internal SnAccessControlList BuildAcl(SnAccessControlList acl)
{
//var principals = GetEffectedPrincipals();
var aces = new Dictionary<int, SnAccessControlEntry>();
for (var permInfo = this; permInfo != null; permInfo = permInfo.Inherits ? permInfo.Parent : null)
{
foreach (var permSet in permInfo.PermissionSets)
{
// get ace by princ
var princ = permSet.PrincipalId;
SnAccessControlEntry ace;
if (!aces.TryGetValue(princ, out ace))
{
ace = SnAccessControlEntry.CreateEmpty(princ, permSet.Propagates);
aces.Add(princ, ace);
}
// get permissions and paths
int mask = 1;
for (int i = 0; i < ActiveSchema.PermissionTypes.Count; i++)
{
var permission = ace.Permissions.ElementAt(i);
if (!permission.Deny)
{
if ((permSet.DenyBits & mask) != 0)
{
permission.Deny = true;
permission.DenyFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, true);
}
}
if (!permission.Allow)
{
var allow = (permSet.AllowBits & mask) != 0;
if ((permSet.AllowBits & mask) != 0)
{
permission.Allow = true;
permission.AllowFrom = SearchFirstPath(acl.Path, permInfo, permSet, mask, false);
}
}
mask = mask << 1;
}
}
}
acl.Inherits = acl.Path == this.Path ? this.Inherits : true;
acl.Entries = aces.Values.ToArray();
return acl;
}
private string SearchFirstPath(string aclPath, PermissionInfo basePermInfo, PermissionSet permSet, int mask, bool deny)