API tools faq
paste
Guest User

Untitled

a guest
Jul 21st, 2018
61
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.49 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Linq;
  4. using System.Text;
  5. using Microsoft.SharePoint;
  6. using Microsoft.SharePoint.Publishing;
  7. using Precio.Soc.ExternalWeb.BL.PageManagers;
  8. using Precio.Soc.ExternalWeb.Common.Containers;
  9. using Precio.Soc.ExternalWeb.DAL.FourLevelEntities;
  10. using COB.SharePoint.Utilities;
  11. using Precio.Soc.ExternalWeb.Common;
  12. using Precio.Services.Logging;
  13. using Precio.Soc.ExternalWeb.Common.Configuration;
  14. using Precio.Soc.ExternalWeb.BL.Navigation;
  15.  
  16. namespace Precio.Soc.ExternalWeb.BL.Security
  17. {
  18. public delegate void RunWithElevatedPrivilegesWebDelegate(SPWeb elevatedWeb);
  19. public delegate void RunWithElevatedPrivilegesSiteDelegate(SPSite elevatedSite);
  20.  
  21. public class SecurityUtil
  22. {
  23. /// <summary>
  24. /// Runs the specified delegate method with elevated privileges if current user has high enough permission level.
  25. /// </summary>
  26. /// <param name="codeToRunElevated">The code to run elevated.</param>
  27. /// <param name="minimumPermissionLevel">Minimum requested permission level for operation</param>
  28. public static void RunWithElevatedPrivilegesIfUserHasPermissionLevel(SocExtWebRolePermissions minimumPermissionLevel, RunWithElevatedPrivilegesSiteDelegate codeToRunElevated)
  29. {
  30. if (SecurityUtil.DoesUserHaveRolePermission(
  31. SPContext.Current.Web.CurrentUser,
  32. minimumPermissionLevel))
  33. {
  34. RunWithElevatedPrivileges(codeToRunElevated);
  35. }
  36. else
  37. {
  38. codeToRunElevated(SPContext.Current.Site);
  39. }
  40. }
  41.  
  42. /// <summary>
  43. /// Runs the specified delegate method with elevated privileges.
  44. /// </summary>
  45. /// <param name="codeToRunElevated">The code to run elevated.</param>
  46. public static void RunWithElevatedPrivileges(RunWithElevatedPrivilegesSiteDelegate codeToRunElevated)
  47. {
  48. SPSecurity.RunWithElevatedPrivileges(delegate
  49. {
  50. using (SPSite elevatedSite = new SPSite(SPContext.Current.Web.Url))
  51. {
  52. bool formDigestSettings = elevatedSite.WebApplication.FormDigestSettings.Enabled;
  53. bool allowUnsafeUpdates = elevatedSite.AllowUnsafeUpdates;
  54.  
  55. try
  56. {
  57. elevatedSite.WebApplication.FormDigestSettings.Enabled = false;
  58. elevatedSite.AllowUnsafeUpdates = true;
  59. codeToRunElevated(elevatedSite);
  60. }
  61. finally
  62. {
  63. elevatedSite.AllowUnsafeUpdates = allowUnsafeUpdates;
  64. elevatedSite.WebApplication.FormDigestSettings.Enabled = formDigestSettings;
  65. }
  66. }
  67. });
  68. }
  69.  
  70. /// <summary>
  71. /// Runs the specified delegate method with elevated privileges.
  72. /// </summary>
  73. /// <param name="codeToRunElevated">The code to run elevated.</param>
  74. public static void RunWithElevatedPrivileges(RunWithElevatedPrivilegesWebDelegate codeToRunElevated)
  75. {
  76. SPSecurity.RunWithElevatedPrivileges(delegate
  77. {
  78. using (SPSite site = new SPSite(SPContext.Current.Web.Url))
  79. {
  80. using (SPWeb elevatedWeb = site.OpenWeb())
  81. {
  82. bool formDigestSettings = elevatedWeb.Site.WebApplication.FormDigestSettings.Enabled;
  83. bool allowUnsafeUpdates = elevatedWeb.AllowUnsafeUpdates;
  84. try
  85. {
  86. elevatedWeb.Site.WebApplication.FormDigestSettings.Enabled = false;
  87. elevatedWeb.AllowUnsafeUpdates = true;
  88.  
  89. codeToRunElevated(elevatedWeb);
  90. }
  91. finally
  92. {
  93. elevatedWeb.AllowUnsafeUpdates = allowUnsafeUpdates;
  94. elevatedWeb.Site.WebApplication.FormDigestSettings.Enabled = formDigestSettings;
  95. }
  96. }
  97. }
  98. });
  99. }
  100.  
