public async Task <PermissionListResponseModel> GetAsync(string providerName, string providerKey)
{
var result = new PermissionListResponseModel {
DisplayName = providerKey, Groups = new List <PermissionGroupModel>()
};
foreach (var group in _permissionDefinitionManager.GetGroups())
{
PermissionGroupModel permissionGroupModel = new()
{
DisplayName = group.DisplayName,
Name = group.Name,
Permissions = new List <PermissionGrantModel>()
};
foreach (PermissionDefinition permission in group.GetPermissionsWithChildren())
{
if (permission.IsEnabled && (!permission.AllowedProviders.Any() ||
permission.AllowedProviders.Contains(providerName)))
{
PermissionGrantModel permissionGrantModel = new()
{
Name = permission.Name,
DisplayName = permission.DisplayName,
ParentName = permission.Parent?.Name !,
AllowedProviders = permission.AllowedProviders
};
if (permission.AllowedProviders.Any() && !permission.AllowedProviders.Contains(providerName))
{
throw new ApplicationException($"The permission named {permission.Name} has not compatible with the provider named {providerName}");
}
if (!permission.IsEnabled)
{
throw new ApplicationException($"The permission named {permission.Name} is disabled");
}
PermissionGrant permissionGrant = await _permissionGrantRepository.FindAsync(permission.Name, providerName, providerKey);
permissionGrantModel.IsGranted = permissionGrant != null;
permissionGroupModel.Permissions.Add(permissionGrantModel);
}
}
if (permissionGroupModel.Permissions.Any())
{
result.Groups.Add(permissionGroupModel);
}
}
return(result);
}
public async Task <ApplicationAuthConfigurationDto> GetAuthConfigAsync()
{
var authConfig = new ApplicationAuthConfigurationDto();
foreach (var policyName in await _abpAuthorizationPolicyProvider.GetPoliciesNamesAsync())
{
authConfig.Policies[policyName] = true;
if (await _authorizationService.IsGrantedAsync(policyName))
{
authConfig.GrantedPolicies[policyName] = true;
}
}
foreach (var group in _permissionDefinitionManager.GetGroups())
{
authConfig.Policies[group.Name] = true;
authConfig.GrantedPolicies[group.Name] = true;
}
return(authConfig);
}
public async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
{
await CheckProviderPolicy(providerName);
var result = new GetPermissionListResultDto
{
EntityDisplayName = providerKey,
Groups = new List <PermissionGroupDto>()
};
foreach (var group in _permissionDefinitionManager.GetGroups())
{
var groupDto = new PermissionGroupDto
{
Name = group.Name,
DisplayName = group.DisplayName.Localize(_stringLocalizerFactory),
Permissions = new List <PermissionGrantInfoDto>()
};
foreach (var permission in group.GetPermissionsWithChildren())
{
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
continue;
}
var grantInfoDto = new PermissionGrantInfoDto
{
Name = permission.Name,
DisplayName = permission.DisplayName.Localize(_stringLocalizerFactory),
ParentName = permission.Parent?.Name,
AllowedProviders = permission.Providers,
GrantedProviders = new List <ProviderInfoDto>()
};
var grantInfo = await _permissionManager.GetAsync(permission.Name, providerName, providerKey);
grantInfoDto.IsGranted = grantInfo.IsGranted;
foreach (var provider in grantInfo.Providers)
{
grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
{
ProviderName = provider.Name,
ProviderKey = provider.Key,
});
}
groupDto.Permissions.Add(grantInfoDto);
}
if (groupDto.Permissions.Any())
{
result.Groups.Add(groupDto);
}
}
return(result);
}
public virtual Task<List<AuthPolicyDto>> GetAuthPolicies()
{
var result = new List<AuthPolicyDto>();
var groups = _permissionDefinitionManager.GetGroups();
var multiTenancySide = CurrentTenant.GetMultiTenancySide();
foreach (var group in groups)
{
if (group.Permissions.Count == 0)
{
continue;
}
foreach (var permission in group.Permissions)
{
if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
{
continue;
}
var policy = new AuthPolicyDto()
{
Name = permission.Name,
DisplayName = permission.DisplayName.Localize(_stringLocalizerFactory),
Children = new List<AuthPolicyDto>
{
new AuthPolicyDto
{
Name = permission.Name,
DisplayName = permission.DisplayName.Localize(_stringLocalizerFactory)
}
}
};
result.Add(policy);
foreach (var c in permission.Children)
{
if (!c.MultiTenancySide.HasFlag(multiTenancySide))
