public async Task <ActionResponse> EditRole(int roleId, int[] accessRightsIds, int[] deniedRightsIds, int[] functionIds)
{
try
{
accessRightsIds = accessRightsIds ?? new int[0];
deniedRightsIds = deniedRightsIds ?? new int[0];
if (accessRightsIds.Intersect(deniedRightsIds).Any())
{
return(new ActionResponse
{
Status = ActionStatus.Warning,
Message = "Accessed and denied must not have same Rights"
});
}
await _securityContext.EditRoleFunctions(roleId, functionIds);
await _securityContext.EditRoleRights(roleId, accessRightsIds, deniedRightsIds);
return(new ActionResponse
{
Status = ActionStatus.Success
});
}
catch (SecurityDbException e)
{
return(new ActionResponse
{
Status = ActionStatus.Warning,
Message = PrettyExceptionHelper.GetMessage(e)
});
}
catch (Exception e)
{
Console.WriteLine(e);
return(new ActionResponse
{
Status = ActionStatus.Error,
Message = "Something went wrong!"
});
}
}
public async Task Setup()
{
_data = DataExtensions.GetISecurityData();
var id1 = await _data.AddRights(new[]
{
"1",
"2",
"3"
});
var fi = await _data.AddFeature("1fi");
var fi2 = await _data.AddFeature("2fi");
var fi3 = await _data.AddFeature("3fi");
Assert.IsTrue(await _data.EditFeatureRights(fi, new[] { 1, 2 }));
Assert.IsTrue(await _data.EditFeatureRights(fi2, new[] { 1, 2 }));
Assert.IsTrue(await _data.EditFeatureRights(fi3, new[] { 3 }));
var fu1 = await _data.AddFunction("1fu", fi);
var fu2 = await _data.AddFunction("2fu", fi2);
var fu3 = await _data.AddFunction("3fu", fi3);
Assert.IsTrue(await _data.EditFunctionRights(fu1, new[] { 1, 2 }));
Assert.IsTrue(await _data.EditFunctionRights(fu2, new[] { 1, 2 }));
Assert.IsTrue(await _data.EditFunctionRights(fu3, new[] { 3 }));
var r1 = await _data.AddRole("r1");
var r2 = await _data.AddRole("r2");
var r3 = await _data.AddRole("r3");
Assert.IsTrue(await _data.EditRoleFunctions(1, new [] { 1 }));
Assert.IsTrue(await _data.EditRoleFunctions(2, new [] { 2 }));
Assert.IsTrue(await _data.EditRoleRights(1, new [] { 1 }, new [] { 2 }));
Assert.IsTrue(await _data.EditRoleRights(2, new [] { 2 }, new [] { 1 }));
Assert.IsTrue(await _data.EditRoleRights(3, new [] { 3 }, new int [0]));
Assert.IsTrue(await _data.AddUser(new UserInfoDb()
{
UserId = "1",
UserLogin = "******",
FirstName = "FirstName",
LastName = "LastName",
MiddleName = "MiddleName"
}, new UserRightsDb()
{
Roles = new List <RoleDb>()
{
new RoleDb()
{
Name = "r1"
}
},
AccessFunctions = new List <AccessFunctionDb>()
{
new AccessFunctionDb()
{
Name = "2fu"
},
new AccessFunctionDb()
{
Name = "3fu"
}
},
AccessRights = new List <AccessRightDb>()
{
new AccessRightDb()
{
Name = "1"
}
},
DeniedRights = new List <AccessRightDb>()
{
new AccessRightDb()
{
Name = "3"
}
}
}));
}
public static async void CreateDefault(DefaultRulesAll rules, ISecurityData securityData)
{
if (rules == null)
{
return;
}
var rights = rules.Roles.Where(l => l.AccessRights != null).SelectMany(l => l.AccessRights)
.Union(rules.Features.Where(l => l.AvailableAccessRights != null).SelectMany(l => l.AvailableAccessRights))
.Union(rules.AccessRights ?? new List <AccessRightDb>())
.Select(l => l.Name)
.Distinct()
.ToArray();
var rightsResult = (await securityData.AddRights(rights)).ToDictionary(l => l.Name, k => k.Id);
var featureResult = new Dictionary <string, int>();
foreach (var feature in rules.Features)
{
featureResult.Add(feature.Name, await securityData.AddFeature(feature.Name));
if (feature.AvailableAccessRights != null)
{
await securityData.EditFeatureRights(featureResult[feature.Name],
feature.AvailableAccessRights.Select(l => rightsResult[l.Name]).ToArray());
}
}
var functionResult = new Dictionary <string, int>();
foreach (var function in rules.Functions)
{
functionResult.Add(function.Name, await securityData.AddFunction(function.Name, featureResult[function.FeatureName]));
if (function.AccessRights != null)
{
await securityData.EditFunctionRights(functionResult[function.Name],
function.AccessRights.Select(l => rightsResult[l.Name]).ToArray());
}
}
foreach (var function in rules.Roles.Where(l => l.AccessFunctions != null)
.SelectMany(l => l.AccessFunctions).Where(l => !functionResult.ContainsKey(l.Name)))
{
functionResult.Add(function.Name,
await securityData.AddFunction(function.Name, featureResult[function.FeatureName]));
if (function.AccessRights != null)
{
await securityData.EditFunctionRights(functionResult[function.Name],
function.AccessRights.Select(l => rightsResult[l.Name]).ToArray());
}
}
var roleResult = new Dictionary <string, int>();
foreach (var role in rules.Roles)
{
roleResult.Add(role.Name, await securityData.AddRole(role.Name));
if (role.AccessFunctions != null)
{
await securityData.EditRoleFunctions(roleResult[role.Name],
role.AccessFunctions.Select(l => functionResult[l.Name]).ToArray());
}
if (role.AccessRights != null || role.DeniedRights != null)
{
await securityData.EditRoleRights(roleResult[role.Name],
role.AccessRights?.Select(l => rightsResult[l.Name]).ToArray(),
role.DeniedRights?.Select(l => rightsResult[l.Name]).ToArray());
}
}
}