Utility class for writing permissions and authorizations.
示例#1
0
        /// <summary>
        /// Adds some ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="page">The page.</param>
        /// <param name="grants">The granted actions.</param>
        /// <param name="denials">The denied actions.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool AddAclEntriesForPage(string subject, string page, string[] grants, string[] denials)
        {
            bool isGroup = subject.StartsWith("G.");

            subject = subject.Substring(2);

            PageInfo currentPage = Pages.FindPage(page);

            UserGroup group = null;
            UserInfo  user  = null;

            if (isGroup)
            {
                group = Users.FindUserGroup(subject);
            }
            else
            {
                user = Users.FindUser(subject);
            }

            foreach (string action in grants)
            {
                bool done = false;
                if (isGroup)
                {
                    done = AuthWriter.SetPermissionForPage(AuthStatus.Grant,
                                                           currentPage, action, group);
                }
                else
                {
                    done = AuthWriter.SetPermissionForPage(AuthStatus.Grant,
                                                           currentPage, action, user);
                }
                if (!done)
                {
                    return(false);
                }
            }

            foreach (string action in denials)
            {
                bool done = false;
                if (isGroup)
                {
                    done = AuthWriter.SetPermissionForPage(AuthStatus.Deny,
                                                           currentPage, action, group);
                }
                else
                {
                    done = AuthWriter.SetPermissionForPage(AuthStatus.Deny,
                                                           currentPage, action, user);
                }
                if (!done)
                {
                    return(false);
                }
            }

            return(true);
        }
示例#2
0
        protected void btnPrivate_Click(object sender, EventArgs e)
        {
            string currentWiki = DetectWiki();

            NamespaceInfo nspace = Pages.FindNamespace(currentWiki, txtCurrentNamespace.Value);

            RemoveAllPermissions(nspace);

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            // Set permissions
            authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.FullControl,
                                                 Users.FindUserGroup(currentWiki, Settings.GetAdministratorsGroup(currentWiki)));

            authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.CreatePages,
                                                 Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki)));
            authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ManageCategories,
                                                 Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki)));
            authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.PostDiscussion,
                                                 Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki)));
            authWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.DownloadAttachments,
                                                 Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki)));

            RefreshPermissionsManager();
        }
        /// <summary>
        /// Recursively moves permissions from the old (renamed) directory to the new one.
        /// </summary>
        /// <param name="oldDirectory">The old directory name.</param>
        /// <param name="newDirectory">The new directory name.</param>
        private void MovePermissions(string oldDirectory, string newDirectory)
        {
            if (!oldDirectory.StartsWith("/"))
            {
                oldDirectory = "/" + oldDirectory;
            }
            if (!oldDirectory.EndsWith("/"))
            {
                oldDirectory = oldDirectory + "/";
            }
            if (!newDirectory.StartsWith("/"))
            {
                newDirectory = "/" + newDirectory;
            }
            if (!newDirectory.EndsWith("/"))
            {
                newDirectory = newDirectory + "/";
            }

            foreach (string sub in provider.ListDirectories(oldDirectory))
            {
                string subNew = newDirectory + sub.Substring(oldDirectory.Length);
                MovePermissions(sub, subNew);
            }

            AuthWriter.ClearEntriesForDirectory(provider, newDirectory);
            AuthWriter.ProcessDirectoryRenaming(provider, oldDirectory, newDirectory);
        }
        protected void btnNormal_Click(object sender, EventArgs e)
        {
            NamespaceInfo nspace = Pages.FindNamespace(txtCurrentNamespace.Value);

            RemoveAllPermissions(nspace);

            // Set permissions
            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.FullControl,
                                                 Users.FindUserGroup(Settings.AdministratorsGroup));

            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.CreatePages,
                                                 Users.FindUserGroup(Settings.UsersGroup));
            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ManageCategories,
                                                 Users.FindUserGroup(Settings.UsersGroup));
            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.PostDiscussion,
                                                 Users.FindUserGroup(Settings.UsersGroup));
            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.DownloadAttachments,
                                                 Users.FindUserGroup(Settings.UsersGroup));

            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ReadPages,
                                                 Users.FindUserGroup(Settings.AnonymousGroup));
            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.ReadDiscussion,
                                                 Users.FindUserGroup(Settings.AnonymousGroup));
            AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, nspace, Actions.ForNamespaces.DownloadAttachments,
                                                 Users.FindUserGroup(Settings.AnonymousGroup));

