public ApplicantAccessEvent(
Guid applicantId,
AccessOperation operation) :
base(operation)
{
ApplicantId = applicantId;
}
public AccessEntry(ObjectId employeeId, AccessOperation operation, bool success)
{
EmployeeID = employeeId;
Operation = operation;
Timestamp = DateTime.Now;
Success = success;
}
public virtual async Task <bool> HasPermissionAsync <TEntity>(
AccessEvent <TEntity> @event,
AccessOperation operation)
where TEntity : class
{
var eventType = @event.GetType();
var hasHandler = _eventHandlersDictionary.TryGetValue(eventType, out var handlerType);
if (!hasHandler)
{
await OnHandlerNotFound(@event, operation);
}
//TODO Реализовать хэндлеры через контейнеры
//var handler = _serviceProvider.GetService(handlerType);
var handler = Activator.CreateInstance(handlerType);
if (handler == null)
{
return(await OnHandlerNotFound(@event, operation));
}
var concreteType = typeof(IAccessHandler <,>).MakeGenericType(eventType, typeof(TEntity));
var methodParams = new object[] { @event, operation };
var result = await(Task <bool>) concreteType.GetMethod(HANDLER_METHOD_NAME).Invoke(handler, methodParams);
return(result);
}
public AccessEvent <TEntity> Create <TEntity>(ClaimsPrincipal user, AccessOperation operation)
where TEntity : class
{
if (user.IsInRole(Config.DefaultRoles.ADMIN))
{
return(new AccessEvent <TEntity>(operation));
}
if (user.IsInRole(Config.DefaultRoles.APPLICANT))
{
var id = user.Claims
.First(x => x.Type == JwtClaimTypes.Subject)
.Value;
return(new ApplicantAccessEvent <TEntity>(Guid.Parse(id), operation));
}
if (user.IsInRole(Config.DefaultRoles.EMPLOYER_MANAGER))
{
var organizationId = user.Claims
.First(x => x.Type == Config.JobObserverJwtClaimTypes.OrganizationId)
.Value;
return(new EmployerAccessEvent <TEntity>(long.Parse(organizationId), operation));
}
if (user.IsInRole(Config.DefaultRoles.EDUCATIONAL_INSTITUTION_MANAGER))
{
return(new AccessEvent <TEntity>(operation));
}
var role = user.Claims.SingleOrDefault(x => x.Type == JwtClaimTypes.Role)?.Value ?? "роль не задана";
throw new ArgumentException($"Не найден пользователь с указанной ролью: {role}");
}
public EmployerAccessEvent(
long companyId,
AccessOperation operation) :
base(operation)
{
CompanyId = companyId;
}
public GridInfo(AccessOperation crudOperation = null, Toolbar gridToolbar = null, string cultureName = "fa-IR")
{
_cultureInfo = new CultureInfo(cultureName);
//ID = Id;
if (crudOperation == null)
{
CRUDOperation = new AccessOperation();
}
else
{
CRUDOperation = crudOperation;
}
//GridToolbar = gridToolbar;
//if (gridToolbar == null)
//{
// GridToolbar = new Toolbar();
//}
//else
//{
// GridToolbar = gridToolbar;
// GridToolbar.CRUDOperation = CRUDOperation;
// if (GridToolbar != null && GridToolbar.Commands != null && GridToolbar.Commands.Count > 0)
// {
// GridToolbar.Commands = new Toolbar(GridToolbar.Commands).Commands;
// }
//}
GridToolbar = gridToolbar ?? new Toolbar();
GridToolbar.CRUDOperation = CRUDOperation;
}
protected virtual Task <bool> OnHandlerNotFound <TEntity>(
AccessEvent <TEntity> @event,
AccessOperation operation)
where TEntity : class
{
throw new NullReferenceException($"Не зарегистрирован обработчик для " +
$"для сущности {typeof(TEntity).Name}");
}
public EmployerAccessEvent(
Guid id,
long companyId,
AccessOperation operation) :
base(id, operation)
{
CompanyId = companyId;
}
public AccessEvent <TEntity> CreateEvent <TEntity>(TEntity entity, AccessOperation operation)
where TEntity : class
{
var @event = CreateEvent <TEntity>(operation);
@event.Entity = entity;
return(@event);
}
public async Task <bool> HasPermissionAsync <TEntity>(TEntity entity, AccessOperation operation)
where TEntity : class
{
var @event = CreateEvent(entity, operation);
var accessor = CreateAccessor();
var allowed = await accessor.HasPermissionAsync(@event, operation);
return(allowed);
}
private void MakeCRUDOperationDefinition()
{
CRUDOperation = new AccessOperation();
CRUDOperation.ReadOnly = ReadOnly;
CRUDOperation.Insertable = Insertable;
CRUDOperation.Updatable = Updatable;
CRUDOperation.Removable = Removable;
CRUDOperation.Refreshable = Refreshable;
CRUDOperation.Search = Searchable;
}
private static void AccessSample()
{
using (var accessOperation = new AccessOperation())
{
//NewDatabase
var filePath = Path.Combine(Environment.CurrentDirectory, "sample.accdb");
accessOperation.NewDatabase(filePath);
}
using (var conn = DbConnectionFactory.Default.CreateConnection())
using (var tran = conn.BeginTransaction())
{
try
{
var service = new SampleService(conn);
//CreateDatabase
service.CreateTable(tran);
//AddSampleData
service.AddSampleData(tran);
tran.Commit();
}
catch (Exception)
{
tran.Rollback();
throw;
}
}
using (var conn = DbConnectionFactory.Default.CreateConnection())
{
var service = new SampleService(conn);
//GetAll
var records = service.GetAll();
foreach (var r in records)
{
