Your IP : 192.168.165.1


Current Path : C:/Windows/Microsoft.NET/Framework/v4.0.30319/ASP.NETWebAdminFiles/Security/Permissions/
Upload File :
Current File : C:/Windows/Microsoft.NET/Framework/v4.0.30319/ASP.NETWebAdminFiles/Security/Permissions/managePermissions.aspx

<%@ Page masterPageFile="~/WebAdminWithConfirmation.master" inherits="System.Web.Administration.SecurityPage"%>
<%@ MasterType virtualPath="~/WebAdminWithConfirmation.master" %>
<%@ Import Namespace="System.Drawing" %>
<%@ Import Namespace="System.Web.Administration" %>
<%@ Import Namespace="System.Web.Configuration" %>
<%@ Import Namespace="System.Web.Hosting" %>

<script runat="server" language="cs">
private const string SELECTED_RULE = "WebAdminSelectedRule";
private const string RULES = "WebAdminRules";
private const string NO_DELETE_RULES = "WebAdminNoDeleteRules";
private const string PARENT_RULE_COUNT = "WebAdminParentRuleCount";
private const string SELECTED_ITEM = "WebAdminSelectedItem";

private int ParentRuleCount {
    get {
        object obj = Session[PARENT_RULE_COUNT];
        return obj != null ? (int) obj : -1;
    }
    set {
        Session[PARENT_RULE_COUNT] = value;
    }
}

private ArrayList NotDeleteableRules {
    get {
        object obj = (ArrayList)Session[NO_DELETE_RULES];
        if (obj != null) {
            return (ArrayList)Session[NO_DELETE_RULES];
        } else {
            return (new ArrayList());
        }
    }
    set {
        Session[NO_DELETE_RULES] = value;
    }
}

private ArrayList Rules {
    get {
        object obj = (ArrayList)Session[RULES];
        if (obj != null) {
            return (ArrayList)Session[RULES];
        } else {
            return (new ArrayList());
        }
    }
    set {
        Session[RULES] = value;
    }
}

private int SelectedRule {
    get {
        object obj = Session[SELECTED_RULE];
        return obj != null ? (int) obj : -1;
    }
    set {
        Session[SELECTED_RULE] = value;
    }
}

private void GetNotDeletableRules(Configuration config) {
    AuthorizationSection notDeleteableAuth = (AuthorizationSection) config.GetSection("system.web/authorization");
    ArrayList arrNoDelete = new ArrayList();
    PropertyInformation propUsers = null;
    PropertyInformation propRoles = null;
    bool entryIsDeletable = false;
    int i = 0;
    foreach (AuthorizationRule entryKeep in notDeleteableAuth.Rules) {
        entryIsDeletable = true;
        propUsers = entryKeep.ElementInformation.Properties["users"];
        propRoles = entryKeep.ElementInformation.Properties["roles"];

        if (propUsers != null) {
            if (propUsers.ValueOrigin == PropertyValueOrigin.Inherited) {
                entryIsDeletable = false;
            }
        }

        if (propRoles != null && entryIsDeletable) {
            if (propRoles.ValueOrigin == PropertyValueOrigin.Inherited) {
                entryIsDeletable = false;
            }
        }

        if (!entryIsDeletable) {
            // store the index in here as to which one is not deletable
            arrNoDelete.Add(i);
        }

        i++;
    }

    Session[NO_DELETE_RULES] = arrNoDelete;
}

private string GetToolTip(string resourceName, string itemName) {
    string tempString = (string) GetLocalResourceObject(resourceName);
    return String.Format((string)GetGlobalResourceObject("GlobalResources","ToolTipFormat"), tempString, itemName);
}

private void BindGrid() {
    string appPath = CurrentPath;
    string parentPath = GetParentPath(appPath);

    Configuration config = OpenWebConfiguration(appPath, true);
    AuthorizationSection auth = (AuthorizationSection) config.GetSection("system.web/authorization");

    Configuration parentConfig = OpenWebConfiguration(parentPath, true);
    AuthorizationSection parentAuth = (AuthorizationSection) parentConfig.GetSection("system.web/authorization");
    ParentRuleCount = parentAuth.Rules.Count;

    GetNotDeletableRules(config);

    ArrayList arr = new ArrayList();
    foreach (AuthorizationRule entry in auth.Rules) {
        arr.Add(entry);
    }