            RefreshPermissionsManager();
        }
示例#5
0
        /// <summary>
        /// Sets file management permissions for the users or anonymous users group in the given wiki, importing version 2.0 values.
        /// </summary>
        /// <param name="wiki">The wiki.</param>
        /// <param name="group">The group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private static bool SetupFileManagementPermissions(string wiki, UserGroup group)
        {
            bool done = true;

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki));

            if (Settings.GetUsersCanViewFiles(wiki))
            {
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, group);
                foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki))
                {
                    done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, group);
                }
            }
            if (Settings.GetUsersCanUploadFiles(wiki))
            {
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.UploadAttachments, group);
                foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki))
                {
                    done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.UploadFiles, group);
                    done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.CreateDirectories, group);
                }
            }
            if (Settings.GetUsersCanDeleteFiles(wiki))
            {
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DeleteAttachments, group);
                foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki))
                {
                    done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteFiles, group);
                    done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteDirectories, group);
                }
            }

            return(done);
        }
示例#6
0
        /// <summary>
        /// Sets the default permissions for the administrators group, properly importing version 2.0 values.
        /// </summary>
        /// <param name="administrators">The administrators group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        public static bool SetAdministratorsGroupDefaultPermissions(UserGroup administrators)
        {
            // Administrators can do any operation
            return(AuthWriter.SetPermissionForGlobals(AuthStatus.Grant, Actions.FullControl, administrators));

            // Settings.ConfigVisibleToAdmins is not imported on purpose
        }
        protected void btnNewDirectory_Click(object sender, EventArgs e)
        {
            if (canCreateDirs)
            {
                txtNewDirectoryName.Text = txtNewDirectoryName.Text.Trim();

                lblNewDirectoryResult.Text = "";
                txtNewDirectoryName.Text   = txtNewDirectoryName.Text.Trim('/');
                AuthWriter.ClearEntriesForDirectory(provider, CurrentDirectory + txtNewDirectoryName.Text + "/");
                bool done = provider.CreateDirectory(CurrentDirectory, txtNewDirectoryName.Text);
                if (!done)
                {
                    lblNewDirectoryResult.CssClass = "resulterror";
                    lblNewDirectoryResult.Text     = Properties.Messages.CannotCreateNewDirectory;
                }
                else
                {
                    txtNewDirectoryName.Text = "";

                    Host.Instance.OnDirectoryActivity(provider.GetType().FullName,
                                                      CurrentDirectory + txtNewDirectoryName.Text + "/", null, FileActivity.DirectoryCreated);
                }
                rptItems.DataBind();
            }
        }
示例#8
0
        /// <summary>
        /// Sets file management permissions for the users or anonymous users group, importing version 2.0 values.
        /// </summary>
        /// <param name="group">The group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private static bool SetupFileManagementPermissions(UserGroup group)
        {
            bool done = true;

            if (Settings.UsersCanViewFiles)
            {
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, group);
                foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders)
                {
                    done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, group);
                }
            }
            if (Settings.UsersCanUploadFiles)
            {
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.UploadAttachments, group);
                foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders)
                {
                    done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.UploadFiles, group);
                    done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.CreateDirectories, group);
                }
            }
            if (Settings.UsersCanDeleteFiles)
            {
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DeleteAttachments, group);
                foreach (IFilesStorageProviderV30 prov in Collectors.FilesProviderCollector.AllProviders)
                {
                    done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteFiles, group);
                    done &= AuthWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DeleteDirectories, group);
                }
            }

            return(done);
        }
示例#9
0
        /// <summary>
        /// Adds some ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="provider">The provider.</param>
        /// <param name="directory">The directory.</param>
        /// <param name="grants">The granted actions.</param>
        /// <param name="denials">The denies actions.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool AddAclEntriesForDirectory(string subject, IFilesStorageProviderV40 provider, string directory, string[] grants, string[] denials)
        {
            bool isGroup = subject.StartsWith("G.");

            subject = subject.Substring(2);

            UserGroup group = null;
            UserInfo  user  = null;

            if (isGroup)
            {
                group = Users.FindUserGroup(currentWiki, subject);
            }
            else
            {
                user = Users.FindUser(currentWiki, subject);
            }

