Beispiel #1
0
        public virtual async Task SeedAsync(
            string providerName,
            string providerKey,
            IEnumerable <string> grantedPermissions,
            Guid?tenantId = null)
        {
            using (CurrentTenant.Change(tenantId))
            {
                var names = grantedPermissions.ToArray();
                var existsPermissionGrants = (await PermissionGrantRepository.GetListAsync(names, providerName, providerKey)).Select(x => x.Name).ToList();

                foreach (var permissionName in names.Except(existsPermissionGrants))
                {
                    await PermissionGrantRepository.InsertAsync(
                        new PermissionGrant(
                            GuidGenerator.Create(),
                            permissionName,
                            providerName,
                            providerKey,
                            tenantId
                            )
                        );
                }
            }
        }
        protected virtual async Task GrantAsync(string permissionName, string providerName, string providerScope, string providerKey)
        {
            var permissionGrant = await PermissionGrantRepository.FindAsync(permissionName, providerName, providerKey);

            if (permissionGrant != null)
            {
                if (permissionGrant.ProviderScope == providerScope)
                {
                    return;
                }
                permissionGrant.ProviderScope = providerScope;
                await PermissionGrantRepository.UpdateAsync(permissionGrant);
            }

            await PermissionGrantRepository.InsertAsync(
                new PermissionGrant (
                    GuidGenerator.Create(),
                    permissionName,
                    providerName,
                    providerScope,
                    providerKey,
                    CurrentTenant.Id
                    )
                );
        }
        public virtual async Task SeedAsync(
            string providerName,
            string providerKey,
            Dictionary <string, string> permissions,
            Guid?tenantId = null)
        {
            foreach (var permission in permissions)
            {
                var permissionGrant = await PermissionGrantRepository.FindAsync(permission.Key, providerName, providerKey);

                if (permissionGrant != null)
                {
                    if (permissionGrant.ProviderScope == permission.Value)
                    {
                        continue;
                    }
                    permissionGrant.ProviderScope = permission.Value;
                    await PermissionGrantRepository.UpdateAsync(permissionGrant);
                }

                await PermissionGrantRepository.InsertAsync(
                    new PermissionGrant (
                        GuidGenerator.Create(),
                        permission.Key,
                        providerName,
                        permission.Value,
                        providerKey,
                        tenantId
                        )
                    );
            }
        }
        public virtual async Task UpdateAsync(string providerName, string providerKey, UpdatePermissionsDto input)
        {
            await CheckProviderPolicy(providerName);

            var permissions = await PermissionGrantRepository.GetListAsync(providerName, providerKey);

            foreach (var permission in input.Permissions)
            {
                var editPermission = permissions.FirstOrDefault(p => p.Name.Equals(permission.Name));
                if (editPermission == null)
                {
                    if (permission.IsGranted)
                    {
                        var permissionGrant = new PermissionGrant(GuidGenerator.Create(),
                                                                  permission.Name, providerName, providerKey, CurrentTenant.Id);
                        await PermissionGrantRepository.InsertAsync(permissionGrant);
                    }
                }
                else
                {
                    if (!permission.IsGranted)
                    {
                        await PermissionGrantRepository.DeleteAsync(editPermission.Id);
                    }
                }
            }
        }
Beispiel #5
0
    protected virtual async Task <List <KeyValuePair <string, PermissionGrantCacheItem> > > SetCacheItemsAsync(
        string providerName,
        string providerKey,
        List <string> notCacheKeys)
    {
        var permissions = PermissionDefinitionManager.GetPermissions().Where(x => notCacheKeys.Any(k => GetPermissionNameFormCacheKeyOrNull(k) == x.Name)).ToList();

        Logger.LogDebug($"Getting not cache granted permissions from the repository for this provider name,key: {providerName},{providerKey}");

        var grantedPermissionsHashSet = new HashSet <string>(
            (await PermissionGrantRepository.GetListAsync(notCacheKeys.Select(GetPermissionNameFormCacheKeyOrNull).ToArray(), providerName, providerKey)).Select(p => p.Name)
            );

