- Timestamp:
- 09/25/17 15:36:54 (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/HiveService.cs
r15358 r15379 532 532 result = HeartbeatManager.ProcessHeartbeat(heartbeat); 533 533 } 534 } 535 catch (Exception ex) { 534 } catch (Exception ex) { 536 535 DA.LogFactory.GetLogger(this.GetType().Namespace).Log(string.Format("Exception processing Heartbeat: {0}", ex)); 537 536 } … … 604 603 #endregion 605 604 606 #region ResourcePermission Methods 607 public void GrantResourcePermissions(Guid resourceId, Guid[] grantedUserIds) { 608 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 609 var pm = PersistenceManager; 610 using (new PerformanceLogger("GrantResourcePermissions")) { 611 pm.UseTransaction(() => { 612 var resource = AuthorizeForResource(pm, resourceId); 613 var resourcePermissions = resource.ResourcePermissions.ToList(); 605 #region Project Methods 606 public Guid AddProject(DT.Project projectDto) { 607 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator); 608 var pm = PersistenceManager; 609 using (new PerformanceLogger("AddProject")) { 610 var projectDao = pm.ProjectDao; 611 return pm.UseTransaction(() => { 612 var project = projectDao.Save(projectDto.ToEntity()); 613 pm.SubmitChanges(); 614 return project.ProjectId; 615 }); 616 } 617 } 618 619 public void UpdateProject(DT.Project projectDto) { 620 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator); 621 var pm = PersistenceManager; 622 using (new PerformanceLogger("UpdateProject")) { 623 var projectDao = pm.ProjectDao; 624 pm.UseTransaction(() => { 625 var project = projectDao.GetById(projectDto.Id); 626 if (project != null) { 627 projectDto.CopyToEntity(project); 628 } else { 629 projectDao.Save(projectDto.ToEntity()); 630 } 631 pm.SubmitChanges(); 632 }); 633 } 634 } 635 636 public void DeleteProject(Guid projectId) { 637 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator); 638 AuthorizationManager.AuthorizeForResourceAdministration(projectId); 639 var pm = PersistenceManager; 640 using (new PerformanceLogger("DeleteProject")) { 641 var projectDao = pm.ProjectDao; 642 pm.UseTransaction(() => { 643 projectDao.Delete(projectId); 644 pm.SubmitChanges(); 645 }); 646 } 647 } 648 649 public DT.Project GetProject(Guid projectId) { 650 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator); 651 var pm = PersistenceManager; 652 using (new PerformanceLogger("GetProject")) { 653 var projectDao = pm.ProjectDao; 654 return pm.UseTransaction(() => projectDao.GetById(projectId).ToDto()); 655 } 656 } 657 658 public IEnumerable<DT.Project> GetProjects() { 659 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 660 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator); 661 var pm = PersistenceManager; 662 using (new PerformanceLogger("GetProjects")) { 663 var projectDao = pm.ProjectDao; 664 var projectPermissionDao = pm.ProjectPermissionDao; 665 var currentUserId = UserManager.CurrentUserId; 666 return pm.UseTransaction(() => { 667 var resourcePermissions = projectPermissionDao.GetAll(); 668 return projectDao.GetAll().ToList() 669 .Where(x => isAdministrator 670 || x.OwnerUserId == currentUserId 671 || UserManager.VerifyUser(currentUserId, resourcePermissions 672 .Where(y => y.ProjectId == x.ProjectId) 673 .Select(z => z.GrantedUserId) 674 .ToList()) 675 ) 676 .Select(x => x.ToDto()) 677 .ToList(); 678 }); 679 } 680 } 681 #endregion 682 683 #region ProjectPermission Methods 684 public void GrantProjectPermissions(Guid projectId, Guid[] grantedUserIds) { 685 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 686 var pm = PersistenceManager; 687 using (new PerformanceLogger("GrantProjectPermissions")) { 688 pm.UseTransaction(() => { 689 var project = AuthorizeForProject(pm, projectId); 690 var projectPermissions = project.ProjectPermissions.ToList(); 614 691 foreach (var id in grantedUserIds) { 615 if ( resourcePermissions.All(x => x.GrantedUserId != id)) {616 resource.ResourcePermissions.Add(new DA.ResourcePermission {692 if (projectPermissions.All(x => x.GrantedUserId != id)) { 693 project.ProjectPermissions.Add(new DA.ProjectPermission { 617 694 GrantedUserId = id, 618 695 GrantedByUserId = UserManager.CurrentUserId … … 625 702 } 626 703 627 public void Revoke ResourcePermissions(Guid resourceId, Guid[] grantedUserIds) {628 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 629 var pm = PersistenceManager; 630 using (new PerformanceLogger("Revoke ResourcePermissions")) {631 var resourcePermissionDao = pm.ResourcePermissionDao;632 pm.UseTransaction(() => { 633 AuthorizeFor Resource(pm, resourceId);634 resourcePermissionDao.DeleteByResourceAndGrantedUserId(resourceId, grantedUserIds);635 pm.SubmitChanges(); 636 }); 637 } 638 } 639 640 public IEnumerable<DT. ResourcePermission> GetResourcePermissions(Guid resourceId) {641 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 642 var pm = PersistenceManager; 643 using (new PerformanceLogger("Get ResourcePermissions")) {644 var resourcePermissionDao = pm.ResourcePermissionDao;645 return pm.UseTransaction(() => resourcePermissionDao.GetByResourceId(resourceId)704 public void RevokeProjectPermissions(Guid projectId, Guid[] grantedUserIds) { 705 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 706 var pm = PersistenceManager; 707 using (new PerformanceLogger("RevokeProjectPermissions")) { 708 var projectPermissionDao = pm.ProjectPermissionDao; 709 pm.UseTransaction(() => { 710 AuthorizeForProject(pm, projectId); 711 projectPermissionDao.DeleteByProjectAndGrantedUserId(projectId, grantedUserIds); 712 pm.SubmitChanges(); 713 }); 714 } 715 } 716 717 public IEnumerable<DT.ProjectPermission> GetProjectPermissions(Guid projectId) { 718 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 719 var pm = PersistenceManager; 720 using (new PerformanceLogger("GetProjectPermissions")) { 721 var projectPermissionDao = pm.ProjectPermissionDao; 722 return pm.UseTransaction(() => projectPermissionDao.GetByProjectId(projectId) 646 723 .Select(x => x.ToDto()) 647 724 .ToList() … … 696 773 using (new PerformanceLogger("GetSlaves")) { 697 774 var slaveDao = pm.SlaveDao; 698 var resourcePermissionDao = pm. ResourcePermissionDao;775 var resourcePermissionDao = pm.ProjectPermissionDao; 699 776 var currentUserId = UserManager.CurrentUserId; 700 777 return pm.UseTransaction(() => { … … 721 798 using (new PerformanceLogger("GetSlaveGroups")) { 722 799 var slaveGroupDao = pm.SlaveGroupDao; 723 var resourcePermissionDao = pm. ResourcePermissionDao;800 var resourcePermissionDao = pm.ProjectPermissionDao; 724 801 var currentUserId = UserManager.CurrentUserId; 725 802 return pm.UseTransaction(() => { … … 990 1067 } 991 1068 992 private DA. Resource AuthorizeForResource(IPersistenceManager pm, Guid resourceId) {993 var resourceDao = pm.ResourceDao;994 var resource = resourceDao.GetById(resourceId);995 if ( resource== null) throw new SecurityException("Not authorized");996 if ( resource.OwnerUserId != UserManager.CurrentUserId1069 private DA.Project AuthorizeForProject(IPersistenceManager pm, Guid projectId) { 1070 var projectDao = pm.ProjectDao; 1071 var project = projectDao.GetById(projectId); 1072 if (project == null) throw new SecurityException("Not authorized"); 1073 if (project.OwnerUserId != UserManager.CurrentUserId 997 1074 && !RoleVerifier.IsInRole(HiveRoles.Administrator)) { 998 1075 throw new SecurityException("Not authorized"); 999 1076 } 1000 return resource;1077 return project; 1001 1078 } 1002 1079 #endregion
Note: See TracChangeset
for help on using the changeset viewer.