    Session[RULES] = arr;
    dataGrid.DataSource = arr;
    dataGrid.DataBind();
    if (dataGrid.SelectedRow != null) {
        UpdateRowColors(dataGrid, dataGrid.Rows[dataGrid.SelectedRow.RowIndex]); 
    }
}

private void DeleteRule(object sender, EventArgs e) {
    LinkButton button = (LinkButton) sender;
    GridViewRow item = (GridViewRow) button.Parent.Parent;
    AuthorizationRule rule = (AuthorizationRule)Rules[item.RowIndex];
    StringBuilder builder = new StringBuilder();
    builder.Append(rule.Action);
    int i = 0;
    foreach (string u in rule.Users) {
        if (i > 0) {
            builder.Append(", " + u);
        }
        else {
            builder.Append(" " + u);
        }
        i++;
    }
    i = 0;
    foreach (string r in rule.Roles) {
        if (i > 0) {
            builder.Append(", " + r);
        }
        else {
            builder.Append(" " + r);
        }
        i++;
    }
    RuleDescription.Text = builder.ToString();
    Master.SetDisplayUI(true);
    Session["ItemIndex"] = item.RowIndex;
}

private void Yes_Click(object sender, EventArgs e) {    
    Rules.RemoveAt((int)Session["ItemIndex"]);
    UpdateRules();
    dataGrid.SelectedIndex = -1;
    BindGrid();
    Master.SetDisplayUI(false);
}

private void No_Click(object sender, EventArgs e) {
    Master.SetDisplayUI(false);
}


private string GetRoles(object val, bool appendImg) {
    StringBuilder builder = new StringBuilder();
    AuthorizationRule rule = (AuthorizationRule)val;
    if (rule.Roles.Count == 0) {
        return String.Empty;
    }
    for(int i = 0; i < rule.Roles.Count; i++) {
        if (i > 0) {
            builder.Append(", ");
        }
        string role = rule.Roles[i];
        if (role == "*") {
            role = (string)GetLocalResourceObject("BracketAll");
        }
        builder.Append(role);
    }
    if (appendImg) {
        StringBuilder builder2 = new StringBuilder();
        builder2.Append("<img src=\"../../Images/image2.gif\" alt=\"" + (string)GetGlobalResourceObject("GlobalResources", "RoleGif") + " [" + builder.ToString() + "]" + "\"/> ");
        builder2.Append(builder.ToString());
        return builder2.ToString();
    } else {
        return builder.ToString();
    }
}


private string GetUsers(object val, bool appendImg) {
    StringBuilder builder = new StringBuilder();
    AuthorizationRule rule = (AuthorizationRule)val;
    if (rule.Users.Count == 0) {
        return String.Empty;
    }
    for(int i = 0; i < rule.Users.Count; i++) {
        if (i > 0) {
            builder.Append(", ");
        }
        string user = rule.Users[i];
        if (user == "?") {
            user = (string)GetLocalResourceObject("BracketAnonymous");
        }
        else if (user == "*") {
            user = (string)GetLocalResourceObject("BracketAll");
        }
        builder.Append(user);
    }
    if (appendImg) {
        StringBuilder builder2 = new StringBuilder();
        builder2.Append("<img src=\"../../Images/image1.gif\" alt=\"" + (string)GetGlobalResourceObject("GlobalResources", "UserGif") + " [" + builder.ToString() + "]" + "\"/> ");
        builder2.Append(builder.ToString());
        return builder2.ToString();
    } else { 
        return builder.ToString();
    }     
}


private string GetAction(object val) {
    AuthorizationRule rule = (AuthorizationRule)val;
    string ruleAction = "";
    if (rule.Action == AuthorizationRuleAction.Allow) {
        ruleAction = (string)GetLocalResourceObject("Allow");
    } else if (rule.Action == AuthorizationRuleAction.Deny) {
        ruleAction = (string)GetLocalResourceObject("Deny");
    }
    return ruleAction;
}

private string GetUsersAndRoles(object val, bool appendImg) {
    return GetUsers(val, appendImg) + GetRoles(val, appendImg);
}


private bool IsEntryDeleteable(int rowIndex) {
    bool entryIsDeleteable = false;
    if (rowIndex < Rules.Count - ParentRuleCount) {
         entryIsDeleteable = true;
    }
    if (!entryIsDeleteable) {
         return entryIsDeleteable;
    }
    foreach (int index1 in NotDeleteableRules) {
         if (index1 == rowIndex) {
             entryIsDeleteable = false;
         }
    }
    return entryIsDeleteable;
}