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            foreach (string action in grants)
            {
                bool done = false;
                if (isGroup)
                {
                    done = authWriter.SetPermissionForDirectory(AuthStatus.Grant,
                                                                provider, directory, action, group);
                }
                else
                {
                    done = authWriter.SetPermissionForDirectory(AuthStatus.Grant,
                                                                provider, directory, action, user);
                }
                if (!done)
                {
                    return(false);
                }
            }

            foreach (string action in denials)
            {
                bool done = false;
                if (isGroup)
                {
                    done = authWriter.SetPermissionForDirectory(AuthStatus.Deny,
                                                                provider, directory, action, group);
                }
                else
                {
                    done = authWriter.SetPermissionForDirectory(AuthStatus.Deny,
                                                                provider, directory, action, user);
                }
                if (!done)
                {
                    return(false);
                }
            }

            return(true);
        }
示例#10
0
        /// <summary>
        /// Sets the default permissions for the users group in the given wiki, properly importing version 2.0 values.
        /// </summary>
        /// <param name="wiki">The wiki.</param>
        /// <param name="users">The users group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        public static bool SetUsersGroupDefaultPermissions(string wiki, UserGroup users)
        {
            bool done = true;

            // Set namespace-related permissions
            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki));

            if (Settings.GetUsersCanCreateNewPages(wiki))
            {
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, users);
            }
            else
            {
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, users);
            }
            done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, users);
            if (Settings.GetUsersCanCreateNewCategories(wiki) || Settings.GetUsersCanManagePageCategories(wiki))
            {
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, users);
            }

            done &= SetupFileManagementPermissions(wiki, users);

            return(done);
        }
示例#11
0
        /// <summary>
        /// Removes all the permissions for a page.
        /// </summary>
        /// <param name="pageFullName">The page full name.</param>
        private void RemoveAllPermissions(string pageFullName)
        {
            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            authWriter.RemoveEntriesForPage(Users.FindUserGroup(currentWiki, Settings.GetAnonymousGroup(currentWiki)), pageFullName);
            authWriter.RemoveEntriesForPage(Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki)), pageFullName);
            authWriter.RemoveEntriesForPage(Users.FindUserGroup(currentWiki, Settings.GetAdministratorsGroup(currentWiki)), pageFullName);
        }
示例#12
0
        /// <summary>
        /// Sets the default permissions for the administrators group, properly importing version 2.0 values.
        /// </summary>
        /// <param name="wiki">The wiki.</param>
        /// <param name="administrators">The administrators group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        public static bool SetAdministratorsGroupDefaultPermissions(string wiki, UserGroup administrators)
        {
            // Administrators can do any operation
            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki));

            return(authWriter.SetPermissionForGlobals(AuthStatus.Grant, Actions.FullControl, administrators));

            // Settings.ConfigVisibleToAdmins is not imported on purpose
        }
示例#13
0
        /// <summary>
        /// Removes all the permissions for a namespace.
        /// </summary>
        /// <param name="nspace">The namespace (<c>null</c> for the root).</param>
        private void RemoveAllPermissions(NamespaceInfo nspace)
        {
            string currentWiki = DetectWiki();

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            authWriter.RemoveEntriesForNamespace(Users.FindUserGroup(currentWiki, Settings.GetAnonymousGroup(currentWiki)), nspace);
            authWriter.RemoveEntriesForNamespace(Users.FindUserGroup(currentWiki, Settings.GetUsersGroup(currentWiki)), nspace);
            authWriter.RemoveEntriesForNamespace(Users.FindUserGroup(currentWiki, Settings.GetAdministratorsGroup(currentWiki)), nspace);
        }
        /// <summary>
        /// Deletes the permissions of a directory.
        /// </summary>
        /// <param name="provider">The provider.</param>
        /// <param name="directory">The directory.</param>
        private static void DeletePermissions(IFilesStorageProviderV30 provider, string directory)
        {
            directory = NormalizeFullPath(directory);

            foreach (string sub in provider.ListDirectories(directory))
            {
                DeletePermissions(provider, sub);
            }

            AuthWriter.ClearEntriesForDirectory(provider, directory);
        }
示例#15
0
        /// <summary>
        /// Deletes the permissions of a directory.
        /// </summary>
        /// <param name="provider">The provider.</param>
        /// <param name="directory">The directory.</param>
        private static void DeletePermissions(IFilesStorageProviderV40 provider, string directory)
        {
            directory = NormalizeFullPath(directory);

            foreach (string sub in provider.ListDirectories(directory))
            {
                DeletePermissions(provider, sub);
            }