        Logger.LogDebug($"Setting the cache items. Count: {permissions.Count}");

        var cacheItems = new List <KeyValuePair <string, PermissionGrantCacheItem> >();

        foreach (var permission in permissions)
        {
            var isGranted = grantedPermissionsHashSet.Contains(permission.Name);

            cacheItems.Add(new KeyValuePair <string, PermissionGrantCacheItem>(
                               CalculateCacheKey(permission.Name, providerName, providerKey),
                               new PermissionGrantCacheItem(isGranted))
                           );
        }

        await Cache.SetManyAsync(cacheItems);

        Logger.LogDebug($"Finished setting the cache items. Count: {permissions.Count}");

        return(cacheItems);
    }
Beispiel #6
0
        public virtual async Task SeedAsync(
            string providerName,
            string providerKey,
            IEnumerable <string> grantedPermissions,
            Guid?tenantId = null)
        {
            using (CurrentTenant.Change(tenantId))
            {
                foreach (var permissionName in grantedPermissions)
                {
                    if (await PermissionGrantRepository.FindAsync(permissionName, providerName, providerKey) != null)
                    {
                        continue;
                    }

                    await PermissionGrantRepository.InsertAsync(
                        new PermissionGrant(
                            GuidGenerator.Create(),
                            permissionName,
                            providerName,
                            providerKey,
                            tenantId
                            )
                        );
                }
            }
        }
Beispiel #7
0
        protected virtual async Task <PermissionGrantCacheItem> GetCacheItemAsync(string name, string providerName, string providerKey)
        {
            var cacheKey = CalculateCacheKey(name, providerName, providerKey);

            Logger.LogDebug($"PermissionStore.GetCacheItemAsync: {cacheKey}");

            var cacheItem = await Cache.GetAsync(cacheKey);

            if (cacheItem != null)
            {
                Logger.LogDebug($"Found in the cache: {cacheKey}");
                return(cacheItem);
            }

            Logger.LogDebug($"Not found in the cache, getting from the repository: {cacheKey}");

            cacheItem = new PermissionGrantCacheItem(
                name,
                (await PermissionGrantRepository.FindAsync(name, providerName, providerKey)) != null
                );

            Logger.LogDebug($"Setting the cache item: {cacheKey}");

            await Cache.SetAsync(
                cacheKey,
                cacheItem
                );

            Logger.LogDebug($"Finished setting the cache item: {cacheKey}");

            return(cacheItem);
        }
        public override async Task <PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
        {
            if (providerName == Name)
            {
                return(new PermissionValueProviderGrantInfo(
                           await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null,
                           providerKey
                           ));
            }

            if (providerName == "User")
            {
                var userId    = Guid.Parse(providerKey);
                var roleNames = await _identityUserRepository.GetRoleNamesAsync(userId);

                foreach (var roleName in roleNames)
                {
                    var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, roleName);

                    if (permissionGrant != null)
                    {
                        return(new PermissionValueProviderGrantInfo(true, roleName));
                    }
                }
            }

            return(PermissionValueProviderGrantInfo.NonGranted);
        }
Beispiel #9
0
        public virtual async Task DeleteAsync(string providerName, string providerKey)
        {
            var permissionGrants = await PermissionGrantRepository.GetListAsync(providerName, providerKey);

            foreach (var permissionGrant in permissionGrants)
            {
                await PermissionGrantRepository.DeleteAsync(permissionGrant);
            }
        }
        public virtual async Task <PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
        {
            if (providerName != Name)
            {
                return(PermissionValueProviderGrantInfo.NonGranted);
            }

            return(new PermissionValueProviderGrantInfo(await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null, providerKey));
        }
Beispiel #11
0
        /// <summary>
        /// 撤销
        /// </summary>
        /// <param name="name"></param>
        /// <param name="providerKey"></param>
        /// <returns></returns>
        protected virtual async Task RevokeAsync(string name, string providerKey)
        {
            var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, providerKey);

            if (permissionGrant == null)
            {
                return;
            }
            await PermissionGrantRepository.DeleteAsync(permissionGrant);
        }
Beispiel #12
0
        /// <summary>
        /// 授权
        /// </summary>
        /// <param name="name"></param>
        /// <param name="providerKey"></param>
        /// <returns></returns>
        protected virtual async Task GrantAsync(string name, string providerKey)
        {
            var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, providerKey);

