Beispiel #1
0
        public IHttpActionResult UpdatePermission([FromUri] PermissionType type, DTO.AccountPermission accountPermission)
        {
            try
            {
                accountApp.UpdatePermission(accountPermission, type, base.ClientId, base.AccountCode);

                return(Ok());
            }
            catch (ArgumentException ex)
            {
                return(BadRequest(ex));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
        }
Beispiel #2
0
        public void UpdatePermission(DTO.AccountPermission accountPermission, PermissionType type, Guid clientId, Guid currentAccount)
        {
            using (var transaction = Connection.BeginTransaction())
            {
                try
                {
                    var applicationStore = applicationStoreRepository.GetByClientId(clientId);
                    var storeCode        = applicationStore.GetStoreCodeByAuthType(accountPermission.StoreCode);

                    if (!currentAccount.IsEmpty())
                    {
                        Account accountCurrent = accPermissionService.Get(currentAccount, applicationStore);

                        if (accountCurrent.IsNull())
                        {
                            throw new ArgumentException("Você não possui permissão para executar essa ação");
                        }
                    }
                    else if (!applicationStore.Store.IsMain)
                    {
                        throw new ArgumentException("Você não possui permissão para executar essa ação");
                    }

                    Account account;
                    Role    role;
                    foreach (var accountCode in accountPermission.AccountCodes)
                    {
                        account = accountRepository.Get(accountCode, false, includeRole: true, includeBlacklist: true, includeApplication: true);

                        if (account.IsNull())
                        {
                            throw new ArgumentException("Usuário não encontrado");
                        }

                        if (account.BlacklistCollection.Count > 0)
                        {
                            throw new ArgumentException("Usuário na blacklist");
                        }

                        bool hasPendingChanges = false;

                        if (type == PermissionType.Add)
                        {
                            accountPermission.Applications.ForEach(applicationName =>
                            {
                                role = roleRepository.GetByApplication(applicationName, storeCode);

                                if (role.IsNull())
                                {
                                    throw new ArgumentException("Não será possível atribuir a permissão");
                                }

                                var exist = role.AccountRoles.Any(a => a.Status && a.AccountCode == account.Code && account.AccountRoles.Any(r => r.RoleCode == a.RoleCode));

                                if (!exist)
                                {
                                    account.ConnectRole(role);
                                    hasPendingChanges = true;
                                }
                            });
                        }
                        else if (type == PermissionType.Remove)
                        {
                            accountPermission.Applications.ForEach(applicationName =>
                            {
                                var accountRole = account.AccountRoles
                                                  .Where(x => x.Status &&
                                                         x.Role.Permissions.Any(a => a.Resource.Application.Name.ToLower() == applicationName.ToLower() &&
                                                                                x.Role.StoreCode == storeCode)).FirstOrDefault();

                                if (!accountRole.IsNull())
                                {
                                    accountRole.Status     = false;
                                    accountRole.UpdateDate = DateTime.Now;
                                    account.AccountRoles.Append(accountRole);
                                    hasPendingChanges = true;
                                }
                            });
                        }

                        if (hasPendingChanges)
                        {
                            accountService.Update(account);
                        }
                    }
                }
                catch
                {
                    transaction.Rollback();

                    throw;
                }
            }
        }