Archive

Posts Tagged ‘Security’

SharePoint User Rights: Personal Permissions

January 4, 2008 Simeon Lobo Leave a comment

 SharePoint defines 33 separate user rights divided into three categories: list permissions, site permissons and personal permissions.The below is a description of user rights categorised by personal permissions. 

Right Description
Manage Personal Views Create, change, and delete personal views of lists.
Add/Remove Private Web Parts Add or remove private web parts on a web part page.
Update Personal Web Parts

Update web parts to display personalized information.
Categories: Analytical, Technical Tags: , , ,

SharePoint User Rights: Site Permissions

January 4, 2008 Simeon Lobo 1 comment

 SharePoint defines 33 separate user rights divided into three categories: list permissions, site permissons and personal permissions.The below is a description of user rights categorised by site permissions. 

Right Description
Manage Permissions Create and change permission levels on the web site and assign permissions to users and groups.
View Usage Data View reports on web site usage.
Create Subsites Create subsites such as team sites, meeting workspace sites, and document workspace sites.
Manage Web Site Grant the ability to perform all administration tasks for the web site as well as manage content and permissions.
Add and Customize Pages Add, change, or delete HTML pages or web part pages, and edit the web site using a Windows SharePoint Services–compatible editor.
Apply Themes and Borders Apply a theme or borders to the entire web site.
Apply Style Sheets Apply a style sheet (CSS file) to the web site.
Create Groups Create a group of users that can be used anywhere within the site collection.
Browse Directories Enumerate files and folders in a web site using SharePoint Designer and WebDAV interfaces.
Use Self-Service Site Creation Create a web site using self-service site creation.
View Pages View pages in a web site.
Enumerate Permissions Enumerate permissions on the web site, list, folder, document, or list item.
Browse User Information View information about users of the web site.
Manage Alerts Manage alerts for all users of the web site.
Use Remote Interfaces Use SOAP, WebDAV, or SharePoint Designer interfaces to access the web site.
Use Client Integration Features Use features that launch client applications. Without this permission, users will have to work on documents locally and upload their changes.
Open Allow users to open a web site, list, or folder in order to access items inside that container.
Edit Personal User Information Allow a user to change his or her own user information, such as adding a picture.
Categories: Analytical, Technical Tags: , , ,

SharePoint User Rights: List Permissions

January 4, 2008 Simeon Lobo 1 comment

SharePoint defines 33 separate user rights divided into three categories: list permissions, site permissons and personal permissions.

The below is a description of user rights categorised by list permissions.

Right

 Description
Manage Lists Create and delete lists, add or remove columns in a list, and add or remove public views of a list. 
Override Check Out Discard or check in a document that is checked out to another user. 
Add Items Add items to lists, add documents to document libraries, and add web discussion comments. 
Edit Items Edit items in lists, edit documents in document libraries, edit web discussion comments in documents, and customize web part pages in document libraries. 
Delete Items Delete items from a list, documents from a document library, and web discussion comments in documents. 
View Items View items in lists, documents in document libraries, and web discussion comments. 
Approve Items Approve a minor version of a list item or document. 
Open Items View the source of documents with server-side file handlers.
View Versions View past versions of a list item or document. 
Delete Versions Delete past versions of a list item or document. 
Create Alerts Create e-mail alerts. 
View Application Pages View forms, views, and application pages. Enumerate lists. 
Categories: Analytical, Technical Tags: , , ,

.NET Security: Class for Symmetric Encryption

December 24, 2007 Simeon Lobo Leave a comment

Reusable class that seamlessly abstracts Symmetric Encryption

using System;

using System.IO;

using System.Security.Cryptography;

using System.Text;

namespace Simeon.Lobo.Security

{

    public class SymmetricEncryption

    {

        public SymmetricEncryption()

        {

            this.Algorithm = SymmetricAlgorithm.Create();

            for (int num1 = 0; num1 < this.Algorithm.LegalKeySizes.Length; num1++)

            {

                this.KeySize = this.Algorithm.LegalKeySizes[num1].MinSize;

                if (this.Algorithm.ValidKeySize(this.KeySize))

                {

                    break;

                }

            }

            this.Algorithm.Mode = CipherMode.ECB;

        }

        public SymmetricEncryption(SymmetricAlgorithm Algorithm)

        {

            this.Algorithm = Algorithm;

            for (int num1 = 0; num1 < this.Algorithm.LegalKeySizes.Length; num1++)

            {

                this.KeySize = this.Algorithm.LegalKeySizes[num1].MinSize;

                if (this.Algorithm.ValidKeySize(this.KeySize))

                {

                    return;

                }

            }

        }

        public SymmetricEncryption(SymmetricAlgorithm Algorithm, int KeySize)

        {

            this.Algorithm = Algorithm;

            if (!this.Algorithm.ValidKeySize(KeySize))

            {

                for (int num1 = 0; num1 < this.Algorithm.LegalKeySizes.Length; num1++)