  101. /// <summary>
  102. /// Runs the specified delegate method with elevated privileges.
  103. /// </summary>
  104. /// <param name="codeToRunElevated">The code to run elevated.</param>
  105. /// <param name="minimumPermissionLevel">Minimum requested permission level for operation</param>
  106. public static void RunWithElevatedPrivileges(RunWithElevatedPrivilegesWebDelegate codeToRunElevated, SocExtWebRolePermissions minimumPermissionLevel)
  107. {
  108. SPUser user = SPContext.Current.Web.CurrentUser;
  109.  
  110. bool userHasPermission = DoesUserHaveRolePermission(user, minimumPermissionLevel);
  111.  
  112. if (userHasPermission)
  113. {
  114. RunWithElevatedPrivileges(codeToRunElevated);
  115. }
  116. else
  117. {
  118. throw new UnauthorizedAccessException("Current user has no access for this operation.");
  119. }
  120. }
  121.  
  122. public static bool DoesUserHaveRolePermission(SPUser user, SocExtWebRolePermissions minimumPermissionLevel)
  123. {
  124. if (user == null)
  125. {
  126. return false;
  127. }
  128.  
  129. if (user.IsSiteAdmin)
  130. {
  131. return true;
  132. }
  133.  
  134. string anvandareGroupName = ConfigStoreUtil.GetConfigValue(Constants.ConfigCategories.GeneralConfiguration, Precio.Soc.ExternalWeb.Common.Constants.ConfigKeys.AnvandareGroupName);
  135. string redaktorGroupName = ConfigStoreUtil.GetConfigValue(Constants.ConfigCategories.GeneralConfiguration, Precio.Soc.ExternalWeb.Common.Constants.ConfigKeys.RedaktorGroupName);
  136. string webbSamordnareGroupName = ConfigStoreUtil.GetConfigValue(Constants.ConfigCategories.GeneralConfiguration, Precio.Soc.ExternalWeb.Common.Constants.ConfigKeys.WebbSamordnareGroupName);
  137. string webbStrategGroupName = ConfigStoreUtil.GetConfigValue(Constants.ConfigCategories.GeneralConfiguration, Precio.Soc.ExternalWeb.Common.Constants.ConfigKeys.WebbStrategGroupName);
  138.  
  139. if (minimumPermissionLevel == SocExtWebRolePermissions.Anvandare && (
  140. SPContext.Current.Web.SiteGroups[anvandareGroupName].ContainsCurrentUser ||
  141. SPContext.Current.Web.SiteGroups[redaktorGroupName].ContainsCurrentUser ||
  142. SPContext.Current.Web.SiteGroups[webbSamordnareGroupName].ContainsCurrentUser ||
  143. SPContext.Current.Web.SiteGroups[webbStrategGroupName].ContainsCurrentUser
  144. ))
  145. {
  146. return true;
  147. }
  148.  
  149. if (minimumPermissionLevel == SocExtWebRolePermissions.Redaktor && (
  150. SPContext.Current.Web.SiteGroups[redaktorGroupName].ContainsCurrentUser ||
  151. SPContext.Current.Web.SiteGroups[webbSamordnareGroupName].ContainsCurrentUser ||
  152. SPContext.Current.Web.SiteGroups[webbStrategGroupName].ContainsCurrentUser
  153. ))
  154. {
  155. return true;
  156. }
  157.  
  158. if (minimumPermissionLevel == SocExtWebRolePermissions.WebbSamordnare && (
  159. SPContext.Current.Web.SiteGroups[webbSamordnareGroupName].ContainsCurrentUser ||
  160. SPContext.Current.Web.SiteGroups[webbStrategGroupName].ContainsCurrentUser
  161. ))
  162. {
  163. return true;
  164. }
  165.  
  166. if (minimumPermissionLevel == SocExtWebRolePermissions.WebbStrateg && (
  167. SPContext.Current.Web.SiteGroups[webbStrategGroupName].ContainsCurrentUser
  168. ))
  169. {
  170. return true;
  171. }
  172.  
  173. return false;
  174. }
  175.  
  176.  
  177. /// <summary>
  178. /// Loads the group using the configuration.
