protected override void CheckUpdatePermission() { if (!PermissionChecker.IsGranted(false, PermissionNames.Pages_Shoemaker_Step1, PermissionNames.Pages_Shoemaker_Step2)) { throw new AbpAuthorizationException(); } }
public override async Task <RoleDto> Update(RoleDto input) { bool roleInfos = PermissionChecker.IsGranted(PermissionNames.Pages_UserInfos_Update); if (!roleInfos) { throw new AbpAuthorizationException("没有权限!"); } CheckUpdatePermission(); var role = await _roleManager.GetRoleByIdAsync(input.Id); ObjectMapper.Map(input, role); CheckErrors(await _roleManager.UpdateAsync(role)); var grantedPermissions = PermissionManager .GetAllPermissions() .Where(p => input.Permissions.Contains(p.Name)) .ToList(); await _roleManager.SetGrantedPermissionsAsync(role, grantedPermissions); return(MapToEntityDto(role)); }
public async Task <JsonResult> AuthenticateLogin([FromBody] AuthenticateModel model) {//AuthenticateResultModel //IList<object> DgDict = new List<object>(); var loginResult = await GetLoginResultAsync( model.UserNameOrEmailAddress, model.Password, GetTenancyNameOrNull() ); SortedDictionary <string, object> DgDict = new SortedDictionary <string, object>(); bool canAssignInspectionToOther = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); //如果任务已经分配且未分配给自己,且不具有分配任务权限,则抛出异常 //if (input.AssignedPersonId.Value != AbpSession.GetUserId() && !canAssignInspectionToOther) //{ // throw new AbpAuthorizationException("没有分配任务给他人的权限!"); //} var UserId = AbpSession.GetUserId(); DgDict.Add("UserId", UserId); if (!canAssignInspectionToOther) { DgDict.Add("canAssignInspectionToOther", "没有Pages_Inspection"); } else { DgDict.Add("canAssignInspectionToOther", "拥有Pages_Inspection"); } return(Json(DgDict)); }
public void UpdateTask(UpdateTaskInput input) { Logger.Info("Updating a task for input:" + input); //获取当前用户 var currentUser = AsyncHelper.RunSync(this.GetCurrentUserAsync); //判断用户是否有权限 bool canAssignTaskToOther = PermissionChecker.IsGranted(PermissionNames.Pages_Tasks_AssignPerson); //如果任务已经分配且未分配给自己,且不具有分配任务权限,则抛出异常 if (input.AssignedPersonId.HasValue && input.AssignedPersonId.Value != currentUser.Id && !canAssignTaskToOther) { throw new AbpAuthorizationException("没有分配任务给他人的权限"); } var task = Mapper.Map <MyTask>(input);//taskRespository.Get(input.Id); taskRespository.Update(task); //if (input.State.HasValue) //{ // task.State = input.State.Value; //} //此处不用做保存操作 //因为应用程序服务方法是“工作单位”范围作为默认值 //ABP在“工作单元”范围结束时(没有任何例外)自动保存所有更改 }
public PagedResultDto <BillInfoBusinessDto> GetPagedBusiness(SearchBillInfoInput input) //业务清单 { var Has = PermissionChecker.IsGranted(PermissionNames.Pages_Staff_Merchandiser); //判断是否业务员 var HasI = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); //判断是有权限 var task = _BillInfoRepository.GetAll().OrderByDescending(t => t.Id) .Where(t => t.IsCandidate == false) .WhereIf(input.BillNo.HasValue, t => t.BillNo == input.BillNo) .WhereIf(!input.CompanyAbbreviation.IsNullOrEmpty(), t => t.CompanyAbbreviation.Contains(input.CompanyAbbreviation)) .WhereIf(!input.ReceivingCity.IsNullOrEmpty(), t => t.ReceivingCity == input.ReceivingCity) .WhereIf(input.CreationTimeS.HasValue, t => t.CreationTime >= input.CreationTimeS) .WhereIf(input.CreationTimeE.HasValue, t => t.CreationTime <= input.CreationTimeE) .WhereIf(!input.ExpressNo.IsNullOrEmpty(), t => t.ExpressNo == input.ExpressNo) .WhereIf(!HasI, t => t.BillStateID < 2) .OrderByDescending(t => t.CreationTime) .ToList(); var taskcount = task.Count; //数据总量 var tasklist = task.Skip((input.PageIndex - 1) * input.PageSize).Take(input.PageSize).ToList(); //获取目标页数据 var result = new PagedResultDto <BillInfoBusinessDto>(taskcount, tasklist.MapTo <List <BillInfoBusinessDto> >()); return(result); }