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(provider.CurrentWiki));

            authWriter.ClearEntriesForDirectory(provider, directory);
        }
示例#16
0
        protected void btnPublic_Click(object sender, EventArgs e)
        {
            string page = txtCurrentPage.Value;

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            // Set permissions
            authWriter.SetPermissionForPage(AuthStatus.Grant, page, Actions.ForPages.ModifyPage,
                                            Users.FindUserGroup(currentWiki, Settings.GetAnonymousGroup(currentWiki)));
            authWriter.SetPermissionForPage(AuthStatus.Grant, page, Actions.ForPages.PostDiscussion,
                                            Users.FindUserGroup(currentWiki, Settings.GetAnonymousGroup(currentWiki)));

            RefreshPermissionsManager();
        }
示例#17
0
        /// <summary>
        /// Removes all the ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="provider">The provider.</param>
        /// <param name="directory">The directory.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool RemoveAllAclEntriesForDirectory(string subject, IFilesStorageProviderV30 provider, string directory)
        {
            bool isGroup = lstSubjects.SelectedValue.StartsWith("G.");

            subject = subject.Substring(2);

            if (isGroup)
            {
                return(AuthWriter.RemoveEntriesForDirectory(
                           Users.FindUserGroup(subject), provider, directory));
            }
            return(AuthWriter.RemoveEntriesForDirectory(
                       Users.FindUser(subject), provider, directory));
        }
示例#18
0
        protected void btnLocked_Click(object sender, EventArgs e)
        {
            PageInfo page = Pages.FindPage(txtCurrentPage.Value);

            RemoveAllPermissions(page);

            // Set permissions
            AuthWriter.SetPermissionForPage(AuthStatus.Deny, page, Actions.ForPages.ModifyPage,
                                            Users.FindUserGroup(Settings.UsersGroup));
            AuthWriter.SetPermissionForPage(AuthStatus.Deny, page, Actions.ForPages.ModifyPage,
                                            Users.FindUserGroup(Settings.AnonymousGroup));

            RefreshPermissionsManager();
        }
示例#19
0
        /// <summary>
        /// Removes all the ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="nspace">The namespace (<c>null</c> for the root).</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool RemoveAllAclEntriesForNamespace(string subject, string nspace)
        {
            bool isGroup = lstSubjects.SelectedValue.StartsWith("G.");

            subject = subject.Substring(2);

            NamespaceInfo namespaceInfo = Pages.FindNamespace(nspace);

            if (isGroup)
            {
                return(AuthWriter.RemoveEntriesForNamespace(
                           Users.FindUserGroup(subject), namespaceInfo));
            }
            return(AuthWriter.RemoveEntriesForNamespace(
                       Users.FindUser(subject), namespaceInfo));
        }
示例#20
0
        /// <summary>
        /// Removes all the ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="page">The page.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool RemoveAllAclEntriesForPage(string subject, string page)
        {
            bool isGroup = lstSubjects.SelectedValue.StartsWith("G.");

            subject = subject.Substring(2);

            PageInfo currentPage = Pages.FindPage(page);

            if (isGroup)
            {
                return(AuthWriter.RemoveEntriesForPage(
                           Users.FindUserGroup(subject), currentPage));
            }
            return(AuthWriter.RemoveEntriesForPage(
                       Users.FindUser(subject), currentPage));
        }
示例#21
0
        /// <summary>
        /// Deletes the permissions of a directory.
        /// </summary>
        /// <param name="directory">The directory.</param>
        private void DeletePermissions(string directory)
        {
            if (!directory.StartsWith("/"))
            {
                directory = "/" + directory;
            }
            if (!directory.EndsWith("/"))
            {
                directory = directory + "/";
            }

            foreach (string sub in provider.ListDirectories(directory))
            {
                DeletePermissions(sub);
            }

            AuthWriter.ClearEntriesForDirectory(provider, directory);
        }
示例#22
0
        /// <summary>
        /// Sets the default permissions for the anonymous users group in the given wiki, properly importing version 2.0 values.
        /// </summary>
        /// <param name="wiki">The wiki.</param>
        /// <param name="anonymous">The anonymous users group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        public static bool SetAnonymousGroupDefaultPermissions(string wiki, UserGroup anonymous)
        {
            bool done = true;

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki));

