ToList(), contentId); finder.Compute(); securityPathes.Add(finder.CurrentPath); foreach (var extra in finder.ExtraFinders) { extra.Compute(); securityPathes.Add(extra.CurrentPath); } foreach (var securityPath in securityPathes) { if (securityPath.Count <= 0) { var isEndNode = finder.PathRows.Any(n => (Converter.ToNullableInt32(n["rel_content_id"]) ?? 0) == contentId); if (!isEndNode) { result.MakeEmpty(); } else { result.AddContentInItemMapping(contentId, ids.ToDictionary(n => n, m => Enumerable.Repeat(m, 1).ToArray())); } return(result); } var lastItem = securityPath.Last(); var lastItemWithSecondary = Enumerable.Repeat(lastItem, 1).Concat(lastItem.Secondary).ToList(); var contentIds = lastItemWithSecondary.Where(n => !n.IsClassifier).Select(n => n.RelContentId).ToArray(); var attNames = lastItemWithSecondary.Where(n => n.IsClassifier).Select(n => n.AttributeName).ToArray(); foreach (var item in contentIds) { result.AddContentInItemMapping(item, new Dictionary <int, int[]>()); } var sql = GetSecurityPathSql(dbType, securityPath, contentId); using (var cmd = DbCommandFactory.Create(sql, dbConnection)) { cmd.Parameters.Add(SqlQuerySyntaxHelper.GetIdsDatatableParam("@ids", ids, dbType)); using (var reader = cmd.ExecuteReader()) { while (reader.Read()) { ProcessSecurityPathSqlReader(reader, contentIds, attNames, result); } } } AppendNotFound(ids, contentIds, result); } return(result); }
internal static DbParameter GetIdsDatatableParam(string paramName, IEnumerable <int> ids, DatabaseType databaseType = DatabaseType.SqlServer) => SqlQuerySyntaxHelper.GetIdsDatatableParam(paramName, ids, databaseType);