/// <summary> /// 非管理员只能看自己提出的申请 /// </summary> /// <param name="input"></param> /// <returns></returns> public PagedResultDto <SearchInspectionDto> GetAllInspectionBySelf(SearchInspectionInput input) { var HasI = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); //判断是有权限 var query = _Inspectionrepository.GetAll() //.WhereIf(input.BillNo.HasValue, t => t.BillNo == input.BillNo) .WhereIf(!input.Action_Search.IsNullOrEmpty(), t => t.Action == input.Action_Search) .WhereIf(!input.SourceType.IsNullOrEmpty(), t => t.SourceType == input.SourceType) .WhereIf(input.StartDate.HasValue, t => t.StartDate >= input.StartDate) .WhereIf(input.EndDate.HasValue, t => t.EndDate <= input.EndDate) .WhereIf(!HasI, t => t.CreatorUserId == input.ProposerID) .OrderByDescending(t => t.CreationTime); if (!string.IsNullOrEmpty(input.Sorting))//排序字段是否有值 { query = query.OrderBy(t => t.Sorting); } else { query = query.OrderByDescending(t => t.CreationTime); } var task = query.ToList(); var taskcount = task.Count; //数据总量 var tasklist = task.Skip((input.PageIndex - 1) * input.PageSize).Take(input.PageSize).ToList(); //获取目标页数据 var result = new PagedResultDto <SearchInspectionDto>(taskcount, tasklist.MapTo <List <SearchInspectionDto> >()); return(result); //throw new NotImplementedException(); }
protected override IQueryable <User> CreateFilteredQuery(PagedUserResultRequestDto input) { var userId = _abpSession.UserId.GetValueOrDefault(); var query = Repository.GetAllIncluding(x => x.Roles); var permissionOrderSeeAll = PermissionChecker.IsGranted(PermissionNames.Order_See_All); //validation for see all orders if (!permissionOrderSeeAll) { var listSubSalesRep = _subSalesRepRepository.GetAll()//validation for sub salesRep .Where(t => t.SalesRepId == userId).Select(t => t.SubSalesRepr.Id).ToList(); if (listSubSalesRep.Count() >= 1) { query = query.Where(x => listSubSalesRep.Contains(x.Id)); } else { query = query.Where(x => x.Id == 0); } } if (!input.Keyword.IsNullOrWhiteSpace()) { query = query.Where(x => x.UserName.Contains(input.Keyword) || x.Name.Contains(input.Keyword) || x.EmailAddress.Contains(input.Keyword)); } if (input.IsActive.HasValue) { query = query.Where(x => x.IsActive == input.IsActive); } return(query); }
public PagedResultDto <SearchCustomerInfoDto> GetPagedCustomerInfos(SearchCustomerInfoInput input) { //public string MerchandiserName { get; set; } // public long MerchandiserId { get; set; } bool isa; bool canAssignInspectionToOther = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); if (!canAssignInspectionToOther) { isa = PermissionChecker.IsGranted(PermissionNames.Pages_Staff_Merchandiser); } //条件过滤 var query = _CustomerinfoRepository.GetAll().Where(t => t.IsCandidate == false) .WhereIf(!input.InvoiceType.IsNullOrEmpty(), t => t.InvoiceType == input.InvoiceType) .WhereIf(!input.CompanyName.IsNullOrEmpty(), t => t.CompanyName == input.CompanyName) .WhereIf(!input.CompanyAbbreviation.IsNullOrEmpty(), t => t.CompanyName.Contains(input.CompanyAbbreviation)) .OrderByDescending(t => t.CustomerID); //获取数据总数 var tasksCount = query.Count(); //默认的分页方式 source.Skip(pageIndex * pageSize).Take(pageSize).ToList(); var taskList = query.Skip((input.pageIndex - 1) * input.pageSize).Take(input.pageSize).ToList(); return(new PagedResultDto <SearchCustomerInfoDto>(tasksCount, taskList.MapTo <List <SearchCustomerInfoDto> >())); }
protected override IQueryable <Lead> InnerRetrieveAllFilter(IQueryable <Lead> query) { #warning What the shit? I have commented this cuz it looks like stub - should be commited. //return query; bool result = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllLead) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanRetrieveLead); bool resultOwn = Session.UserId.HasValue && (PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllOwn) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanRetrieveOwnLead)); //TODO: optimize via Excel if (!result && resultOwn) { query = query.Where(r => r.Site.UserId == Session.UserId.Value); } if (!result && !resultOwn) { query = query.Where(r => false); } return(query); }
