/// <summary> /// /// </summary> /// <exception cref="ArgumentNullException"></exception> /// <param name="type"></param> /// <returns></returns> public List <RowLevelRightData> GetTypeFieldsRlsRights(Type dataType) { if (dataType == null) { throw new ArgumentNullException(); } var rlsList = new List <RowLevelRightData>(); if (!TryGetPropertyRights(dataType, out var rights)) { return(rlsList); } foreach (var propRight in rights) { var rlsRight = new RowLevelRightData { Name = propRight.PropertyName, PermissionType = RowLevelModelPermissionType.All, Entities = new List <string>(0) }; if (RowLevelRights.TryGetValue(propRight.EntityName, out var right)) { rlsRight.PermissionType = right.PermissionType; rlsRight.Entities.AddRange(right.Entities); } if (HasFullRights) { rlsRight.PermissionType = RowLevelModelPermissionType.All; } rlsList.Add(rlsRight); } return(rlsList); }
private static Dictionary <string, RowLevelRightData> GetRowLevelRightsModel(ISecurityDbContext context, Guid profileId, Guid?userId) { var rlsRights = GetRlsRights(context, profileId); var defaultValues = GetDefaultValues(context, rlsRights, userId); var enumConverter = new EnumConverter(); var rightsModel = new Dictionary <string, RowLevelRightData>(); var groupedRlsList = rlsRights.GroupBy(el => el.EntityName); foreach (var right in groupedRlsList) { var maxAccessType = right.Max(el => el.AccessType); var rlsRight = new RowLevelRightData { Name = right.Key, PermissionType = enumConverter.ToRowLevelModelPermissionType(maxAccessType), Entities = new List <string>() }; rightsModel.Add(right.Key, rlsRight); if (maxAccessType != RowLevelAccessType.No && maxAccessType != RowLevelAccessType.All) { // in case of specific access we need combining rights in a special way // if there is right "Except" we need create combined "Except" rule // otherwise it will be "Specified" rule var rlsExceptObjects = new List <string>(); var rlsIncludeObjects = new List <string>(); foreach (var rlsr in right) { if (rlsr.AccessType == RowLevelAccessType.Default) { if (defaultValues.TryGetValue(rlsr.EntityName, out var defValue) && defValue != Guid.Empty) { rlsIncludeObjects.Add(defValue.ToString()); } } else if (rlsr.AccessType == RowLevelAccessType.Specified && rlsr.EntityId != Guid.Empty) { rlsIncludeObjects.Add(rlsr.EntityId.ToString()); } else if (rlsr.AccessType == RowLevelAccessType.Except && rlsr.EntityId != Guid.Empty) { rlsExceptObjects.Add(rlsr.EntityId.ToString()); } } rlsExceptObjects = rlsExceptObjects.Distinct().ToList(); rlsIncludeObjects = rlsIncludeObjects.Distinct().ToList(); if (rlsExceptObjects.Count > 0) { rlsRight.Entities.AddRange(rlsExceptObjects.Except(rlsIncludeObjects)); } else { rlsRight.Entities.AddRange(rlsIncludeObjects); } if (rlsRight.Entities.Count == 0) { if (rlsRight.PermissionType == RowLevelModelPermissionType.Specified) { rlsRight.PermissionType = RowLevelModelPermissionType.No; } else if (rlsRight.PermissionType == RowLevelModelPermissionType.Except) { rlsRight.PermissionType = RowLevelModelPermissionType.All; } } } } return(rightsModel); }