            if (permissionGrant != null)
            {
                return;
            }

            await PermissionGrantRepository.InsertAsync(new PermissionGrant(IDUtils.NewId(), name, Name, providerKey, CurrentTenant.Id));
        }
Beispiel #13
0
        public override async Task <PermissionGrantInfo> CheckAsync(string name, string providerName, string providerKey)
        {
            if (providerName == Name)
            {
                var permissionGrant = await PermissionGrantRepository.FindAsync(name, providerName, providerKey);

                return(new PermissionGrantInfo(
                           permissionGrant != null,
                           permissionGrant?.ProviderScope ?? nameof(PermissionScopeType.Prohibited),
                           providerKey
                           ));
            }

            var permissionGrantResult = PermissionGrantInfo.NonGranted;

            if (providerName == UserPermissionValueProvider.ProviderName)
            {
                var userId = Guid.Parse(providerKey);
                var roles  = await UserRoleFinder.GetRolesAsync(userId);

                foreach (var role in roles)
                {
                    var result = await PermissionGrantRepository.FindAsync(name, Name, role);

                    if (result == null)
                    {
                        continue;
                    }

                    // 以角色的最大权限为主
                    var permissionGrantScope = PermissionScopeType.Prohibited;
                    if (Enum.TryParse(permissionGrantResult.ProviderScope, out PermissionScopeType ps))
                    {
                        permissionGrantScope = ps;
                    }

                    var resultScope = PermissionScopeType.Prohibited;
                    if (Enum.TryParse(result.ProviderScope, out PermissionScopeType rs))
                    {
                        resultScope = rs;
                    }

                    if (resultScope > permissionGrantScope)
                    {
                        permissionGrantResult = new PermissionGrantInfo(true, result.ProviderScope, role);
                    }
                }
            }

            return(permissionGrantResult);
        }
        public virtual async Task <PermissionGrantInfo> CheckAsync(string name, string providerName, string providerKey)
        {
            if (providerName != Name)
            {
                return(PermissionGrantInfo.NonGranted);
            }

            var permissionGrant = await PermissionGrantRepository.FindAsync(name, providerName, providerKey);

            return(new PermissionGrantInfo(
                       permissionGrant != null,
                       permissionGrant?.ProviderScope ?? nameof(PermissionScopeType.Prohibited),
                       providerKey
                       ));
        }
Beispiel #15
0
        public virtual async Task <PermissionGrant> UpdateProviderKeyAsync(PermissionGrant permissionGrant, string providerKey)
        {
            using (CurrentTenant.Change(permissionGrant.TenantId))
            {
                //Invalidating the cache for the old key
                await Cache.RemoveAsync(
                    PermissionGrantCacheItem.CalculateCacheKey(
                        permissionGrant.Name,
                        permissionGrant.ProviderName,
                        permissionGrant.ProviderKey
                        )
                    );
            }

            permissionGrant.ProviderKey = providerKey;
            return(await PermissionGrantRepository.UpdateAsync(permissionGrant));
        }
        protected virtual async Task GrantAsync(string name, string providerKey)
        {
            var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, providerKey).ConfigureAwait(false);

            if (permissionGrant != null)
            {
                return;
            }

            await PermissionGrantRepository.InsertAsync(
                new PermissionGrant(
                    GuidGenerator.Create(),
                    name,
                    Name,
                    providerKey,
                    CurrentTenant.Id
                    )
                ).ConfigureAwait(false);
        }
Beispiel #17
0
        public virtual async Task <MultiplePermissionValueProviderGrantInfo> CheckAsync(string[] names, string providerName, string providerKey)
        {
            var multiplePermissionValueProviderGrantInfo = new MultiplePermissionValueProviderGrantInfo(names);

            if (providerName != Name)
            {
                return(multiplePermissionValueProviderGrantInfo);
            }

            var permissionGrants = await PermissionGrantRepository.GetListAsync(names, providerName, providerKey);

            foreach (var permissionName in names)
            {
                var isGrant = permissionGrants.Any(x => x.Name == permissionName);
                multiplePermissionValueProviderGrantInfo.Result[permissionName] = new PermissionValueProviderGrantInfo(isGrant, providerKey);
            }