private bool IsIE() {
   HttpBrowserCapabilities caps = Page.Request.Browser;
   bool isIE = (caps.Type.IndexOf("IE") > -1);
   return isIE;
}

private void ItemDataBound(object sender, System.Web.UI.WebControls.GridViewRowEventArgs e)
{
   if (e.Row.RowIndex >= Rules.Count - ParentRuleCount) {
       return;
   }
   DataControlRowType itemType = e.Row.RowType;
   if ((itemType == DataControlRowType.Pager) || 
       (itemType == DataControlRowType.Header) || 
       (itemType == DataControlRowType.Footer)) 
   {
      return;
   }

   if (IsIE()) {
       if (IsEntryDeleteable(e.Row.RowIndex)) {
           // if netscape, then selecting the the row
           // will not allow the DeleteRule to fire
           foreach(Control c in e.Row.Cells[0].Controls) {
               LinkButton button = c as LinkButton;
               if (button == null) {
                   continue;
               }
               e.Row.Attributes["onclick"] = Page.GetPostBackClientHyperlink(button, "");
           }
        }
    }
}

private void MoveRuleDown(object sender, EventArgs e) {
    ArrayList rules = Rules;
    int selectedRule = SelectedRule;
    // // Response.Write(selectedRule);

    if(selectedRule >= rules.Count - ParentRuleCount) {
        return;
    }

    AuthorizationRule rule = (AuthorizationRule)rules[selectedRule];
    rules.RemoveAt(selectedRule);
    rules.Insert(selectedRule + 1, rule);
    UpdateRules();
    BindGrid();
    dataGrid.SelectedIndex = selectedRule + 1;
    UpdateRowColors(dataGrid, dataGrid.Rows[selectedRule + 1]);
    SelectedRule = selectedRule + 1;
    UpdateUpDownButtons();
}

private void MoveRuleUp(object sender, EventArgs e) {
    ArrayList rules = Rules;
    int selectedRule = SelectedRule;

    if(selectedRule == 0) {
        return;
    }

    AuthorizationRule rule = (AuthorizationRule)rules[selectedRule];
    rules.RemoveAt(selectedRule);
    rules.Insert(selectedRule - 1, rule);
    UpdateRules();
    BindGrid();
    dataGrid.SelectedIndex = selectedRule - 1;
    UpdateRowColors(dataGrid, dataGrid.Rows[selectedRule - 1]);
    SelectedRule = selectedRule - 1;
    UpdateUpDownButtons();
}

private string GetDirectory(string path) {
    if (path == null) {
        return null;
    }

    if (path.LastIndexOf('/') == -1) {
        return "/";
    }

    return path.Substring(path.LastIndexOf('/') + 1);
}

private void Page_Init() {
    if(!IsPostBack) {
        // Note: treenodes persist when added in Init, before loadViewState
        TreeNode n = new TreeNode(GetDirectory(ApplicationPath), ApplicationPath);
        tv.Nodes.Add(n);
        n.Selected = true;

        if (String.IsNullOrEmpty(CurrentPath)) {
            CurrentPath = ApplicationPath;
        }

        PopulateChildren(n, CurrentPath);
    }
    dataGrid.HeaderStyle.HorizontalAlign = DirectionalityHorizontalAlign;
}

private void Page_Load() {
    if (!IsPostBack) {
        BindGrid();
    }

    HighlightSelectedNode(tv.Nodes[0], CurrentPath);
}

private void PopulateChildren(TreeNode parent, string selectNodeValue) {
    if (parent.ChildNodes.Count == 0) {
        VirtualDirectory vdir = GetVirtualDirectory(parent.Value);
        foreach (VirtualDirectory childVdir in vdir.Directories) {
            string childValue = parent.Value + "/" + childVdir.Name;
            TreeNode newNode = new TreeNode(childVdir.Name, childValue);
            if (selectNodeValue != null && childValue == selectNodeValue) {
                //newNode.Selected = true;
                newNode.SelectAction = TreeNodeSelectAction.Select;
            }
            parent.ChildNodes.Add(newNode);
        }
    }
}

private bool HighlightSelectedNode(TreeNode node, string path) {
    bool foundIt = false;
    foreach (TreeNode childNode in node.ChildNodes) {
        if (childNode.Value == path) {
            childNode.Selected = true;
            foundIt = true;
            break;
        }
    }
    return foundIt;
}

protected void RedirectToCreatePermission(object sender, EventArgs e) {
    Response.Redirect("createPermission.aspx");
}

public void SelectClick(object sender, EventArgs e) {
    LinkButton button = (LinkButton)sender;

