/// <summary>
///
/// </summary>
/// <exception cref="ArgumentNullException"></exception>
/// <param name="type"></param>
/// <returns></returns>
public List <RowLevelRightData> GetTypeFieldsRlsRights(Type dataType)
{
if (dataType == null)
{
throw new ArgumentNullException();
}
var rlsList = new List <RowLevelRightData>();
if (!TryGetPropertyRights(dataType, out var rights))
{
return(rlsList);
}
foreach (var propRight in rights)
{
var rlsRight = new RowLevelRightData
{
Name = propRight.PropertyName,
PermissionType = RowLevelModelPermissionType.All,
Entities = new List <string>(0)
};
if (RowLevelRights.TryGetValue(propRight.EntityName, out var right))
{
rlsRight.PermissionType = right.PermissionType;
rlsRight.Entities.AddRange(right.Entities);
}
if (HasFullRights)
{
rlsRight.PermissionType = RowLevelModelPermissionType.All;
}
rlsList.Add(rlsRight);
}
return(rlsList);
}
private static Dictionary <string, RowLevelRightData> GetRowLevelRightsModel(ISecurityDbContext context, Guid profileId, Guid?userId)
{
var rlsRights = GetRlsRights(context, profileId);
var defaultValues = GetDefaultValues(context, rlsRights, userId);
var enumConverter = new EnumConverter();
var rightsModel = new Dictionary <string, RowLevelRightData>();
var groupedRlsList = rlsRights.GroupBy(el => el.EntityName);
foreach (var right in groupedRlsList)
{
var maxAccessType = right.Max(el => el.AccessType);
var rlsRight = new RowLevelRightData
{
Name = right.Key,
PermissionType = enumConverter.ToRowLevelModelPermissionType(maxAccessType),
Entities = new List <string>()
};
rightsModel.Add(right.Key, rlsRight);
if (maxAccessType != RowLevelAccessType.No && maxAccessType != RowLevelAccessType.All)
{
// in case of specific access we need combining rights in a special way
// if there is right "Except" we need create combined "Except" rule
// otherwise it will be "Specified" rule
var rlsExceptObjects = new List <string>();
var rlsIncludeObjects = new List <string>();
foreach (var rlsr in right)
{
if (rlsr.AccessType == RowLevelAccessType.Default)
{
if (defaultValues.TryGetValue(rlsr.EntityName, out var defValue) &&
defValue != Guid.Empty)
{
rlsIncludeObjects.Add(defValue.ToString());
}
}
else if (rlsr.AccessType == RowLevelAccessType.Specified && rlsr.EntityId != Guid.Empty)
{
rlsIncludeObjects.Add(rlsr.EntityId.ToString());
}
else if (rlsr.AccessType == RowLevelAccessType.Except && rlsr.EntityId != Guid.Empty)
{
rlsExceptObjects.Add(rlsr.EntityId.ToString());
}
}
rlsExceptObjects = rlsExceptObjects.Distinct().ToList();
rlsIncludeObjects = rlsIncludeObjects.Distinct().ToList();
if (rlsExceptObjects.Count > 0)
{
rlsRight.Entities.AddRange(rlsExceptObjects.Except(rlsIncludeObjects));
}
else
{
rlsRight.Entities.AddRange(rlsIncludeObjects);
}
if (rlsRight.Entities.Count == 0)
{
if (rlsRight.PermissionType == RowLevelModelPermissionType.Specified)
{
rlsRight.PermissionType = RowLevelModelPermissionType.No;
}
else if (rlsRight.PermissionType == RowLevelModelPermissionType.Except)
{
rlsRight.PermissionType = RowLevelModelPermissionType.All;
}
}
}
}
return(rightsModel);
}