            return(multiplePermissionValueProviderGrantInfo);
        }
Beispiel #18
0
        public async Task HandleEventAsync(CreateEventData eventData)
        {
            using (var unitOfWork = UnitOfWorkManager.Begin())
            {
                // 订阅租户新增事件,置入管理员角色所有权限
                using (CurrentTenant.Change(eventData.Id, eventData.Name))
                {
                    var definitionPermissions = PermissionDefinitionManager.GetPermissions();
                    var grantPermissions      = definitionPermissions
                                                .Where(p => p.MultiTenancySide.HasFlag(MultiTenancySides.Tenant))
                                                .Select(p => p.Name).ToArray();
                    //var grantPermissions = new List<PermissionGrant>();
                    //foreach (var permission in definitionPermissions)
                    //{
                    //    var permissionGrant = new PermissionGrant(GuidGenerator.Create(),
                    //            permission.Name, "R", "admin", eventData.Id);
                    //    grantPermissions.Add(permissionGrant);
                    //}
                    // TODO: MySql 批量新增还是一条一条的语句?
                    // await PermissionGrantRepository.GetDbSet().AddRangeAsync(grantPermissions);

                    var dbContext = await PermissionGrantRepository.GetDbContextAsync();

                    var permissionEntityType     = dbContext.Model.FindEntityType(typeof(PermissionGrant));
                    var permissionTableName      = permissionEntityType.GetTableName();
                    var batchInsertPermissionSql = string.Empty;
                    if (dbContext.Database.IsMySql())
                    {
                        batchInsertPermissionSql = BuildMySqlBatchInsertScript(permissionTableName, eventData.Id, grantPermissions);
                    }
                    else
                    {
                        batchInsertPermissionSql = BuildSqlServerBatchInsertScript(permissionTableName, eventData.Id, grantPermissions);
                    }
                    await dbContext.Database.ExecuteSqlRawAsync(batchInsertPermissionSql);

                    await unitOfWork.SaveChangesAsync();
                }
            }
        }
Beispiel #19
0
        protected virtual async Task <PermissionGrantCacheItem> GetCacheItemAsync(string name, string providerName, string providerKey)
        {
            var cacheKey  = CalculateCacheKey(name, providerName, providerKey);
            var cacheItem = await Cache.GetAsync(cacheKey);

            if (cacheItem != null)
            {
                return(cacheItem);
            }

            cacheItem = new PermissionGrantCacheItem(
                name,
                await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null
                );

            await Cache.SetAsync(
                cacheKey,
                cacheItem
                );

            return(cacheItem);
        }
    public override async Task <MultiplePermissionValueProviderGrantInfo> CheckAsync(string[] names, string providerName, string providerKey)
    {
        var multiplePermissionValueProviderGrantInfo = new MultiplePermissionValueProviderGrantInfo(names);
        var permissionGrants = new List <PermissionGrant>();

        if (providerName == Name)
        {
            permissionGrants.AddRange(await PermissionGrantRepository.GetListAsync(names, providerName, providerKey));
        }

        if (providerName == UserPermissionValueProvider.ProviderName)
        {
            var userId    = Guid.Parse(providerKey);
            var roleNames = await UserRoleFinder.GetRolesAsync(userId);

            foreach (var roleName in roleNames)
            {
                permissionGrants.AddRange(await PermissionGrantRepository.GetListAsync(names, Name, roleName));
            }
        }

        permissionGrants = permissionGrants.Distinct().ToList();
        if (!permissionGrants.Any())
        {
            return(multiplePermissionValueProviderGrantInfo);
        }

        foreach (var permissionName in names)
        {
            var permissionGrant = permissionGrants.FirstOrDefault(x => x.Name == permissionName);
            if (permissionGrant != null)
            {
                multiplePermissionValueProviderGrantInfo.Result[permissionName] = new PermissionValueProviderGrantInfo(true, permissionGrant.ProviderKey);
            }
        }

        return(multiplePermissionValueProviderGrantInfo);
    }
Beispiel #21
0
    protected virtual async Task SetCacheItemsAsync(
        string providerName,
        string providerKey,
        string currentName,
        PermissionGrantCacheItem currentCacheItem)
    {
        var permissions = PermissionDefinitionManager.GetPermissions();

        Logger.LogDebug($"Getting all granted permissions from the repository for this provider name,key: {providerName},{providerKey}");

        var grantedPermissionsHashSet = new HashSet <string>(
            (await PermissionGrantRepository.GetListAsync(providerName, providerKey)).Select(p => p.Name)
            );

