forumpermission.cs

本系统是在asp版《在线文件管理器》的基础上设计制作

//------------------------------------------------------------------------------
// <copyright company="Telligent Systems">
//     Copyright (c) Telligent Systems Corporation.  All rights reserved.
// </copyright> 
//------------------------------------------------------------------------------

using System;

using CommunityServer.Components;

namespace CommunityServer.Discussions.Components {

    /// <summary>
    /// Summary description for ForumPermission.
    /// </summary>
	public class ForumPermission : PermissionBase {

		public ForumPermission() : base() {
		}

		public ForumPermission(  int site, Guid role, string name, Permission allow, Permission deny, bool impliedPermissions ) 
			: base( site, role, name, allow, deny, impliedPermissions ) {
		}


		#region Public Properites - Permissions
		public virtual bool View {
			get{ return GetBit( Permission.View ); }
		}

		public virtual bool Read {
			get{ return GetBit( Permission.Read ); }
		}

		public virtual bool Post {
			get{ return GetBit( Permission.Post ); }
		}

		public virtual bool Reply {
			get{ return GetBit( Permission.Reply ); }
		}
        
		public virtual bool Edit {
			get{ return GetBit( Permission.Edit ); }
		}
        
		public virtual bool Delete {
			get{ return GetBit( Permission.Delete ); }
		}
        
		public virtual bool Attachment {
			get{ return GetBit( Permission.Attachment ); }
		}
        
		public virtual bool Vote {
			get{ return GetBit( Permission.Vote ); }
		}

		public virtual bool CreatePoll {
			get{ return GetBit( Permission.CreatePoll ); }
		}
        
		public virtual bool Sticky {
			get{ return GetBit( Permission.Sticky ); }
		}
        
		public virtual bool Announcement {
			get{ return GetBit( Permission.Announcement ); }
		}

		public virtual bool EditOthers {
			get{ return GetBit( Permission.EditOthers ); }
		}

		public virtual bool Moderate {
			get{ return GetBit( Permission.Moderate ); }
		}

		public virtual bool Administer {
			get{ return GetBit( Permission.Administer ); }
		}
		
		public virtual bool SystemAdminister {
			get{ return GetBit( Permission.SystemAdmin ); }
		}
		#endregion

		public static bool Validate(Section section, Permission permission, User user, Post p) {
			if(section == null || section.PermissionSet == null || user == null )
				return false;

            if(user.IsForumAdministrator)
                return true;

			bool bReturn = true;
			ForumPermission fpFinal = section.ResolvePermission(user) as ForumPermission;

            if(fpFinal.Moderate)
                return true;

			if((permission == (permission | Permission.Administer)) && bReturn )
				bReturn &= fpFinal.Administer;

			if((permission == (permission | Permission.Announcement)) && bReturn ) 
				bReturn &= fpFinal.Announcement;

			if((permission == (permission | Permission.Attachment)) && bReturn )
				bReturn &= fpFinal.Attachment;

			if((permission == (permission | Permission.CreatePoll)) && bReturn )
				bReturn &= fpFinal.CreatePoll;
            
			if((permission == (permission | Permission.Delete)) && bReturn ) 
				bReturn &= fpFinal.Delete;

			if((permission == (permission | Permission.Edit)) && bReturn )
				bReturn &= fpFinal.Edit;

			if((permission == (permission | Permission.EditOthers)) && bReturn )
				bReturn &= fpFinal.EditOthers;

			if((permission == (permission | Permission.Moderate)) && bReturn )
				bReturn &= fpFinal.Moderate;

			if((permission == (permission | Permission.Post)) && bReturn )
				bReturn &= fpFinal.Post;

			if((permission == (permission | Permission.Read)) && bReturn )
				bReturn &= fpFinal.Read;

			if((permission == (permission | Permission.Reply)) && bReturn )
				bReturn &= fpFinal.Reply;

			if((permission == (permission | Permission.Sticky)) && bReturn )
				bReturn &= fpFinal.Sticky;

			if((permission == (permission | Permission.View)) && bReturn )
				bReturn &= fpFinal.View;

			if((permission == (permission | Permission.Vote)) && bReturn )
				bReturn &= fpFinal.Vote;

    		return bReturn;
		}

		#region AccessCheck



		public static void AccessCheck(Section section, Permission permission, User user, Post post) {
			CSContext csContext = CSContext.Current;


			int forumID;
			if (post != null)
				forumID = post.SectionID;
			else
				forumID = section.SectionID;

			if (CommunityServer.Discussions.Moderate.IsForumModerator(user, 0, forumID))
				return;


			/*
			 * Not sure when this was commented out, but it seems
			 * this was done to lower the overhead of making a trip
			 * to the DP.  Needs to check against the forum permission instead.
			 * 
			// Moderators can delete posts
			//
			if (user.IsForumAdministrator)
				return;
				
			if ( (CSContext.Current.User.IsModerator) && (Moderate.CheckIfUserIsModerator(CSContext.Current.User.UserID, post.ForumID)) )
				return;

			*/

			ForumPermission fp = section.ResolvePermission( user ) as ForumPermission;

			// 修改，斑竹只能修改所在版块的权限
			//
            //if(fp.Moderate)
            //    return;