private void ValidateUserDelegation(CookieValidatePrincipalContext context) { if (!_userDelegationConfiguration.IsEnabled) { return; } var impersonatorTenant = context.Principal.Claims.FirstOrDefault(c => c.Type == AbpClaimTypes.ImpersonatorTenantId); var user = context.Principal.Claims.FirstOrDefault(c => c.Type == AbpClaimTypes.UserId); var impersonatorUser = context.Principal.Claims.FirstOrDefault(c => c.Type == AbpClaimTypes.ImpersonatorUserId); if (impersonatorUser == null || user == null) { return; } var impersonatorTenantId = impersonatorTenant == null ? null : impersonatorTenant.Value.IsNullOrEmpty() ? (int?)null : Convert.ToInt32(impersonatorTenant.Value); var sourceUserId = Convert.ToInt64(user.Value); var targetUserId = Convert.ToInt64(impersonatorUser.Value); if (_permissionChecker.IsGranted(new UserIdentifier(impersonatorTenantId, targetUserId), AppPermissions.Pages_Administration_Users_Impersonation)) { return; } var hasActiveDelegation = _userDelegationManager.HasActiveDelegation(sourceUserId, targetUserId); if (!hasActiveDelegation) { throw new UserFriendlyException("ThereIsNoActiveUserDelegationBetweenYourUserAndCurrentUser"); } }
public void Auth() { if (PermissionChecker.IsGranted("")) { } PermissionChecker.Authorize(""); }
public SupplierAppService(IRepository <supplier, Int32> Repo) : base(Repo) { //SetPermissionNames(); if (!PermissionChecker.IsGranted("Pages.Suppliers")) { throw new AbpAuthorizationException("You are not authorized to do this!"); } }
private void CheckPermission() { bool canAssignTaskToOther = PermissionChecker.IsGranted(PermissionNames.Pages_Exam_Questions); if (!canAssignTaskToOther) { throw new AbpAuthorizationException("没有权限"); } }
public IQueryable <Site> ImportVehiclesAllFilter(IQueryable <Site> query) { query = (PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanImportVehicles)) ? query : (PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllOwn) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanImportOwnVehicles)) && Session.UserId.HasValue ? query.Where(r => r.UserId == Session.UserId.Value) : query.Where(r => false); return(query); }
/// <summary> /// 个人消息数量接口 /// </summary> /// <param name="userId"></param> /// <returns></returns> public int GetCount(long userId) { var HasI = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); //判断是有权限 var task = _Inspectionrepository.GetAll() .WhereIf(!HasI, t => t.CreatorUserId == userId) .Count(); return(task); }
protected override IQueryable <Invitation> InnerRetrieveAllFilter(IQueryable <Invitation> query) { bool result = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllInvitation) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanRetrieveInvitation); query = result ? query : query.Where(r => false); return(query); }
protected override IQueryable <Role> InnerRetrieveAllFilter(IQueryable <Role> query) { bool canGetAccessToManyEntities = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllRole) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanRetrieveRole); query = canGetAccessToManyEntities ? query : query.Where(r => false); return(query); }
public BillInfoDto GetMissionById(long taskId) { var HasI = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); //判断是有权限 var task = _BillInfoRepository.FirstOrDefault(t => t.Id == taskId); if (HasI == true) //有审核权限则直接查看所有 { return(Mapper.Map <BillInfoDto>(task)); } else { if (task.BillStateID < 2) { return(Mapper.Map <BillInfoDto>(task)); } else //若货单状态为已签收,则发起查看申请到审核表 { //若状态为已签收,且已经发起申请,且申请通过,则可以直接查看 var tasks = _Inspectionrepository.GetAll() .Where(t => t.IsCandidate == true && t.InspectionState == 1 && taskId == t.SourceNo).ToList(); if (tasks.Count > 0) { return(Mapper.Map <BillInfoDto>(task)); } else { #region MyRegion InspectionDto inspectionDto = new InspectionDto { Id = null, Inspection_No = Snowflake.Instance().GetId(), SourceType = "货票", SourceNo = task.Id, StartDate = DateTime.UtcNow, DestinationNO = task.Id, Version = 1, ProposerName = "", ProposerID = 11, //AbpSession.GetUserId(), Title = "货票 查看", IsCandidate = true, InspectionState = 0, InspectionName = null, Action = "查看", InspectionMemo = "", EndDate = null, Quality_level = 1 }; var inspection = Mapper.Map <Inspection>(inspectionDto); _Inspectionrepository.Insert(inspection); #endregion return(null); } } } }
public PartialViewResult SideMenu(string currentPageName = "") { var isGrantedPermission = PermissionChecker.IsGranted(AbpSession.ToUserIdentifier(), UserPermissions.User); var model = new SideMenuViewModel { MainMenu = AsyncHelper.RunSync(() => _userNavigationManager.GetMenuAsync("Mpa", AbpSession.ToUserIdentifier())), CurrentPageName = currentPageName }; return(PartialView("_SideMenu", model)); }