        Logger.LogDebug($"Setting the cache items. Count: {permissions.Count}");

        var cacheItems = new List <KeyValuePair <string, PermissionGrantCacheItem> >();

        foreach (var permission in permissions)
        {
            var isGranted = grantedPermissionsHashSet.Contains(permission.Name);

            cacheItems.Add(new KeyValuePair <string, PermissionGrantCacheItem>(
                               CalculateCacheKey(permission.Name, providerName, providerKey),
                               new PermissionGrantCacheItem(isGranted))
                           );

            if (permission.Name == currentName)
            {
                currentCacheItem.IsGranted = isGranted;
            }
        }

        await Cache.SetManyAsync(cacheItems);

        Logger.LogDebug($"Finished setting the cache items. Count: {permissions.Count}");
    }
Beispiel #22
0
        public async Task SeedAsync(
            string providerName,
            string providerKey,
            IEnumerable <string> grantedPermissions,
            Guid?tenantId = null)
        {
            foreach (var permissionName in grantedPermissions)
            {
                if (await PermissionGrantRepository.FindAsync(permissionName, providerName, providerKey) != null)
                {
                    continue;
                }

                await PermissionGrantRepository.InsertAsync(
                    new PermissionGrant(
                        GuidGenerator.Create(),
                        permissionName,
                        providerName,
                        providerKey,
                        tenantId
                        )
                    ).ConfigureAwait(false);
            }
        }
Beispiel #23
0
 public async Task <PermissionGrant> UpdateProviderKeyAsync(PermissionGrant permissionGrant, string providerKey)
 {
     permissionGrant.ProviderKey = providerKey;
     return(await PermissionGrantRepository.UpdateAsync(permissionGrant).ConfigureAwait(false));
 }
        public virtual async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
        {
            var permissionListResult = new GetPermissionListResultDto
            {
                EntityDisplayName = providerKey,
                Groups            = new List <PermissionGroupDto>()
            };
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();
            var permissionGroups = PermissionDefinitionManager.GetGroups();
            IEnumerable <PermissionGrant> permissions =
                await PermissionGrantRepository.GetListAsync(providerName, providerKey);

            // 如果是当前用户权限,还需要查询角色权限
            if (providerName.Equals("U"))
            {
                var userId = CurrentUser.GetId().ToString();
                if (providerKey.Equals(userId))
                {
                    foreach (var role in CurrentUser.Roles)
                    {
                        var rolePermissions = await PermissionGrantRepository
                                              .GetListAsync(RolePermissionValueProvider.ProviderName, role);

                        permissions = permissions.Union(rolePermissions);
                    }
                }
            }
            foreach (var permissionGroup in permissionGroups)
            {
                var groupDto = new PermissionGroupDto
                {
                    Name        = permissionGroup.Name,
                    DisplayName = permissionGroup.DisplayName.Localize(StringLocalizerFactory),
                    Permissions = new List <PermissionGrantInfoDto>()
                };
                foreach (var permission in permissionGroup.GetPermissionsWithChildren())
                {
                    if (!permission.IsEnabled)
                    {
                        continue;
                    }

                    if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
                    {
                        continue;
                    }

                    if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
                    {
                        continue;
                    }

                    var grantInfoDto = new PermissionGrantInfoDto
                    {
                        Name             = permission.Name,
                        DisplayName      = permission.DisplayName.Localize(StringLocalizerFactory),
                        ParentName       = permission.Parent?.Name,
                        AllowedProviders = permission.Providers,
                        GrantedProviders = new List <ProviderInfoDto>()
                    };

                    var grantedPermissions = permissions.Where(p => p.Name.Equals(permission.Name));

                    foreach (var grantedPermission in grantedPermissions)
                    {
                        grantInfoDto.IsGranted = true;
                        grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
                        {
                            ProviderKey  = grantedPermission.ProviderKey,
                            ProviderName = grantedPermission.ProviderName
                        });
                    }

                    groupDto.Permissions.Add(grantInfoDto);
                }

                if (groupDto.Permissions.Any())
                {
                    permissionListResult.Groups.Add(groupDto);
                }
            }

            return(permissionListResult);
        }
Beispiel #25
0
 public virtual async Task <PermissionGrant> UpdateProviderKeyAsync(PermissionGrant permissionGrant, string providerKey)
 {
     permissionGrant.ProviderKey = providerKey;
     return(await PermissionGrantRepository.UpdateAsync(permissionGrant));
 }