private static void Step2(HttpRequest request, Literal rolesexport) { rolesexport.Text += "Export preview<br><br>"; var allright = CurrentRights.GetAllRightsMaster(); var rols = request.Form.Get("rol"); if (rols != null) { foreach (var rol in rols.Split(',')) { rolesexport.Text += "<strong>" + rol + "</strong> :<br> "; var account = Sitecore.Security.Accounts.Role.FromName(rol); if (account == null) { break; } foreach (var itemWithRights in allright) { var accessRules = itemWithRights.Security.GetAccessRules(); if (accessRules != null) { foreach (var rule in accessRules) { if (rule.Account == account) { AccessRuleCollection ruleCollection = new AccessRuleCollection(); ruleCollection.Add(rule); rolesexport.Text += itemWithRights.Paths.FullPath + " " + RightsHelper.RightToHtml(rule) + " " + rule.AccessRight.Name + " " + rule.SecurityPermission.ToString() + "<br>"; } } } } rolesexport.Text += "<br>\n"; } rolesexport.Text += "<form method=\"post\" action=\"/sitecore modules/Shell/Security-Rights-Reporting/Download.aspx?rolesexport=1\" enctype=\"multipart/form-data\"><input type=\"hidden\" id=\"rol\" name=\"rol\" value=\"" + "" + HttpUtility.HtmlAttributeEncode(rols) + "\"><input type=\"submit\" value=\"Download\" name=\"submit\" ></form>"; } }
public static void DisplayAccountRight(Literal userrights, Database db, string account, bool showdefaultrights) { if (account == "all") { userrights.Text += string.Format("<h2 id=\"{0}\">Item Rights set on all users and roles on {0} Database</h2>", db.Name); } else { userrights.Text += string.Format("<h2 id=\"{1}\">Item Rights set on account {0} on {1} Database</h2>", System.Web.HttpUtility.HtmlEncode(account), db.Name); } //We use a query instead of index search because, security field data is not in query, will be slower by large resultset. var itemList = CurrentRights.GetAllRights(db); if (itemList.Count.ToString() == Settings.GetSetting("Query.MaxItems")) { userrights.Text += "<p style=\"color:#FF3333;\">Alert Query limit is: " + itemList.Count + " looks like we don't have all data because this limit see Query.MaxItems in config </p>"; } var count = 0; var checkAccount = new CheckAccount(); string outmessage; var defaultRights = Reporting.Shell.RightsData.RightsData.GetDefaultRights(db.Name, account, out outmessage); if (!string.IsNullOrEmpty(outmessage)) { userrights.Text += "<p>" + outmessage + "</p>"; } userrights.Text += "<table id=\"table-accountrights\">"; foreach (var item in itemList) { var accessRules = item.Security.GetAccessRules(); if (accessRules != null) { if (account == "devexport") { userrights.Text += string.Format(",new[] {{\"{0}\",@\"{1}\"}}\n<br>", item.Paths.FullPath, item.Fields["__Security"].Value); if (item.Paths.FullPath.StartsWith("[orphan]")) { userrights.Text += string.Format("orphan id={0} template={1}\n<br>", item.ID, item.TemplateID); } } else { foreach (var rule in accessRules) { var defaultRight = defaultRights.FirstOrDefault(x => x.Path == item.Paths.FullPath && x.Account == rule.Account.Name && x.Right == rule.SecurityPermission.ToString() && x.Name == rule.AccessRight.Name && x.PropagationType == rule.PropagationType.ToString()); var style = ""; var message = ""; if (defaultRight != null) { defaultRight.Hit = true; style = " style=\"color:#008800;\" class=\"green\""; message = string.Format(", ({0})", defaultRight.Message); if (!showdefaultrights) { continue; } } var accountExsist = true; if (rule.Account.AccountType == AccountType.Role) { accountExsist = checkAccount.IsRolExsisting(rule.Account.Name); } else { accountExsist = checkAccount.IsUserExsisting(rule.Account.Name); } if (!accountExsist) { message += ", Account unknown"; style = " style=\"color:#FFA500;\" class=\"orange\""; } if (rule.Account.Name == account) { userrights.Text += string.Format("<tr{3}><td>{0}</td><td>{1}</td><td>{6}</td><td>{7}</td><td>{2}{4}</td><td>{5}</td></tr>\n", item.Paths.FullPath, rule.AccessRight.Comment, rule.SecurityPermission, style, message, rule.PropagationType, rule.AccessRight.Name, RightsHelper.RightToHtml(rule)); count++; } else if (account == "all") { userrights.Text += string.Format("<tr{4}><td>{0}</td><td>{8} : {1}</td><td>{7}</td><td>{9}</td><td>{2}{5}</td><td>{3}</td><td>{6}</td></tr>\n", item.Paths.FullPath, rule.Account.Name, rule.AccessRight.Comment, rule.SecurityPermission, style, message, rule.PropagationType, rule.AccessRight.Name, rule.Account.AccountType.ToString(), RightsHelper.RightToHtml(rule)); count++; } else if (account == "alldevexport") { userrights.Text += string.Format(",new[] {{\"{0}\",\"{1}\",\"{2}\",\"{3}\"}}\n<br>", item.Paths.FullPath, rule.Account.Name.Replace("\\", "\\\\"), rule.SecurityPermission, rule.PropagationType); count++; } } } } } if (count == 0) { if (showdefaultrights) { userrights.Text += "<tr><td>No rights found in this Database for the user or role.</td></tr>"; } else { userrights.Text += "<tr><td>No custom rights found in this Database.</td></tr>"; } } userrights.Text += "</table>"; var warningRights = defaultRights.Where(x => x.Hit == false).ToList(); if (warningRights.Any()) { userrights.Text += "<br><span style=\"color:#880000;\">WARNING:</span> Expected rights not found, or no Access:<br><table style=\"color:#880000;\">"; foreach (var warningRight in warningRights) { userrights.Text += string.Format("<tr><td>{0}</td><td>{1}</td><td>{2}</td><td>{3}</td><td>{4}</td><td>{5}</td></tr>\n", warningRight.Path, warningRight.Account, warningRight.Name, warningRight.Message, warningRight.Right, warningRight.PropagationType); } userrights.Text += "</table>"; } }