{
continue;
}
policy.Children.Add(new AuthPolicyDto
{
Name = c.Name,
DisplayName = c.DisplayName.Localize(_stringLocalizerFactory)
});
}
}
}
return Task.FromResult(result);
}
// GET: Role/Permissions/5
public async Task <IActionResult> Permissions(string id)
{
var role = await _roleManager.FindByIdAsync(id);
if (role == null)
{
return(NotFound());
}
var claims = await _roleManager.GetClaimsAsync(role);
var groups = _permissionDefinitionManager.GetGroups();
var model = new PermissionsViewModel
{
Groups = groups.Select(p1 =>
{
var claim1 = new Claim(p1.Name, p1.Name);
return(new PermissionGroupViewModel
{
Name = p1.Name,
DisplayName = p1.DisplayName,
IsGranted = claims.Any(m => m.Type == claim1.Type && m.Value == claim1.Value),
Permissions = p1.Permissions.Select(p2 =>
{
var claim2 = new Claim(p1.Name, p2.Name);
return new PermissionGrantViewModel
{
Name = p2.Name,
DisplayName = p2.DisplayName,
IsGranted = claims.Any(m => m.Type == claim2.Type && m.Value == claim2.Value),
Children = p2.Children.Select(p3 =>
{
var claim3 = new Claim(p1.Name, p3.Name);
return new PermissionGrantViewModel
{
Name = p3.Name,
DisplayName = p3.DisplayName,
IsGranted = claims.Any(m => m.Type == claim3.Type && m.Value == claim3.Value),
};
}).ToList()
};
}).ToList()
});
}).ToList()
};
return(View(model));
}
public async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
{
var result = new GetPermissionListResultDto
{
Groups = new List <PermissionGroupDto>()
};
foreach (var group in _permissionDefinitionManager.GetGroups())
{
var groupDto = new PermissionGroupDto
{
Name = group.Name,
DisplayName = group.Name, //TODO: DisplayName
Permissions = new List <PermissionGrantInfoDto>()
};
foreach (var permission in group.GetPermissionsWithChildren())
{
var grantInfoDto = new PermissionGrantInfoDto
{
Name = permission.Name,
DisplayName = permission.Name, //TODO: Add DisplayName to permission definition
ParentName = permission.Parent?.Name,
Providers = new List <ProviderInfoDto>()
};
var grantInfo = await _permissionManager.GetAsync(permission.Name, providerName, providerKey);
grantInfoDto.IsGranted = grantInfo.IsGranted;
foreach (var provider in grantInfo.Providers)
{
grantInfoDto.Providers.Add(new ProviderInfoDto
{
ProviderName = provider.Name,
ProviderKey = provider.Key,
});
}
groupDto.Permissions.Add(grantInfoDto);
}
result.Groups.Add(groupDto);
}
return(result);
}
/// <summary>
/// 获取权限
/// </summary>
/// <param name="providerName"></param>
/// <param name="providerKey"></param>
/// <returns></returns>
public async Task <PermissionListResult> GetAsync(string providerName, string providerKey)
{
await CheckProviderPolicy(providerName);
var result = new PermissionListResult
{
//EntityDisplayName = providerKey,
//Groups = new List<PermissionGroupDto>()
};
//var multiTenancySide = CurrentTenant.GetMultiTenancySide();
foreach (var group in _permissionDefinitionManager.GetGroups())
{
var groupDto = new PermissionGroupDto
{
Name = group.Name,
DisplayName = group.DisplayName,
Permissions = new List <PermissionGrantInfoDto>()
};
foreach (var permission in group.GetPermissionsWithChildren())
{
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
continue;
}
//if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
//{
// continue;
//}
var grantInfo = await _permissionManager.GetAsync(permission.Name, providerName, providerKey);
var grantInfoDto = new PermissionGrantInfoDto
{
Name = permission.Name,
DisplayName = permission.DisplayName,
ParentName = permission.Parent?.Name,
AllowedProviders = permission.Providers,
IsGranted = grantInfo.IsGranted,
GrantedProviders = new List <ProviderInfoDto>(),
};
foreach (var provider in grantInfo.Providers)
{
grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
{
ProviderName = provider.Name,
ProviderKey = provider.Key,
});
}
groupDto.Permissions.Add(grantInfoDto);
}
if (groupDto.Permissions.Any())
{
//result.Groups.Add(groupDto);
}
}
return(result);
}
public void Should_Permission_Definition_GetGroup()
{
_permissionDefinitionManager.GetGroups().Count.ShouldBe(1);
}
public void GetGroups()
{
_permissionDefinitionManager.GetGroups().Count.ShouldBe(1);
_permissionDefinitionManager.GetGroups()[0].Name.ShouldBe("PermissionGroup_Test_1");
}