  179. /// </summary>
  180. /// <param name="rootWeb"></param>
  181. /// <returns>The group, null if the group is not found.</returns>
  182. public static SPGroup GetWebbsamordnareGroup(SPWeb rootWeb)
  183. {
  184. string groupName;
  185. try
  186. {
  187. groupName = ConfigStoreUtil.GetConfigValue(Constants.ConfigCategories.GeneralConfiguration, Constants.ConfigKeys.WebbSamordnareGroupName);
  188. if (!rootWeb.ContainsSiteGroup(groupName))
  189. {
  190. LoggingServiceFacade.LogEvent(
  191. string.Format("SecurityUtil,GetWebbsamordnareGroup: The group {0} is missing, the configuration feature needs to be reactivated.", groupName),
  192. EntryType.Error);
  193. return null;
  194. }
  195. return rootWeb.SiteGroups[groupName];
  196. }
  197. catch (Exception ex)
  198. {
  199. LoggingServiceFacade.LogEvent(
  200. string.Format("SecurityUtil,GetWebbsamordnareGroup: Loading of group name failed, key: {0} \nReason:\n{1}",
  201. Constants.ConfigKeys.WebbSamordnareGroupName, ex.ToString()),
  202. EntryType.Error);
  203. return null;
  204. }
  205. }
  206.  
  207. public static string LoadRoleName(string roleNameConfigKey)
  208. {
  209. string value;
  210. try
  211. {
  212. value = ConfigStoreUtil.GetConfigValue(Constants.ConfigCategories.GeneralConfiguration, roleNameConfigKey);
  213. }
  214. catch (Exception ex)
  215. {
  216. LoggingServiceFacade.LogEvent(
  217. string.Format("EnsureConfigurationReceiver,EnsureRoles: Loading of rolename failed \nReason:\n{0}", ex.ToString()),
  218. EntryType.Error);
  219. value = null;
  220. }
  221. return value;
  222. }
  223.  
  224. /// <summary>
  225. ///
  226. /// </summary>
  227. /// <param name="currentSite"></param>
  228. /// <param name="changeType"></param>
  229. /// <param name="source"></param>
  230. /// <param name="target">null if target is root</param>
  231. /// <returns></returns>
  232. public static bool DoesUserHavePermissions(SPSite currentSite, ChangeType changeType, NodeValue source, NodeValue target)
  233. {
  234. bool userHasPermissions = true;
  235. switch (changeType)
  236. {
  237. case ChangeType.Copy:
  238. //if source is web, check managesubwebs on target else check addlistitems
  239. userHasPermissions =
  240. (IsWeb(currentSite, source) && CheckWebPermission(currentSite, target, SPBasePermissions.ManageSubwebs))
  241. || (!IsWeb(currentSite, source) && CheckPermission(currentSite, target, SPBasePermissions.AddListItems, SPBasePermissions.AddListItems));
  242. break;
  243. case ChangeType.Move:
  244. //Check if source is default sheisse
  245. using (var man = new FourLevelManager())
  246. {
  247. if (target == null && !man.IsPageDefaultPage(source.MossPageId, currentSite))
  248. {
  249. userHasPermissions = false;
  250. break;
  251. }
  252. }
  253.  
  254. //Check source, ManageWeb? Check target, ManageSubWebs?
  255. if (target != null)
  256. userHasPermissions =
  257. (IsWeb(currentSite, source) && CheckPermission(currentSite, target, SPBasePermissions.ManageSubwebs, SPBasePermissions.AddListItems) && CheckWebPermission(currentSite, source, SPBasePermissions.ManageWeb)
  258. || (!IsWeb(currentSite, source) && CheckPermission(currentSite, target, SPBasePermissions.AddListItems, SPBasePermissions.AddListItems) && CheckWebPermission(currentSite, source, SPBasePermissions.AddListItems)));
  259. else
  260. userHasPermissions = CheckWebPermission(currentSite, new NodeValue()
  261. {
  262. Level = PageLevel.Level0
  263. }, SPBasePermissions.ManageSubwebs);
  264. break;
  265. case ChangeType.Mirror:
  266. //Is in correct role on target?
  267. userHasPermissions = CheckPermission(currentSite, source, SPBasePermissions.AddListItems, SPBasePermissions.AddListItems);
  268. break;
  269. case ChangeType.Delete:
  270. //Has manageweb || deletelistitem on source?