            // Properly import Private/Public Mode wiki
            if (Settings.GetPrivateAccess(wiki))
            {
                // Nothing to do, because without any explicit grant, Anonymous users cannot do anything
            }
            else if (Settings.GetPublicAccess(wiki))
            {
                // Public access, allow modification and propagate file management permissions if they were allowed for anonymous users
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, anonymous);
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, anonymous);
                if (Settings.GetUsersCanCreateNewPages(wiki))
                {
                    done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, anonymous);
                }
                if (Settings.GetUsersCanCreateNewCategories(wiki) || Settings.GetUsersCanManagePageCategories(wiki))
                {
                    done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, anonymous);
                }
                if (Settings.GetFileManagementInPublicAccessAllowed(wiki))
                {
                    SetupFileManagementPermissions(wiki, anonymous);
                }
            }
            else
            {
                // Standard configuration, only allow read permissions
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ReadPages, anonymous);
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ReadDiscussion, anonymous);
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.DownloadAttachments, anonymous);

                foreach (IFilesStorageProviderV60 prov in Collectors.CollectorsBox.FilesProviderCollector.GetAllProviders(wiki))
                {
                    done &= authWriter.SetPermissionForDirectory(AuthStatus.Grant, prov, "/", Actions.ForDirectories.DownloadFiles, anonymous);
                }
            }

            return(done);
        }
示例#23
0
        /// <summary>
        /// Removes all the ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="provider">The provider.</param>
        /// <param name="directory">The directory.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool RemoveAllAclEntriesForDirectory(string subject, IFilesStorageProviderV40 provider, string directory)
        {
            bool isGroup = lstSubjects.SelectedValue.StartsWith("G.");

            subject = subject.Substring(2);

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            if (isGroup)
            {
                return(authWriter.RemoveEntriesForDirectory(
                           Users.FindUserGroup(currentWiki, subject), provider, directory));
            }
            else
            {
                return(authWriter.RemoveEntriesForDirectory(
                           Users.FindUser(currentWiki, subject), provider, directory));
            }
        }
示例#24
0
        /// <summary>
        /// Imports version 2.0 page discussion settings and properly propagates them to user groups and single pages, when needed, for the given wiki.
        /// </summary>
        /// <param name="wiki">The wiki.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private static bool ImportPageDiscussionPermissions(string wiki)
        {
            // Notes
            // Who can read pages, can read discussions
            // Who can modify pages, can post messages and read discussions
            // Who can manage pages, can manage discussions and post messages

            // Possible values: page|normal|locked|public
            string value = Settings.GetDiscussionPermissions(wiki).ToLowerInvariant();

            UserGroup usersGroup     = Users.FindUserGroup(wiki, Settings.GetUsersGroup(wiki));
            UserGroup anonymousGroup = Users.FindUserGroup(wiki, Settings.GetAnonymousGroup(wiki));

            bool done = true;

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(wiki));

            switch (value)
            {
            case "page":
                // Nothing to do
                break;

            case "normal":
                // Allow Users to post messages
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup);
                break;

            case "locked":
                // Deny Users to post messages
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Deny, null, Actions.ForNamespaces.PostDiscussion, usersGroup);
                break;

            case "public":
                // Allow Users and Anonymous Users to post messages
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup);
                done &= authWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, anonymousGroup);
                break;
            }

            return(true);
        }
示例#25
0
        /// <summary>
        /// Removes all the ACL entries for a subject.
        /// </summary>
        /// <param name="subject">The subject.</param>
        /// <param name="nspace">The namespace (<c>null</c> for the root).</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool RemoveAllAclEntriesForNamespace(string subject, string nspace)
        {
            bool isGroup = lstSubjects.SelectedValue.StartsWith("G.");

            subject = subject.Substring(2);

            NamespaceInfo namespaceInfo = Pages.FindNamespace(currentWiki, nspace);

            AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));

            if (isGroup)
            {
                return(authWriter.RemoveEntriesForNamespace(
                           Users.FindUserGroup(currentWiki, subject), namespaceInfo));
            }
            else
            {
                return(authWriter.RemoveEntriesForNamespace(
                           Users.FindUser(currentWiki, subject), namespaceInfo));
            }
        }
示例#26
0
        /// <summary>
        /// Imports version 2.0 page discussion settings and properly propagates them to user groups and single pages, when needed.
        /// </summary>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private static bool ImportPageDiscussionPermissions()
        {
            // Notes
            // Who can read pages, can read discussions
            // Who can modify pages, can post messages and read discussions
            // Who can manage pages, can manage discussions and post messages

            // Possible values: page|normal|locked|public
            var value = Settings.DiscussionPermissions.ToLowerInvariant();

