Changeset 15380
- Timestamp:
- 09/25/17 17:20:15 (7 years ago)
- Location:
- branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/HiveService.cs
r15379 r15380 636 636 public void DeleteProject(Guid projectId) { 637 637 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator); 638 AuthorizationManager.AuthorizeFor ResourceAdministration(projectId);638 AuthorizationManager.AuthorizeForProjectAdministration(projectId); 639 639 var pm = PersistenceManager; 640 640 using (new PerformanceLogger("DeleteProject")) { … … 665 665 var currentUserId = UserManager.CurrentUserId; 666 666 return pm.UseTransaction(() => { 667 var resourcePermissions = projectPermissionDao.GetAll();667 var projectPermissions = projectPermissionDao.GetAll(); 668 668 return projectDao.GetAll().ToList() 669 669 .Where(x => isAdministrator 670 670 || x.OwnerUserId == currentUserId 671 || UserManager.VerifyUser(currentUserId, resourcePermissions671 || UserManager.VerifyUser(currentUserId, projectPermissions 672 672 .Where(y => y.ProjectId == x.ProjectId) 673 673 .Select(z => z.GrantedUserId) … … 684 684 public void GrantProjectPermissions(Guid projectId, Guid[] grantedUserIds) { 685 685 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 686 AuthorizationManager.AuthorizeForProjectAdministration(projectId); 686 687 var pm = PersistenceManager; 687 688 using (new PerformanceLogger("GrantProjectPermissions")) { … … 704 705 public void RevokeProjectPermissions(Guid projectId, Guid[] grantedUserIds) { 705 706 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 707 AuthorizationManager.AuthorizeForProjectAdministration(projectId); 706 708 var pm = PersistenceManager; 707 709 using (new PerformanceLogger("RevokeProjectPermissions")) { 708 710 var projectPermissionDao = pm.ProjectPermissionDao; 709 711 pm.UseTransaction(() => { 710 AuthorizeForProject(pm, projectId);711 712 projectPermissionDao.DeleteByProjectAndGrantedUserId(projectId, grantedUserIds); 712 713 pm.SubmitChanges(); -
branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Interfaces/IAuthorizationManager.cs
r14185 r15380 35 35 36 36 void AuthorizeForResourceAdministration(Guid resourceId); 37 38 void AuthorizeForProjectAdministration(Guid projectId); 37 39 } 38 40 } -
branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager/AuthorizationManager.cs
r14185 r15380 81 81 } 82 82 83 public void AuthorizeForProjectAdministration(Guid projectId) { 84 var pm = PersistenceManager; 85 var projectDao = pm.ProjectDao; 86 pm.UseTransaction(() => { 87 var project = projectDao.GetById(projectId); 88 if (project == null) throw new SecurityException(NOT_AUTHORIZED); 89 if (project.OwnerUserId != UserManager.CurrentUserId 90 && !RoleVerifier.IsInRole(HiveRoles.Administrator)) { 91 throw new SecurityException(NOT_AUTHORIZED); 92 } 93 }); 94 } 95 83 96 private DA.Permission GetPermissionForJob(IPersistenceManager pm, Guid jobId, Guid userId) { 84 97 var jobDao = pm.JobDao; -
branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/ServiceContracts/IHiveService.cs
r15379 r15380 149 149 #endregion 150 150 151 #region ResourcePermission Methods152 [OperationContract] 153 void Grant ResourcePermissions(Guid resourceId, Guid[] grantedUserIds);154 155 [OperationContract] 156 void Revoke ResourcePermissions(Guid resourceId, Guid[] grantedUserIds);157 158 [OperationContract] 159 IEnumerable<ProjectPermission> Get ResourcePermissions(Guid resourceId);151 #region ProjectPermission Methods 152 [OperationContract] 153 void GrantProjectPermissions(Guid projectId, Guid[] grantedUserIds); 154 155 [OperationContract] 156 void RevokeProjectPermissions(Guid projectId, Guid[] grantedUserIds); 157 158 [OperationContract] 159 IEnumerable<ProjectPermission> GetProjectPermissions(Guid projectId); 160 160 #endregion 161 161
Note: See TracChangeset
for help on using the changeset viewer.