Beispiel #1
0
        public override RoleDto EntityToEntityDto(Role entity)
        {
            RoleDto roledto = Mapper.Map <Role, RoleDto>(entity);

            if (entity != null)
            {
                //    roledto.RolesInUserGroupRolePermissions.Clear();
                //    if (entity.RolesInUserGroupRolePermissions != null)
                //    {
                //        foreach (UserGroup usergroup in entity.RolesInUserGroupRolePermissions)
                //        {
                //            UserGroupDto usergroupDto = new UserGroupDto();
                //            usergroupDto = Mapper.Map<UserGroup, UserGroupDto>(usergroup);
                //            roledto.RolesInUserGroupRolePermissions.Add(usergroupDto);
                //        }
                //    }
                //    roledto.RolesInUserRolePermissions.Clear();
                if (entity.RolesInUserRolePermissions != null)
                {
                    foreach (UserRolePermission URP in entity.RolesInUserRolePermissions)
                    {
                        UserRolePermissionDto urpDto = new UserRolePermissionDto();
                        urpDto = Mapper.Map <UserRolePermission, UserRolePermissionDto>(URP);
                        roledto.RolesInUserRolePermissions.Add(urpDto);
                    }
                }
            }
            return(roledto);
        }
Beispiel #2
0
        public virtual void CreateUser()
        {
            var userdto = new UserDto
            {
                Title             = "Ms",
                Name              = "shraddha",
                UserName          = "******",
                MobileNo          = "9922077123",
                Email             = "*****@*****.**",
                CountryCode       = "91",
                MothersMaidenName = "manisha",
                UserOfClient      = new ClientDto
                {
                    CAId = 1
                },
                IsActive                      = true,
                DateOfBirth                   = Convert.ToDateTime("06/10/1984"),
                Password                      = Helper.Encode("P@ssword"),
                CreatedBy                     = -1,
                CreatedDate                   = DateTime.Now,
                IsLockedOut                   = false,
                IsOnLine                      = false,
                LastActivityDate              = DateTime.Now,
                LastLockedOutDate             = DateTime.Now,
                LastLoginDate                 = DateTime.Now,
                ModifiedBy                    = -1,
                ModifiedDate                  = DateTime.Now,
                LastPassword                  = Helper.Encode("password"),
                LastPasswordChangedDate       = DateTime.Now,
                SecondLastPassword            = Helper.Encode("pass"),
                SecondLastPasswordChangedDate = DateTime.Now.AddDays(-1),
                IsDeleted                     = false,
                AllowDelete                   = true,
                AllowEdit                     = true
            };

            var userRolePermissionDto = new UserRolePermissionDto
            {
                AllowAdd    = true,
                AllowDelete = true,
                AllowEdit   = true,
                AllowPrint  = true,
                AllowView   = true
            };

            RoleDto roleDto = this.RoleService.GetById(RoleId);

            userRolePermissionDto.PermissionForRole = roleDto;

            userdto.UserWithRolePermissions.Add(userRolePermissionDto);
            this.UserInstance = this.UserService.Create(userdto, CurrentUserInstance.UserName);

            Assert.IsFalse(this.UserInstance.UserId == 0, "User Id should have been updated");
            Assert.AreEqual(this.UserInstance.Name, userdto.Name, "First Name are different");
        }
Beispiel #3
0
        public virtual void AssignRoletoUser()
        {
            RoleDto roleDto  = this.RoleService.GetById(9);
            RoleDto roleDto1 = this.RoleService.GetById(11);
            UserDto userDto  = this.UserService.GetById(43);
            var     urpdto   = new UserRolePermissionDto
            {
                PermissionForUser = new List <UserDto>
                {
                    new UserDto
                    {
                        UserId = userDto.UserId
                    }
                },
                PermissionForRole = roleDto,
                AllowAdd          = true,
                AllowEdit         = true,
                AllowView         = true,
                AllowDelete       = true,
                AllowPrint        = false
            };
            var urpdto1 = new UserRolePermissionDto
            {
                PermissionForUser = new List <UserDto>
                {
                    new UserDto
                    {
                        UserId = userDto.UserId
                    }
                },
                PermissionForRole = roleDto1,
                AllowAdd          = true,
                AllowEdit         = true,
                AllowView         = true,
                AllowDelete       = false,
                AllowPrint        = false
            };