            UserGroup usersGroup     = Users.FindUserGroup(Settings.UsersGroup);
            UserGroup anonymousGroup = Users.FindUserGroup(Settings.AnonymousGroup);

            var done = true;

            switch (value)
            {
            case "page":
                // Nothing to do
                break;

            case "normal":
                // Allow Users to post messages
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup);
                break;

            case "locked":
                // Deny Users to post messages
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Deny, null, Actions.ForNamespaces.PostDiscussion, usersGroup);
                break;

            case "public":
                // Allow Users and Anonymous Users to post messages
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, usersGroup);
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, anonymousGroup);
                break;
            }

            return(true);
        }
        /// <summary>
        /// Recursively moves permissions from the old (renamed) directory to the new one.
        /// </summary>
        /// <param name="provider">The provider.</param>
        /// <param name="oldDirectory">The old directory.</param>
        /// <param name="newDirectory">The new directory.</param>
        private static void MovePermissions(IFilesStorageProviderV30 provider, string oldDirectory, string newDirectory)
        {
            oldDirectory = NormalizeFullPath(oldDirectory);
            newDirectory = NormalizeFullPath(newDirectory);

            // At this point the directory has been already renamed,
            // thus we must list on the new directory and construct the old name
            // Example: /directory/one/ renamed to /directory/two-two/
            // List on /directory/two-two/
            //     dir1
            //     dir2
            // oldSub = /directory/one/dir1/

            foreach (string sub in provider.ListDirectories(newDirectory))
            {
                string oldSub = oldDirectory + sub.Substring(newDirectory.Length);
                MovePermissions(provider, oldSub, sub);
            }

            AuthWriter.ClearEntriesForDirectory(provider, newDirectory);
            AuthWriter.ProcessDirectoryRenaming(provider, oldDirectory, newDirectory);
        }
示例#28
0
        /// <summary>
        /// Adds some ACL entries for a group.
        /// </summary>
        /// <param name="group">The group.</param>
        /// <param name="grants">The granted actions.</param>
        /// <param name="denials">The denied actions.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        private bool AddAclEntries(UserGroup group, string[] grants, string[] denials)
        {
            foreach (string action in grants)
            {
                bool done = AuthWriter.SetPermissionForGlobals(AuthStatus.Grant, action, group);
                if (!done)
                {
                    return(false);
                }
            }

            foreach (string action in denials)
            {
                bool done = AuthWriter.SetPermissionForGlobals(AuthStatus.Deny, action, group);
                if (!done)
                {
                    return(false);
                }
            }

            return(true);
        }
示例#29
0
        /// <summary>
        /// Sets the default permissions for the users group, properly importing version 2.0 values.
        /// </summary>
        /// <param name="users">The users group.</param>
        /// <returns><c>true</c> if the operation succeeded, <c>false</c> otherwise.</returns>
        public static bool SetUsersGroupDefaultPermissions(UserGroup users)
        {
            bool done = true;

            // Set namespace-related permissions
            if (Settings.UsersCanCreateNewPages)
            {
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.CreatePages, users);
            }
            else
            {
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ModifyPages, users);
            }
            done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.PostDiscussion, users);
            if (Settings.UsersCanCreateNewCategories || Settings.UsersCanManagePageCategories)
            {
                done &= AuthWriter.SetPermissionForNamespace(AuthStatus.Grant, null, Actions.ForNamespaces.ManageCategories, users);
            }

            done &= SetupFileManagementPermissions(users);

            return(done);
        }
示例#30
0
        protected void btnNewDirectory_Click(object sender, EventArgs e)
        {
            if (canCreateDirs)
            {
                txtNewDirectoryName.Text = txtNewDirectoryName.Text.Trim();

                lblNewDirectoryResult.Text = "";
                txtNewDirectoryName.Text   = txtNewDirectoryName.Text.Trim('/');
                AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki));
                authWriter.ClearEntriesForDirectory(provider, CurrentDirectory + txtNewDirectoryName.Text + "/");

                bool done = FilesAndAttachments.CreateDirectory(provider, CurrentDirectory, txtNewDirectoryName.Text);
                if (!done)
                {
                    lblNewDirectoryResult.CssClass = "resulterror";
                    lblNewDirectoryResult.Text     = Properties.Messages.CannotCreateNewDirectory;
                }
                else
                {
                    txtNewDirectoryName.Text = "";
                }
                rptItems.DataBind();
            }
        }