guestbookpermission.cs

本系统是在asp版《在线文件管理器》的基础上设计制作

//------------------------------------------------------------------------------
// <copyright company="Telligent Systems">
//     Copyright (c) Telligent Systems Corporation.  All rights reserved.
// </copyright> 
//------------------------------------------------------------------------------

using System;
using CommunityServer.Components;

namespace CommunityServer.GuestBooks.Components
{
	/// <summary>
	/// Summary description for GuestBookPermission.
	/// </summary>
	public class GuestBookPermission : PermissionBase
	{
		public GuestBookPermission()
		{
			
		}

		#region Permissions
		public virtual bool View 
		{
			get{ return GetBit( Permission.View ); }
		}

		/// <summary>
		/// Can the current User edit the Blogs Content
		/// </summary>
		public virtual bool Post 
		{
			get{ return GetBit( Permission.Post ); }
		}

		/// <summary>
		/// Can the current User post comments
		/// </summary>
		public virtual bool Reply 
		{
			get{ return GetBit( Permission.Reply ); }
		}
		#endregion

		#region Validate
		public static bool Validate(Section section, Permission permission, User user, Post p)
		{
			if(user.IsAdministrator)
				return true;

			if(section == null || section.PermissionSet == null || user == null )
				return false;

			bool bReturn = true;
			GuestBookPermission fpFinal = section.ResolvePermission(user) as GuestBookPermission;

			if((permission == (permission | Permission.Post)) && bReturn )
				bReturn &= fpFinal.Post;

			if((permission == (permission | Permission.Reply)) && bReturn )
				bReturn &= fpFinal.Reply;

			if((permission == (permission | Permission.View)) && bReturn )
				bReturn &= fpFinal.View;

			return bReturn;
		}
		#endregion

		#region AccessCheck
		public static void AccessCheck(Section section, Permission permission, User user, Post post)
		{
			if (user.IsAdministrator)
				return;

			CSContext csContext = CSContext.Current;

			GuestBookPermission fp = section.ResolvePermission( user ) as GuestBookPermission;

			long lValue = (long)permission;
			switch (lValue) 
			{
				case (long)Permission.Post:
					if ((!section.EnableAnonymousPosting) && (csContext.User.IsAnonymous) && (!CSContext.Current.SiteSettings.EnableAnonymousUserPosting))
						if (!csContext.Context.Request.IsAuthenticated)
							throw new CSException(CSExceptionType.PostAccessDenied);

					if (!fp.Post)
						throw new CSException(CSExceptionType.PostAccessDenied);
					break;

				case (long)Permission.Reply:
					
					if ((csContext.User.IsAnonymous) && (!section.EnableAnonymousPosting) && (!CSContext.Current.SiteSettings.EnableAnonymousUserPosting))
						if (!csContext.Context.Request.IsAuthenticated)
							throw new CSException(CSExceptionType.PostReplyAccessDenied);

					if (!fp.Reply) 
						throw new CSException(CSExceptionType.PostReplyAccessDenied);
					
					// Ensure we have a post
					//
					if (post == null)
						throw new Exception("Post parameter is required for Reply check");

					// Can't reply if locked
					//
					if (post.IsLocked)
						throw new CSException(CSExceptionType.PostLocked);

					break;
				case (long)Permission.View:
					if(!fp.View)
						throw new CSException(CSExceptionType.AccessDenied);
					break;
				default:
					throw new CSException(CSExceptionType.AccessDenied);
			}
		}
		#endregion


	}
}