                {

                    this.KeySize = this.Algorithm.LegalKeySizes[num1].MinSize;

                    if (this.Algorithm.ValidKeySize(this.KeySize))

                    {

                        return;

                    }

                }

            }

        }

        private string ByteArrayToString(byte[] source)

        {

            string text1 = string.Empty;

            StringBuilder builder1 = new StringBuilder(source.Length);

            foreach (byte num1 in source)

            {

                builder1.Append((char)num1);

            }

            return builder1.ToString();

        }

        public string Decode(string Input)

        {

            return this.ByteArrayToString(Convert.FromBase64String(Input));

        }

        private string Decrypt(string plaintext, byte[] key, byte[] initializationVector)

        {

            string text1 = string.Empty;

            try

            {

                MemoryStream stream1 = new MemoryStream();

                CryptoStream stream2 = new CryptoStream(stream1, this.Algorithm.CreateDecryptor(key, initializationVector), CryptoStreamMode.Write);

                stream2.Write(this.StringToByteArray(plaintext), 0, plaintext.Length);

                stream2.FlushFinalBlock();

                stream2.Flush();

                stream2.Close();

                text1 = this.MemoryStreamToString(stream1);

                stream1.Close();

                return text1;

            }

            catch (Exception)

            {

                return “”;

            }

        }

        public string DecryptString(string Input, string Key)

        {

            return this.DecryptString(Input, Key, Key);

        }

        public string DecryptString(string Input, string Key, string IV)

        {

            try

            {

                if (Key.Length != 0)

                {

                    goto Label_0019;

                }

                return “”;

            Label_0010:

                Key = Key + Key;

            Label_0019:

                if (Key.Length >= this.KeySize)

                {

                    Key = Key.Substring(0, this.KeySize);

                    if (IV.Length == 0)

                    {

                        IV = Key;

                    }

                    while (IV.Length < 0×10)

                    {

                        IV = IV + IV;

                    }

                    IV = IV.Substring(0, 0×10);

                    byte[] buffer1 = this.StringToByteArray(Key);

                    byte[] buffer2 = this.StringToByteArray(IV);

                    return this.Decrypt(this.Decode(Input), buffer1, buffer2);

                }

                goto Label_0010;

            }

            catch (Exception)

            {

                return “”;

            }

        }

        public string Encode(string Input)

        {

            return Convert.ToBase64String(this.StringToByteArray(Input));

        }

        private string Encrypt(string plaintext, byte[] key, byte[] initializationVector)

        {

            string text1 = string.Empty;

            try

            {

                MemoryStream stream1 = new MemoryStream();

                CryptoStream stream2 = new CryptoStream(stream1, this.Algorithm.CreateEncryptor(key, initializationVector), CryptoStreamMode.Write);

                stream2.Write(this.StringToByteArray(plaintext), 0, plaintext.Length);

                stream2.FlushFinalBlock();

                stream2.Flush();

                stream2.Close();

                text1 = this.MemoryStreamToString(stream1);

                stream1.Close();

                return text1;

            }

            catch (Exception)

            {

                return text1;

            }

        }

        public string EncryptString(string Input, string Key)

        {

            return this.EncryptString(Input, Key, Key);

        }

        public string EncryptString(string Input, string Key, string IV)

        {

            try

            {

                if (Key.Length != 0)

                {

                    goto Label_0019;

                }

                return “”;

            Label_0010:

                Key = Key + Key;

            Label_0019:

                if (Key.Length >= this.KeySize)

                {

                    Key = Key.Substring(0, this.KeySize);

                    if (IV.Length == 0)

                    {

                        IV = Key;

                    }

                    while (IV.Length < 0×10)

                    {

                        IV = IV + IV;

                    }

                    IV = IV.Substring(0, 0×10);

                    byte[] buffer1 = this.StringToByteArray(Key);

                    byte[] buffer2 = this.StringToByteArray(IV);

                    return this.Encode(this.Encrypt(Input, buffer1, buffer2));

                }

                goto Label_0010;

            }

            catch (Exception)

            {

                return “”;

            }

        }

        private string MemoryStreamToString(MemoryStream source)

        {

            string text1 = string.Empty;

            return this.ByteArrayToString(source.ToArray());

        }

        private byte[] StringToByteArray(string s)

        {

            byte[] buffer1 = new byte[s.Length];

            for (int num1 = 0; num1 < s.Length; num1++)

            {

                buffer1[num1] = (byte)s[num1];

            }

            return buffer1;

        }

        public SymmetricAlgorithm Algorithm

        {

            get

            {

                return this.moAlgorithm;

            }

            set

            {

                this.moAlgorithm = value;

            }

        }

        public int KeySize

        {

            get

            {

                return this.mKeySize;

            }

            set

            {

                this.mKeySize = value / 8;

            }

        }

        private int mKeySize;

        private SymmetricAlgorithm moAlgorithm;

    }

}

 

 
Categories: Technical Tags: , ,