    GridViewRow row = (GridViewRow)button.Parent.Parent;
    SelectedRule = row.RowIndex;
    dataGrid.SelectedIndex = SelectedRule;

    UpdateRowColors(dataGrid, row);
    UpdateUpDownButtons();
}

private void SetItemColorRecursive(Control c, Color col) {
    foreach(Control child in c.Controls) {
        LinkButton button = child as LinkButton;
        if (button != null) {
            button.ForeColor = col;
        }
        Label label = child as Label;
        if (label != null) {
            label.ForeColor = col;
        }
        SetItemColorRecursive(child, col);
    }
}

protected void TreeNodeExpanded(Object sender, TreeNodeEventArgs e) {
    foreach(TreeNode child in e.Node.ChildNodes) {
        PopulateChildren(child, CurrentPath);
    }
}

protected void TreeNodeSelected(object sender, EventArgs e) {
    CurrentPath = ((TreeView)sender).SelectedNode.Value;
    dataGrid.SelectedIndex = -1;
    BindGrid();
}

public void UpdateRowColors(Control dataGrid, Control item) {
    if (item == null) {
        // unexpected condition -exit gracefully
        return;
    }

    string prevItemID = (string)Session[SELECTED_ITEM];
    if (prevItemID != null) {
        GridViewRow prevItem = (GridViewRow) ((GridView)dataGrid).FindControl(prevItemID);
        if (prevItem != null) {
            // REVIEW
            SetItemColorRecursive(prevItem, Color.Black);
            // prevButton.ForeColor = Color.Black;
        }
    }

    SetItemColorRecursive(item, Color.White);
    // Review: best practice for a naming container inside a user control.
    string id = item.UniqueID;
    int i = id.IndexOf(((GridView)dataGrid).ID);
    id = id.Substring(i);
    i = id.IndexOf("$");
    id = id.Substring(i + 1);
    Session[SELECTED_ITEM] = id ;
}

private void UpdateRules() {
    Configuration config = OpenWebConfiguration(CurrentPath, true);
    AuthorizationSection auth = (AuthorizationSection) config.GetSection("system.web/authorization");
    auth.Rules.Clear();
    ArrayList rules = Rules;
    foreach (AuthorizationRule rule in rules) {
        // // Response.Write("rule <br/>");
        auth.Rules.Add(rule);
    }

    // auth.IsModified = true;
    SaveConfig(config);
}

private void UpdateUpDownButtons() {
    int index = SelectedRule;
    moveDown.Enabled = (index < Rules.Count - ParentRuleCount - 1);
    moveUp.Enabled = (index > 0); 

}
</script>


<asp:content runat="server" contentplaceholderid="buttons">
<asp:button ValidationGroup="none" runat="server" id="button1" text="<%$ Resources:Done %>" onclick="ReturnToPreviousPage"/>
</asp:content>

<asp:content runat="server" contentplaceholderid="titleBar">
<asp:literal runat="server" text="<%$ Resources:ManageAccessRules %>" />
</asp:content>

<asp:content runat="server" contentplaceholderid="content" >
<asp:literal runat="server" text="<%$ Resources:Instructions %>" />
<table width="100%">
    <tr>
        <td width="80%">
            <table cellspacing="0" width="100%" cellpadding="4" rules="none" bordercolor="#CCDDEF" border="1" style="border-color:#CCDDEF;border-style:None;border-collapse:collapse;">
                <tr class="callOutStyle">
                    <td colspan="3" id="ManageAccessRulesHeader"><h1 class="callOutHeaderStyle"><asp:literal runat="server" text="<%$ Resources:ManageAccessRules %>"/></h1></td>
                </tr>
                <tr align="=<% DirectionalityHorizontalAlign.ToString(); %>">
                    <td valign="top" width="200px" align="=<% DirectionalityHorizontalAlign.ToString(); %>">

                                    <asp:panel runat="server" id="panel1" scrollbars="auto" height="150px" width="200px" cssclass="bodyTextNoPadding">
                                        <asp:treeView runat="server" id="tv" onSelectedNodeChanged="TreeNodeSelected" onTreeNodeExpanded="TreeNodeExpanded" nodeStyle-cssClass="bodyTextLowPadding" >
                                            <RootNodeStyle ImageUrl="../../images/folder.gif" />
                                            <ParentNodeStyle ImageUrl="../../images/folder.gif" />
                                            <LeafNodeStyle ImageUrl="../../images/folder.gif" />
                                            <nodestyle cssClass="bodyTextLowPadding"/>
                                            <selectedNodeStyle cssClass="bodyTextLowPaddingSelected"/>
                                        </asp:treeView>
                                    </asp:panel>