  271. userHasPermissions = CheckPermission(currentSite, source, SPBasePermissions.ManageWeb, SPBasePermissions.DeleteListItems);
  272. break;
  273. case ChangeType.DeleteMirror:
  274. //Is in correct role on source
  275. userHasPermissions = CheckPermission(currentSite, source, SPBasePermissions.ManageWeb, SPBasePermissions.AddListItems);
  276. break;
  277. case ChangeType.Rename:
  278. //Has editlistitem || has manageweb
  279. userHasPermissions = CheckPermission(currentSite, source, SPBasePermissions.ManageWeb, SPBasePermissions.ManageWeb);
  280. break;
  281. case ChangeType.Reorder:
  282. userHasPermissions = CheckWebPermission(currentSite, source, SPBasePermissions.ManageWeb);
  283. break;
  284. case ChangeType.Hide:
  285. userHasPermissions = CheckPermission(currentSite, source, SPBasePermissions.ManageWeb, SPBasePermissions.ManageWeb);
  286. break;
  287. case ChangeType.Show:
  288. userHasPermissions = CheckPermission(currentSite, source, SPBasePermissions.ManageWeb, SPBasePermissions.ManageWeb);
  289. break;
  290. default:
  291. break;
  292. }
  293. return userHasPermissions;
  294. }
  295.  
  296. private static bool IsWeb(SPSite currentSite, NodeValue source)
  297. {
  298. bool isWeb;
  299. using (StructureDelegate del = new StructureDelegate())
  300. {
  301. IFourLevelEntity sourceEntity = del.LoadEntityById(source.Level, source.GetId());
  302.  
  303. using (SPWeb containingWeb = currentSite.OpenWeb(sourceEntity.MossPage.WebId))
  304. {
  305. PublishingWeb publWeb = PublishingWeb.GetPublishingWeb(containingWeb);
  306. SPListItem physicalPage = publWeb.PagesList.GetItemById(sourceEntity.MossPage.ItemId);
  307.  
  308. if (publWeb.DefaultPage.UniqueId == physicalPage.File.UniqueId)
  309. {
  310. isWeb = true;
  311. }
  312. else
  313. {
  314. isWeb = false;
  315. }
  316. }
  317. }
  318. return isWeb;
  319. }
  320.  
  321. private static bool CheckPermission(SPSite currentSite, NodeValue source, SPBasePermissions rightsIfWeb, SPBasePermissions rightsIfListItem)
  322. {
  323. bool hasPermissions;
  324. using (StructureDelegate del = new StructureDelegate())
  325. {
  326. IFourLevelEntity sourceEntity = del.LoadEntityById(source.Level, source.GetId());
  327.  
  328. using (SPWeb containingWeb = currentSite.OpenWeb(sourceEntity.MossPage.WebId))
  329. {
  330. PublishingWeb publWeb = PublishingWeb.GetPublishingWeb(containingWeb);
  331. SPListItem physicalPage = publWeb.PagesList.GetItemById(sourceEntity.MossPage.ItemId);
  332.  
  333. if (publWeb.DefaultPage.UniqueId == physicalPage.File.UniqueId)
  334. {
  335. hasPermissions = containingWeb.DoesUserHavePermissions(rightsIfWeb);
  336. }
  337. else
  338. {
  339. hasPermissions = physicalPage.DoesUserHavePermissions(rightsIfListItem);
  340. }
  341. }
  342. }
  343. return hasPermissions;
  344. }
  345.  
  346. private static bool CheckWebPermission(SPSite currentSite, NodeValue source, SPBasePermissions permission)
  347. {
  348. bool hasPermissions;
  349. if (source.Level == PageLevel.Level0)
  350. {
  351. hasPermissions = currentSite.RootWeb.DoesUserHavePermissions(permission);
  352. }
  353. else
  354. {
  355. using (StructureDelegate del = new StructureDelegate())
  356. {
  357. IFourLevelEntity sourceEntity = del.LoadEntityById(source.Level, source.GetId());
  358.  
  359. using (SPWeb containingWeb = currentSite.OpenWeb(sourceEntity.MossPage.WebId))
  360. {
  361. hasPermissions = containingWeb.DoesUserHavePermissions(permission);
  362. }
  363. }
  364. }
  365. return hasPermissions;
  366. }
  367.  
  368. public static bool IsPageChildOnTarget(NodeValue sourceNodeValue, NodeValue targetNodeValue)
  369. {
  370. bool hasSameParent;
  371. using (var man = new FourLevelManager())
  372. {
  373. var sourceEntity = man.LoadEntityById(sourceNodeValue.Level, sourceNodeValue.GetId());
  374. var targetEntity = man.LoadEntityById(targetNodeValue.Level, targetNodeValue.GetId());
  375. hasSameParent = man.IsParentOfNode(sourceEntity, targetEntity);
  376. }
  377. return hasSameParent;
  378. }
  379. }
  380. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!