public GridResults LoadPaging(long userId, string search, int pageIndex, out long totalRecords, string sortColumnName = "", string sortOrderBy = "")
{
//Get current user
var user = BlUser.LoadSingle(userId);
//Query paged data
var results = LoadPaging(userId, CreateFilter(search), user.PageSize, pageIndex - 1, out totalRecords);
//Convert results into display model
var i = 0;
var res = (from r in results
select new
{
Id = i++,
Module = r.Id,
Path = r.Path ?? "",
r.Description,
EntryDate = r.EntryDate.ToString(true),
Logging = r.EnableLogging ? "eye" : "eye-slash colorRed",
Status = r.Status == "A" ? "check colorGreen" : "close colorRed"
}).ToList();
//Convert display model into json data
return(GridVm.FormatResult(res, user.PageSize, pageIndex, totalRecords));
}
public static bool CanDo(long userId, string moduleId, string code)
{
//Load user for roles
var user = BlUser.LoadSingle(userId);
if (user == null)
{
throw new BusinessException("UserNotFound");
}
var roles = BlRole.LoadParents(userId, user.Roles.ToList());
//Exit if full permission case of roles system administrator
if (roles.Select(r => r.Id).Contains(Constants.FullAdminRole))
{
return(true);
}
//Load permissions for user roles
var blPermission = new BlPermission();
var permissions = blPermission.LoadByModuleAndRole(user.Id, moduleId, roles.ToList(), true).ToList();
//Return permission existance
return(permissions.Where(p => p.Code == code).Any());
}
private static IEnumerable <TreeItemVm> ConstructTreeNode(long userId, IEnumerable <Role> roles, bool allowView, bool allowAdd, bool allowEdit, bool allowDelete)
{
var user = BlUser.LoadSingle(userId);
var toRet = new List <TreeItemVm>();
foreach (var role in roles)
{
TreeItemVm treeNode;
var actions = "</span>";
actions += "<span id='actions_" + role.Id + "' style='display:none'> ";
if (allowView)
{
actions += "<a class='treeAction' onclick='javascript:ViewAction(" + role.Id + ");'><span>" + BlDescription.GetDescription(Enumerations.DescriptionResources.Language, "lblView", user.LanguageId) + "</span></a> ";
}
if (allowAdd)
{
actions += "<a class='treeAction' onclick='javascript:AddAction(" + role.Id + ");'><span>" + BlDescription.GetDescription(Enumerations.DescriptionResources.Language, "lblAdd", user.LanguageId) + "</span></a> ";
}
if (allowEdit)
{
actions += "<a class='treeAction' onclick='javascript:EditAction(" + role.Id + ");'><span>" + BlDescription.GetDescription(Enumerations.DescriptionResources.Language, "lblEdit", user.LanguageId) + "</span></a> ";
}
if (allowDelete)
{
actions += "<a class='treeAction' onclick='javascript:DeleteAction(" + role.Id + ");'><span>" + BlDescription.GetDescription(Enumerations.DescriptionResources.Language, "lblDelete", user.LanguageId) + "</span></a> ";
}
actions += "<span>";
if (role.Id == 0)
{
treeNode = new TreeItemVm
{
id = "0",
parent = "#",
text = "<span onclick='ShowDetails(0);'>Root" + actions + "</span>",
icon = "fa fa-briefcase fa-lg colorMain",
state = "{\"opened\": \"true\"}",
li_attr = "{\"class\" : \"form-control-label\"}"
};
}
else
{
treeNode = new TreeItemVm
{
id = role.Id.ToUiString(),
parent = role.ParentRole == null ? "0" : role.ParentRole.Id.ToUiString(),
text = "<span onclick='ShowDetails(" + role.Id + ");'>" + role.Code + actions + "</span>",
icon = "fa fa-users fa-lg colorMain",
li_attr = "{\"class\" : \"form-control-label\"}"
};
}
toRet.Add(treeNode);
}
return(toRet);
}
public GridResults LoadPaging(long userId, string search, int pageIndex, out long totalRecords, string sortColumnName = "", string sortOrderBy = "")
{
//Get current user
var user = BlUser.LoadSingle(userId);
//Query paged data
var results = LoadPaging(userId, CreateFilter(search), Int16.MaxValue, pageIndex - 1, out totalRecords);
//Convert results into display model
var res = (from r in results
select new
{
r.Id,
r.Code,
EntryDate = r.EntryDate.ToString(true),
Status = r.Status == "A" ? "check colorGreen" : "close colorRed"
}).ToList();
//Convert display model into json data
return(GridVm.FormatResult(res, Int16.MaxValue, pageIndex, totalRecords));
}
public IEnumerable <Permission> LoadByModuleAndRole(long userId, string moduleId, List <Role> roles, bool onlyActive = false)
{
var predicate = PredicateBuilder.True <Permission>();
predicate = predicate.And(e => e.Module.Id == moduleId);
if (onlyActive)
{
predicate = predicate.And(e => e.Module.Status == "A");
}
var permissions = _repository.LoadSearch(predicate).ToList();
//Create modules and access permission if it does not exist
if (!permissions.Any())
{
var user = BlUser.LoadSingle(userId);
//Create module if does not exist
if (BlModule.LoadSingle(userId, moduleId) == null)
{