                    </td>
                    <td valign="top">
                        <asp:gridview runat="server" id="dataGrid" bordercolor="#CCDDEF" allowsorting="true" gridlines="Horizontal"
                            borderstyle="None" cellpadding="4" autogeneratecolumns="False" onrowdatabound="ItemDataBound" width="100%" UseAccessibleHeader="true">

                            <rowstyle cssclass="gridRowStyle" />
                            <alternatingrowstyle cssclass="gridAlternatingRowStyle" />
                            <headerstyle cssclass="callOutStyle" font-bold="true" />
                            <selectedrowstyle cssclass="gridSelectedRowStyle"/>
                            <pagerstyle forecolor="#000000" backcolor="#EEEEEE"/>
                            <pagersettings mode="Numeric"/>

                            <columns>
                                <asp:templatefield headertext="<%$ Resources:Select%>" visible="false">
                                    <itemtemplate>
                                        <asp:linkbutton runat="server" commandname="Select" forecolor='black' onclick="SelectClick" text=""/>
                                    </itemtemplate>
                                </asp:templatefield>

                                <asp:templatefield headertext="<%$ Resources:Permission %>">
                                    <itemtemplate>
                                        <asp:label runat="server" id="select" enabled="<%# IsEntryDeleteable(((GridViewRow) Container).RowIndex) %>" text="<%#GetAction((AuthorizationRule)Container.DataItem)%>"/>
                                    </itemtemplate>
                                </asp:templatefield>

                                <asp:templatefield headertext="<%$ Resources:UsersAndRoles %>">
                                    <itemtemplate>
                                        <asp:linkbutton runat="server" id="selectme" enabled="<%# IsEntryDeleteable(((GridViewRow) Container).RowIndex) %>" forecolor="black" onclick="SelectClick" text="<%#GetUsersAndRoles((AuthorizationRule)Container.DataItem, true)%>"/>
                                    </itemtemplate>
                                </asp:templatefield>

                                <asp:templatefield headertext="<%$ Resources:Delete %>">
                                    <itemtemplate>
                                        <asp:linkbutton runat="server" id="delete" enabled="<%# IsEntryDeleteable(((GridViewRow) Container).RowIndex) %>" forecolor='black' onClick="DeleteRule" text="<%$ Resources:Delete %>" toolTip='<%# GetToolTip("Delete",GetUsersAndRoles((AuthorizationRule)Container.DataItem, false)) %>'/>
                                    </itemtemplate>
                                </asp:templatefield>
                            </columns>
                        </asp:gridview>

                        <asp:linkButton runat="server" id="linkButton1" cssClass="bodyTextNoPadding" text="<%$ Resources:AddNewAccessRule %>" onClick="RedirectToCreatePermission"/>
                    </td>
                    <td valign="top">
                        <asp:button runat="server" id="moveUp" text="<%$ Resources:MoveUp %>" enabled="false" onClick="MoveRuleUp" width="110px"/>
                        <br/>
                        <asp:button runat="server" id="moveDown" text="<%$ Resources:MoveDown %>" enabled="false" onClick="MoveRuleDown" width="110px"/>
                    </td>
                </tr>
            </table>
        </td>
    </tr>
</table>
</asp:content>

<%-- Confirmation Dialog --%>
<asp:content runat="server" contentplaceholderid="dialogTitle">
<asp:literal runat="server" text="<%$ Resources:RuleManagement %>" />
</asp:content>

<asp:content runat="server" contentplaceholderid="dialogContent">

    <img src="../../Images/alert_lrg.gif"/>
    <asp:literal runat="server" text="<%$ Resources:AreYouSure %>" /> "<asp:Label runat=server id="RuleDescription" />"?
</asp:content>

<asp:content runat="server" contentplaceholderid="dialogBottomLeftButton">
    <asp:Button runat="server" OnClick="Yes_Click" Text="<%$ Resources:Yes %>" width="100"/>
</asp:content>

<asp:content runat="server" contentplaceholderid="dialogBottomRightButton">
    <asp:Button runat="server" OnClick="No_Click" Text="<%$ Resources:No %>" width="100"/>
</asp:content>