/// <summary>
/// 从XML用户权限中加用户权限定义对象
/// </summary>
/// <returns></returns>
private static UserPermissionDescriptor Load()
{
if (!File.Exists(UserPermissionDescriptor.UserPermissionFilePath))
{
throw new ArgumentNullException("用户权限配置文件不存在!");
}
XElement root = XElement.Load(UserPermissionDescriptor.UserPermissionFilePath);
UserPermissionDescriptor desc = new UserPermissionDescriptor();
var items = root.Elements().Where(p => p.Name.LocalName == UserPermissionDescriptor.Current.PermissionDefine.NodeNameDefine).ToArray();
if (items.Length == 0)
{
return(desc);
}
for (int i = 0; i < items.Length; i++)
{
var permission = new PermissionDescriptor();
// 解析流程步骤
permission.Key = items[i].GetAttributeValue <string>(UserPermissionDescriptor.Current.PermissionDefine.KeyDefine);
permission.Group = items[i].GetAttributeValue <string>(UserPermissionDescriptor.Current.PermissionDefine.GroupDefine);
permission.Text = items[i].GetAttributeValue <string>(UserPermissionDescriptor.Current.PermissionDefine.Text);
desc.Permission.Add(permission);
}
return(desc);
}
public void RegisterPermissionDescriptorShouldWork()
{
var currentUserPermissionService = new Mock<ICurrentUserPermissionService>();
var accessControlManager = new AccessControlManager(currentUserPermissionService.Object);
var permissionDescriptor = new PermissionDescriptor();
accessControlManager.RegisterPermissionDescriptor(permissionDescriptor);
}
public void RegisterPermissionDescriptorShouldWork()
{
var currentUserPermissionService = new Mock <ICurrentUserPermissionService>();
var accessControlManager = new AccessControlManager(currentUserPermissionService.Object);
var permissionDescriptor = new PermissionDescriptor();
accessControlManager.RegisterPermissionDescriptor(permissionDescriptor);
}
public static Error PermissionDenied(PermissionDescriptor requiredPermission)
{
return(NotFound(
$"The permission to execute this action were denied. Required permission: {requiredPermission.Key}",
ServiceErrorCode.PermissionDenied,
new Dictionary <string, string> {
{ "requiredPermission", requiredPermission.Key }
}));
}
public async Task CheckPermissions_HasOnePermission_Succeed()
{
// arrange
var permission = new PermissionDescriptor <bool>("Test");
var participantPermissions = CreateParticipantPermissions(permission.Configure(true));
var context = CreateContext(builder =>
builder.RegisterInstance(participantPermissions).AsImplementedInterfaces());
// act
var result = await ServiceInvokerPermissionMiddleware.CheckPermissions(context, permission);
// assert
Assert.True(result.Success);
}
public async Task CheckPermissions_RequireMultiplePermissionsAndDoesntHaveAll_Fail()
{
// arrange
var permission = new PermissionDescriptor <bool>("Test");
var permission2 = new PermissionDescriptor <bool>("Test2");
var participantPermissions = CreateParticipantPermissions(permission.Configure(true));
var context = CreateContext(builder =>
builder.RegisterInstance(participantPermissions).AsImplementedInterfaces());
// act
var result = await ServiceInvokerPermissionMiddleware.CheckPermissions(context, permission, permission2);
// assert
Assert.False(result.Success);
}
public async Task CheckPermissions_DoesntHavePermission_Fail()
{
// arrange
var permission = new PermissionDescriptor <bool>("Test");
var participantPermissions = CreateParticipantPermissions();
var context = CreateContext(builder =>
builder.RegisterInstance(participantPermissions).AsImplementedInterfaces());
// act
var result = await ServiceInvokerPermissionMiddleware.CheckPermissions(context, permission);
// assert
Assert.False(result.Success);
Assert.Equal(result.Error?.Code, CommonError.PermissionDenied(permission).Code);
}
public static bool ValidateValue(this PermissionDescriptor permissionDescriptor, JValue value)
{
switch (permissionDescriptor.Type)
{
case PermissionValueType.Boolean:
return(value.Type == JTokenType.Boolean);
case PermissionValueType.Integer:
return(value.Type == JTokenType.Integer);
case PermissionValueType.Decimal:
return(value.Type == JTokenType.Float);
case PermissionValueType.Text:
return(value.Type == JTokenType.String);
default:
throw new ArgumentOutOfRangeException();
}
}
public static KeyValuePair <string, JValue> Configure <T>(this PermissionDescriptor <T> permissionDescriptor,
T value) where T : notnull
{
return(new(permissionDescriptor.Key, (JValue)JToken.FromObject(value)));
}