            userDto.UserWithRolePermissions.Clear();
            userDto.UserWithRolePermissions.Add(urpdto);
            userDto.UserWithRolePermissions.Add(urpdto1);
            this.UserInstance = this.UserService.Update(userDto, CurrentUserInstance.UserName);
            Assert.IsTrue(this.UserInstance.UserWithRolePermissions[0].UserRolePermissionId != 0, "user Id should have been updated");
        }
Beispiel #4
0
        public ActionResult SaveUserRolePermissions()
        {
            string username = Request.QueryString["username"];

            UserServiceReference.UserServiceClient client = new UserServiceClient();
            try
            {
                UserDto user = client.GetByUserName(username);

                IList <UserRolesModel> userRoleModelList = (IList <UserRolesModel>)Session["UserRolesModelList" + username];
                user.UserWithRolePermissions = new List <UserRolePermissionDto>();
                user.UserWithRolePermissions.Clear();
                foreach (UserRolesModel urmodel in userRoleModelList)
                {
                    if (urmodel.AllowAdd || urmodel.AllowEdit || urmodel.AllowPrint || urmodel.AllowView || urmodel.AllowDelete)
                    {
                        UserRolePermissionDto URPDto = new UserRolePermissionDto()
                        {
                            PermissionForRole = urmodel.UserRoleDto,
                            AllowAdd          = urmodel.AllowAdd,
                            AllowDelete       = urmodel.AllowDelete,
                            AllowEdit         = urmodel.AllowEdit,
                            AllowPrint        = urmodel.AllowPrint,
                            AllowView         = urmodel.AllowView,
                        };
                        user.UserWithRolePermissions.Add(URPDto);
                    }
                }
                user.ViewOfUserUserGroupRolePermissions = null;
                user = client.Update(user, ((UserDto)Session[Constants.SKCURRENTUSER]).UserName);
            }
            catch (Exception ex)
            {
                return(View("ErrorPage"));
            }
            finally
            {
                if (Session["UserRolesModelList" + username] != null)
                {
                    Session.Remove("UserRolesModelList" + username);
                }
            }
            return(RedirectToAction("UsersIndex", new { usertype = Request.QueryString["usertype"] }));
        }
Beispiel #5
0
 public UserRolePermissionDto Create(UserRolePermissionDto user, UserDto loggedInUserDto)
 {
     return(ExecuteCommand(proxy => proxy.Create(user, loggedInUserDto)));
 }
Beispiel #6
0
 public UserRolePermissionDto Create(UserRolePermissionDto user, string userName)
 {
     return(ExecuteCommand(proxy => proxy.Create(user, userName)));
 }
 public UserRolePermissionDto Create(UserRolePermissionDto user, UserDto loggedInUserDto)
 {
     return(ExecuteCommand(() => Service.Create(user, loggedInUserDto)));
 }
Beispiel #8
0
        public static bool IsUserInRole(IList <string> roleNames, RolePermission permissions, UserDto currentUser)
        {
            //UserServiceClient client = new UserServiceClient();
            //UserDto currentUser = client.GetByUserName(userName);
            bool hasAccess = false;

            try
            {
                foreach (string roleName in roleNames)
                {
                    var res = currentUser.UserWithRolePermissions.Where(x => x.PermissionForRole.RoleName == roleName);

                    if (res.Count() != 0)
                    {
                        UserRolePermissionDto urpDto = res.FirstOrDefault();
                        switch (permissions)
                        {
                        case RolePermission.Add:
                            hasAccess = urpDto.AllowAdd;
                            break;

                        case RolePermission.Update:
                            hasAccess = urpDto.AllowEdit;
                            break;

                        case RolePermission.View:
                            hasAccess = urpDto.AllowView;
                            break;

                        case RolePermission.Delete:
                            hasAccess = urpDto.AllowDelete;
                            break;