			// TDD HACK 10/20/2004
			// there is a bug with the C# compiler in that if you have an Int64 enum and try to use it in a switch statement, 
			// the case values are only treated as Int32 and not the enum type. To solve this I'm having to use the constant 
			// values from the enumeration to make this work.
			long lValue = (long)permission;
			switch (lValue) {
				case 0x0100000000000000: //(long)Permission.Administer:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if( !fp.Administer )
						RedirectOrExcpetion(CSExceptionType.AdministrationAccessDenied);
					break;
				case (long)Permission.Announcement:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if (csContext.User.IsAnonymous)
						if (!csContext.Context.Request.IsAuthenticated)
							RedirectOrExcpetion(CSExceptionType.PostEditAccessDenied);

					if (!fp.Announcement)
						RedirectOrExcpetion(CSExceptionType.PostAnnounceAccessDenied);
					break;
				case (long)Permission.Attachment:
					// TODO may need to add configuration value to allow anonymous attachments
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if(!fp.Attachment)
						RedirectOrExcpetion(CSExceptionType.PostAttachmentsNotAllowed);
					break;
				case (long)0x0000000100000000: //Permission.CreatePoll:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if (!fp.CreatePoll)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);
					break;
				case (long)Permission.Delete:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if (csContext.User.IsAnonymous)
						if (!csContext.Context.Request.IsAuthenticated)
							RedirectOrExcpetion(CSExceptionType.PostDeleteAccessDenied);

					// If the user is denied delete return
					if (!fp.Delete)
						RedirectOrExcpetion(CSExceptionType.PostDeleteAccessDenied);

					// Ensure we have a post
					//
					if (post == null)
						throw new Exception("Post parameter is required for Delete check");

					// Ensure the user that created this post is the user attempting to delete it
					//
					if (csContext.User.UserID != post.User.UserID)
						RedirectOrExcpetion(CSExceptionType.PostDeleteAccessDenied);

					// Does the post have children, if so the user can't delete
					//
					if (post.Replies > 0)
						RedirectOrExcpetion(CSExceptionType.PostDeleteAccessDeniedHasReplies);

					// Has the time limit been exceeded for this user to delete the post?
					//
					if (CSContext.Current.SiteSettings.PostDeleteAgeInMinutes > 0)
						if( DateTime.Now < post.PostDate.AddMinutes(CSContext.Current.SiteSettings.PostDeleteAgeInMinutes))
							RedirectOrExcpetion(CSExceptionType.PostDeletePermissionExpired);
					break;
				case (long)Permission.Edit:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if (csContext.User.IsAnonymous)
						if (!csContext.Context.Request.IsAuthenticated)
							RedirectOrExcpetion(CSExceptionType.PostEditAccessDenied);

					if (!fp.Edit)
						RedirectOrExcpetion(CSExceptionType.PostEditAccessDenied);

					if (post == null)
						throw new Exception("Post parameter is required for Edit check");

					// Ensure the user that created this post is the user attempting to delete it
					// or that the user is an editor
					// 修改，斑竹只能修改本版帖子
					//if (csContext.User.UserID != post.User.UserID && !fp.EditOthers )
					if (csContext.User.UserID != post.User.UserID )
					{
						if (csContext.User.IsModerator)
							RedirectOrExcpetion(CSExceptionType.ModerateAccessDenied);
						else
							RedirectOrExcpetion(CSExceptionType.PostEditAccessDenied);
					}

					// Has the time limit been exceeded for this user to delete the post?
					//
					if (CSContext.Current.SiteSettings.PostEditBodyAgeInMinutes > 0)
						if (post.PostDate < DateTime.Now.AddMinutes(CSContext.Current.SiteSettings.PostEditBodyAgeInMinutes))
							RedirectOrExcpetion(CSExceptionType.PostEditPermissionExpired);

					break;
				case 0x0000000800000000://Permission.EditOthers:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if(!fp.EditOthers)
						RedirectOrExcpetion(CSExceptionType.PostEditAccessDenied);
					break;
				case 0x0000100000000000://Permission.Moderate:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if(!fp.Moderate)
						RedirectOrExcpetion(CSExceptionType.ModerateAccessDenied);
					break;
				case (long)Permission.Post:
					if ((!CSContext.Current.SiteSettings.EnableAnonymousUserPosting) && (!section.EnableAnonymousPosting) && (csContext.User.IsAnonymous))
						if (!csContext.Context.Request.IsAuthenticated)
							RedirectOrExcpetion(CSExceptionType.PostAccessDenied);

					if (!fp.Post)
						RedirectOrExcpetion(CSExceptionType.PostAccessDenied);
					break;

				case (long)Permission.Read:
					if(!fp.Read)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					break;
				case (long)Permission.Reply:
					
					if ((csContext.User.IsAnonymous) && (!section.EnableAnonymousPosting) && (!CSContext.Current.SiteSettings.EnableAnonymousUserPosting))
						if (!csContext.Context.Request.IsAuthenticated)
							RedirectOrExcpetion(CSExceptionType.PostReplyAccessDenied);

					if (!fp.Reply) 
						RedirectOrExcpetion(CSExceptionType.PostReplyAccessDenied);
					
					// Ensure we have a post
					//
					if (post == null)
						throw new Exception("Post parameter is required for Reply check");

					// Can't reply if locked
					//
					if (post.IsLocked)
						RedirectOrExcpetion(CSExceptionType.PostLocked);

					break;
				case 0x0000000200000000://Permission.Sticky:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);
					
					if(!fp.Sticky)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);
					break;
				case (long)Permission.View:
					if(!fp.View)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);
					break;
				case (long)Permission.Vote:
					if (!csContext.Context.Request.IsAuthenticated)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);

					if (!fp.Vote)
						RedirectOrExcpetion(CSExceptionType.AccessDenied);
					break;
				default	:
					RedirectOrExcpetion(CSExceptionType.AccessDenied);
                    break;
			}
		}
		#endregion

	}

}