Console.WriteLine(string.Join(" - ", r.Column1, r.Column2));
}
Console.WriteLine("===============================");
//GetById
var record = service.GetById("2");
Console.WriteLine(string.Join(" - ", record.Column1, record.Column2));
}
}
protected override Task <bool> OnHandlerNotFound <TEntity>(
AccessEvent <TEntity> @event,
AccessOperation operation)
{
return(Task.FromResult(operation == AccessOperation.READ));
}
public override Task <bool> HasPermissionAsync <TEntity>(AccessEvent <TEntity> @event, AccessOperation operation)
{
return(Task.FromResult(operation == AccessOperation.READ));
}
public async Task <bool> HasPermissionAsync(EmployerAccessEvent <ResumeNegotiation> @event, AccessOperation operation)
{
var allowedArray = new bool?[3];
var companyId = @event.CompanyId;
var entityAllowed = companyId == @event.Entity.CompanyId;
allowedArray[0] = entityAllowed;
var enumerableAllowed = @event.EnumerableEntities?.All(x => x.CompanyId == companyId);
allowedArray[1] = enumerableAllowed;
var queriableAllowed = await @event.QueriableEntities?.AllAsync(x => x.CompanyId == companyId);
allowedArray[2] = queriableAllowed;
var allowed = allowedArray.All(x => x != false);
return(allowed);
}
public AccessEvent(Guid id, AccessOperation operation)
{
Id = id;
Operation = operation;
}
public static void DefineCrudActionAuthority(AccessOperation crudOpt, CrudCr crudInfo)
{
if (!System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
{
//object area = null;
//var tokens = System.Web.HttpContext.Current.Request.RequestContext.RouteData.DataTokens;
//if (tokens.TryGetValue("area", out area) )
//{
var response = System.Web.HttpContext.Current.Response;
response.Clear();
response.StatusCode = 403;//forbidden
//}
//else
//{
// FormsAuthentication.RedirectToLoginPage();
//}
return;
}
else
{
var currentUserId = CustomMembershipProvider.GetUserIdCookie() ?? 0;
var readUrl = crudInfo.Read.Url.ToLower();
if (readUrl.StartsWith("api/") || readUrl.StartsWith("/api/"))
{
var originalUrl = readUrl.Split('/');
var actualUrlName = string.Empty;
//has Area Name
if (originalUrl.Length == 3)
{
if (originalUrl[2].ToLower().Equals("getentities"))
{
actualUrlName = originalUrl[0] + "/" + originalUrl[1];
}
else
{
actualUrlName = originalUrl[1] + "/" + originalUrl[2];
}
}
else
{
if (originalUrl.Length == 4)
{
actualUrlName = originalUrl[1] + "/" + originalUrl[2];
}
else
{
actualUrlName = originalUrl[1];
}
}
if (crudOpt.Insertable)
{
var insertUrl = string.IsNullOrEmpty(crudInfo.Insert.Url) ? actualUrlName + "/PostEntity" : crudInfo.Insert.Url;
crudOpt.Insertable = AppBase.HasCurrentUserAccess(currentUserId, insertUrl);
}
if (crudOpt.Updatable)
{
var updateUrl = string.IsNullOrEmpty(crudInfo.Update.Url) ? actualUrlName + "/PutEntity" : crudInfo.Update.Url;
crudOpt.Updatable = AppBase.HasCurrentUserAccess(currentUserId, updateUrl);
}
if (crudOpt.Removable)
{
var removeUrl = string.IsNullOrEmpty(crudInfo.Remove.Url) ? actualUrlName + "/DeleteEntity" : crudInfo.Remove.Url;
crudOpt.Removable = AppBase.HasCurrentUserAccess(currentUserId, removeUrl);
}
}
else
{
// Must be implemented for classical controller.
throw new NotImplementedException();
}
}
}
public async Task <bool> HasPermissionAsync(ApplicantAccessEvent <Resume> @event, AccessOperation operation)
{
var allowedArray = new bool?[3];
var applicantId = @event.ApplicantId;
var entityAllowed = applicantId == @event.Entity.ApplicantId;
allowedArray[0] = entityAllowed;
var enumerableAllowed = @event.EnumerableEntities?.All(x => x.ApplicantId == applicantId);
allowedArray[1] = enumerableAllowed;
if (@event.QueriableEntities != null)
{
var queriableAllowed = await @event.QueriableEntities?.AllAsync(x => x.ApplicantId == applicantId);
allowedArray[2] = queriableAllowed;
}
else
{
allowedArray[2] = true;
}
var allowed = allowedArray.All(x => x != false);
return(allowed);
}
public AccessEvent <TEntity> CreateEvent <TEntity>(AccessOperation operation)
where TEntity : class
{
return(EventFactory.Create <TEntity>(HttpContext.User, operation));
}
//internal bool ExportToExcel { get; set; }
//internal bool ExportToPdf { get; set; }
public Toolbar()
{
CRUDOperation = new AccessOperation();
Commands = GetDefaultCommandList();
}
public AccessEvent <TEntity> CreateEvent <TEntity>(IQueryable <TEntity> entities, AccessOperation operation)
where TEntity : class
{
var @event = CreateEvent <TEntity>(operation);
@event.QueriableEntities = entities;
return(@event);
}
public Toolbar(List <ColumnCommand> commandColumns)
{
CRUDOperation = new AccessOperation();
Commands = GetDefaultCommandList(commandColumns);
}
/// <summary> /// Serves as the default hash function. /// </summary> /// <returns> /// A hash code for the current object. /// </returns> public override int GetHashCode() => AccessOperation.GetHashCode();
public AccessEvent(AccessOperation operation)
{
Id = Guid.NewGuid();
Operation = operation;
}