                        case RolePermission.Print:
                            hasAccess = urpDto.AllowPrint;
                            break;
                        }
                        res = null;
                        return(hasAccess);
                    }
                    else
                    {
                        var resGroupRole = currentUser.ViewOfUserUserGroupRolePermissions.Where(x => x.PermissionForRole.RoleName == roleName);
                        if (resGroupRole.Count() != 0)
                        {
                            viewUserUserGroupRolePermissionsDto vwUgRoleDto = resGroupRole.FirstOrDefault();
                            switch (permissions)
                            {
                            case RolePermission.Add:
                                hasAccess = vwUgRoleDto.AllowAdd;
                                break;

                            case RolePermission.Update:
                                hasAccess = vwUgRoleDto.AllowEdit;
                                break;

                            case RolePermission.View:
                                hasAccess = vwUgRoleDto.AllowView;
                                break;

                            case RolePermission.Delete:
                                hasAccess = vwUgRoleDto.AllowDelete;
                                break;

                            case RolePermission.Print:
                                hasAccess = vwUgRoleDto.AllowPrint;
                                break;
                            }
                            //return hasAccess;
                        }
                    }
                }
            }
            catch (Exception ex)
            {
            }

            return(hasAccess);
        }
 public UserRolePermissionDto Create(UserRolePermissionDto userRolePermissionDto, string userName)
 {
     return(ExecuteCommand(() => Service.Create(userRolePermissionDto, userName)));
 }
        public virtual async Task <bool> HasPermissionAsync(ClaimsPrincipal User, string permKey, bool isAdminRequired = false, IEnumerable <string> clientIds = null)
        {
            if (!String.IsNullOrWhiteSpace(permKey))
            {
                UserRolePermissionDto perms = null;
                if (User.FindFirst(JwtClaimTypes.Subject) != null)
                {
                    // 说明有用户参与
                    perms = await GetUserRolesAndPermissionsAsync(User, clientIds);
                }
                else
                {
                    // 可能是直接由Client Credential 方式获取的 token
                    // 此时 perm 直接以 claim 形式存在
                    var permClaim = User.FindFirst(Constants.CLIENT_CLAIM_PREFIX + permKey);
                    if (permClaim != null && !isAdminRequired)
                    {
                        // 由于 Client 并非 User,所以没有管理员之说
                        return(true);
                    }
                }

                if (perms != null)
                {
                    bool isAdmin      = false;
                    bool isSuperAdmin = false;

                    // 如果这个用户本来就有这个 claim,则也是 super
                    if (User.HasClaim(itm => itm.Type == Constants.SUPERADMIN_CLAIM_TYPE))
                    {
                        isAdmin      = true;
                        isSuperAdmin = true;
                    }
                    else
                    {
                        // 自定义 ClaimsIdentity 用于保存当前用户所归属的所有 Client
                        ClaimsIdentity roleIdentity = new ClaimsIdentity("PermissionHandler");

                        if (perms.Roles != null)
                        {
                            foreach (var role in perms.Roles)
                            {
                                if (role.IsSuperAdmin && !isSuperAdmin)
                                {
                                    roleIdentity.AddClaim(new Claim(Constants.SUPERADMIN_CLAIM_TYPE, true.ToString()));
                                    isAdmin      = true;
                                    isSuperAdmin = true;
                                }

                                if (role.IsAdmin && !isAdmin)
                                {
                                    isAdmin = true;
                                }

                                if (!String.IsNullOrWhiteSpace(role.ClientId))
                                {
                                    roleIdentity.AddClaim(new Claim(JwtClaimTypes.ClientId, role.ClientId));
                                }
                            }
                        }

                        if (!User.Identities.Any(itm => itm.AuthenticationType == "PermissionHandler"))
                        {
                            User.AddIdentity(roleIdentity);
                        }
                    }

                    // 如果是超级管理员,则有所有权限
                    if (isSuperAdmin)
                    {
                        return(true);
                    }

                    if (perms.Permissions.Any(itm => itm.Key == permKey))
                    {
                        // 如果要求只能是管理员,则必须具有管理员的角色
                        if (!isAdminRequired || (isAdminRequired && isAdmin))
                        {
                            return(true);
                        }
                    }

                    return(false);
                }
            }

            return(false);
        }