var newModule = new Module
{
Id = moduleId,
Description = "N/A",
Author = user.Id,
UserId = user.Id,
Status = "A"
};
var blModule = new BlModule();
blModule.Create(userId, newModule);
}
//Create access permission
var newPermission = new Permission
{
Module = BlModule.LoadSingle(userId, moduleId),
Code = "Access",
Roles = BlRole.LoadSingle(userId, Constants.FullAdminRole).SingleItemAsEnumerable().ToList(),
Status = "A"
};
Create(userId, newPermission);
}
var tmpPermissions = new Permission[permissions.Count];
permissions.CopyTo(tmpPermissions);
//Remove permission outside the roles
foreach (var permission in tmpPermissions)
{
var keepFlag = false;
foreach (var role in roles)
{
if (permission.Roles.Select(r => r.Id).Contains(role.Id))
{
keepFlag = true;
break;
}
}
if (!keepFlag)
{
permissions.Remove(permission);
}
}
return(permissions);
}
public string LoadUserMenu(long userId, bool forEdit)
{
var user = BlUser.LoadSingle(userId);
//Load all active menu items per company
var predicate = PredicateBuilder.True <Menu>();
predicate = predicate.And(p => p.Status);
//Query all entries without a branch or specific for a branch
var predicate2 = PredicateBuilder.False <Menu>();
predicate2 = predicate2.Or(p => p.BranchId == user.BranchId);
predicate2 = predicate2.Or(p => p.BranchId == null);
predicate = predicate.And(predicate2);
var lMenu = LoadSearch(userId, predicate).ToList();
//Vaidate if all modules exist in permissions
var lDeniedMenu = new List <Menu>();
foreach (var menuItem in lMenu.ToList())
{
if (menuItem.Module != null)
{
if (!BlPermission.CanDo(userId, menuItem.Module.Id, "Access"))
{
//Build the denied menu list
lDeniedMenu.Add(menuItem);
}
}
}
//Remove unauthorized and broken menu items
lMenu = (from m in lMenu
where !(from dm in lDeniedMenu select dm.Id).Contains(m.Id)
select m).ToList();
//Iterate all sub menu items and clear broken entries
foreach (var menuItem in lMenu.ToList())
{
//Remove each node that does not have a module nor children
if (menuItem.Module == null)
{
if (menuItem.Parent != null && menuItem.DescriptionCode != null)
{
if (!lMenu.Where(m => m.Id == menuItem.Parent.Id && m.Module != null && m.DescriptionCode != null).Any())
{
//Check if any children have this item as parent
if (!lMenu.Where(m => m.Parent != null).Where(m => m.Parent.Id == menuItem.Id && m.Module != null && m.DescriptionCode != null).Any())
{
lDeniedMenu.Add(menuItem);
}
}
}
}
}
//Remove unauthorized and broken menu entries
lMenu = (from m in lMenu
where !(from dm in lDeniedMenu select dm.Id).Contains(m.Id)
select m).ToList();
//Iterate all top menu items and clear broken entries
foreach (var menuItem in lMenu.Where(m => m.Parent == null).ToList())
{
if (menuItem.Module == null)
{
//Remove each node that does not have a module nor children
if (!lMenu.Where(m => m.Parent != null).Where(m => m.Parent.Id == menuItem.Id && m.DescriptionCode != null).Any())
{
lDeniedMenu.Add(menuItem);
}
}
}
//Remove unauthorized and broken menu items
lMenu = (from m in lMenu
where !(from dm in lDeniedMenu select dm.Id).Contains(m.Id)
select m).ToList();
var menu = BuildMenuChildren(user, lMenu, null, forEdit);
return(menu);
}
public string GetSecurityString(long userId, string path)
{
//CLean path url
path = path.ToUpper().Replace("../STOCK/APP/", "");
path = path.ToUpper().Replace("/STOCK/APP/", "");
var toRetList = new ArrayList();
//Load the module by path
var predicate = PredicateBuilder.True <Module>();
predicate = predicate.And(p => p.Path == path);
var module = LoadSearch(userId, predicate).FirstOrDefault();
//Create module if does not exist
if (module == null)
{
using (var tran = new TransactionScope())
{
var systemUser = BlUser.LoadSingle(Constants.SystemUser);
var newModule = new Module
{
Id = path.Split('/')[path.Split('/').Length - 1].ToUpper().Replace(".HTML", ""),
Path = path,
Description = "N/A",
Author = Constants.SystemUser,
Status = "A"
};
newModule = Create(userId, newModule);
//Create first access permission and assign to system admin
var newPermission = new Permission
{
Module = newModule,
Code = "Access",
Status = "A",
Roles =
BlRole.LoadSingle(userId, Constants.FullAdminRole).
SingleItemAsEnumerable().ToList()
};
var blPermission = new BlPermission();
blPermission.Create(userId, newPermission);
tran.Complete();
}
}
//Get module permissions if exists
if (module != null)
{
var blPermission = new BlPermission();
var permissions = blPermission.LoadByModule(userId, module.Id, true);
//Check each permission status
foreach (var permission in permissions)
{
if (BlPermission.CanDo(userId, module.Id, permission.Code))
{
toRetList.Add(permission.Code);
}
}
}
return(string.Join(":", toRetList.ToArray()));
}