public async Task RemoveUser(EntityDto <long> input) { if (!PermissionChecker.IsGranted("Management.User.RemoveUser")) { throw new AbpAuthorizationException("You are not authorized to remove this user."); } var user = await UserManager.FindByIdAsync(input.Id); await _userRepository.DeleteAsync(user); }
/// <summary> /// User 页面加载 /// </summary> /// <returns></returns> public ActionResult Index() { if (!PermissionChecker.IsGranted(UserPermissions.User)) { throw new AbpAuthorizationException("You are not authorized to create user!"); } var output = _userAppService.GetUsers(); return(View(output)); }
protected override IQueryable <WidgetEvent> InnerRetrieveAllFilter(IQueryable <WidgetEvent> query) { bool result = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllWidgetEvent); if (!result) { query = query.Where(r => false);; } return(query); }
protected override bool CanDelete(Role entity, bool throwEntityPolicyException) { bool result = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllRole) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanDeleteRole); if (!result && throwEntityPolicyException) { throw new EntityPolicyException(); } return(result); }
protected override bool CanUpdate(WidgetEvent entity, bool throwEntityPolicyException) { bool result = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllWidgetEvent); if (!result && throwEntityPolicyException) { throw new EntityPolicyException(); } return(result); }
public string DeleteMission_admin(long taskId) { var HasI = PermissionChecker.IsGranted(PermissionNames.Pages_Inspection); //判断是否有审核权限 var task = _BillInfoRepository.FirstOrDefault(t => t.Id == taskId && t.IsCandidate == false); if (HasI) { try { var result = Mapper.Map <BillInfo>(task); if (task != null) { _BillInfoRepository.Delete(result); return("删除成功"); } else { return("资料不存在"); } } catch { return("删除失败"); } } else { #region 审核信息新建 InspectionDto inspectionDto = new InspectionDto { Id = null, Inspection_No = Snowflake.Instance().GetId(), SourceType = "货票", SourceNo = task.Id, StartDate = DateTime.UtcNow, DestinationNO = task.Id, Version = 1, ProposerName = "", ProposerID = AbpSession.GetUserId(), Title = "货票 删除", IsCandidate = true, InspectionState = 0, InspectionName = null, Action = "删除", InspectionMemo = "", EndDate = null, Quality_level = 1 }; var inspection = Mapper.Map <Inspection>(inspectionDto); _Inspectionrepository.Insert(inspection); #endregion return("已提出删除申请"); } }
/// <summary> /// 获取所有用户 /// </summary> /// <returns></returns> public ListResultDto <UserListDto> GetUsers() { if (!PermissionChecker.IsGranted(UserPermissions.User)) { throw new AbpAuthorizationException("You are not authorized to create user!"); } var users = _userRepository.GetAll(); return(new ListResultDto <UserListDto>( users.MapTo <List <UserListDto> >() )); }
public ActionResult Index() { if (PermissionChecker.IsGranted(PermissionNames.ViewAdminDashboard)) { return(RedirectToAction("Index", "AdminHome")); } if (PermissionChecker.IsGranted(PermissionNames.ViewAccountHolderDashboard)) { return(RedirectToAction("Index", "AccountHolderHome")); } return(View()); }
protected override async Task <User> GetEntityByIdAsync(long id) { bool UserInfos = PermissionChecker.IsGranted(PermissionNames.Pages_UserInfos); //如果当前人员没有权限,则抛出异常 if (!UserInfos) { throw new AbpAuthorizationException("没有权限!"); } var user = Repository.GetAllIncluding(x => x.Roles).FirstOrDefault(x => x.Id == id); return(await Task.FromResult(user)); }
public ActionResult Index() { if (!PermissionChecker.IsGranted(UserPermissions.User)) { throw new AbpAuthorizationException("You are not authorized to create user!"); } var model = new GetUserInput { FilterText = Request.QueryString["filterText"] }; return(View(model)); }
protected override bool CanCreate(Invitation entity, bool throwEntityPolicyException) { bool result = PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllAll) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanAllInvitation) || PermissionChecker.IsGranted(QuantumLogicPermissionNames.CanCreateInvitation); if (!result && throwEntityPolicyException) { throw new EntityPolicyException(); } return(result); }