protected virtual async Task <PermissionGrantCacheItem> GetCacheItemAsync(string name, string providerName, string providerKey)
{
var cacheKey = CalculateCacheKey(name, providerName, providerKey);
Logger.LogDebug($"PermissionStore.GetCacheItemAsync: {cacheKey}");
var cacheItem = await Cache.GetAsync(cacheKey);
if (cacheItem != null)
{
Logger.LogDebug($"Found in the cache: {cacheKey}");
return(cacheItem);
}
Logger.LogDebug($"Not found in the cache, getting from the repository: {cacheKey}");
cacheItem = new PermissionGrantCacheItem(
name,
(await PermissionGrantRepository.FindAsync(name, providerName, providerKey)) != null
);
Logger.LogDebug($"Setting the cache item: {cacheKey}");
await Cache.SetAsync(
cacheKey,
cacheItem
);
Logger.LogDebug($"Finished setting the cache item: {cacheKey}");
return(cacheItem);
}
public override async Task <PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName == Name)
{
return(new PermissionValueProviderGrantInfo(
await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null,
providerKey
));
}
if (providerName == "User")
{
var userId = Guid.Parse(providerKey);
var roleNames = await _identityUserRepository.GetRoleNamesAsync(userId);
foreach (var roleName in roleNames)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, roleName);
if (permissionGrant != null)
{
return(new PermissionValueProviderGrantInfo(true, roleName));
}
}
}
return(PermissionValueProviderGrantInfo.NonGranted);
}
public virtual async Task SeedAsync(
string providerName,
string providerKey,
Dictionary <string, string> permissions,
Guid?tenantId = null)
{
foreach (var permission in permissions)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(permission.Key, providerName, providerKey);
if (permissionGrant != null)
{
if (permissionGrant.ProviderScope == permission.Value)
{
continue;
}
permissionGrant.ProviderScope = permission.Value;
await PermissionGrantRepository.UpdateAsync(permissionGrant);
}
await PermissionGrantRepository.InsertAsync(
new PermissionGrant (
GuidGenerator.Create(),
permission.Key,
providerName,
permission.Value,
providerKey,
tenantId
)
);
}
}
public virtual async Task SeedAsync(
string providerName,
string providerKey,
IEnumerable <string> grantedPermissions,
Guid?tenantId = null)
{
using (CurrentTenant.Change(tenantId))
{
foreach (var permissionName in grantedPermissions)
{
if (await PermissionGrantRepository.FindAsync(permissionName, providerName, providerKey) != null)
{
continue;
}
await PermissionGrantRepository.InsertAsync(
new PermissionGrant(
GuidGenerator.Create(),
permissionName,
providerName,
providerKey,
tenantId
)
);
}
}
}
protected virtual async Task GrantAsync(string permissionName, string providerName, string providerScope, string providerKey)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(permissionName, providerName, providerKey);
if (permissionGrant != null)
{
if (permissionGrant.ProviderScope == providerScope)
{
return;
}
permissionGrant.ProviderScope = providerScope;
await PermissionGrantRepository.UpdateAsync(permissionGrant);
}
await PermissionGrantRepository.InsertAsync(
new PermissionGrant (
GuidGenerator.Create(),
permissionName,
providerName,
providerScope,
providerKey,
CurrentTenant.Id
)
);
}
public virtual async Task <PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName != Name)
{
return(PermissionValueProviderGrantInfo.NonGranted);
}
return(new PermissionValueProviderGrantInfo(await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null, providerKey));
}
/// <summary>
/// 撤销
/// </summary>
/// <param name="name"></param>
/// <param name="providerKey"></param>
/// <returns></returns>
protected virtual async Task RevokeAsync(string name, string providerKey)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, providerKey);
if (permissionGrant == null)
{
return;
}
await PermissionGrantRepository.DeleteAsync(permissionGrant);
}
/// <summary>
/// 授权
/// </summary>
/// <param name="name"></param>
/// <param name="providerKey"></param>
/// <returns></returns>
protected virtual async Task GrantAsync(string name, string providerKey)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, providerKey);
if (permissionGrant != null)
{
return;
}
await PermissionGrantRepository.InsertAsync(new PermissionGrant(IDUtils.NewId(), name, Name, providerKey, CurrentTenant.Id));
}
public override async Task <PermissionGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName == Name)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(name, providerName, providerKey);
return(new PermissionGrantInfo(
permissionGrant != null,
permissionGrant?.ProviderScope ?? nameof(PermissionScopeType.Prohibited),
providerKey
));
}
var permissionGrantResult = PermissionGrantInfo.NonGranted;
if (providerName == UserPermissionValueProvider.ProviderName)
{
var userId = Guid.Parse(providerKey);
var roles = await UserRoleFinder.GetRolesAsync(userId);
foreach (var role in roles)
{
var result = await PermissionGrantRepository.FindAsync(name, Name, role);
if (result == null)
{
continue;
}
// 以角色的最大权限为主
var permissionGrantScope = PermissionScopeType.Prohibited;
if (Enum.TryParse(permissionGrantResult.ProviderScope, out PermissionScopeType ps))
{
permissionGrantScope = ps;
}
var resultScope = PermissionScopeType.Prohibited;
if (Enum.TryParse(result.ProviderScope, out PermissionScopeType rs))
{
resultScope = rs;
}
if (resultScope > permissionGrantScope)
{
permissionGrantResult = new PermissionGrantInfo(true, result.ProviderScope, role);
}
}
}
return(permissionGrantResult);
}
public virtual async Task <PermissionGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName != Name)
{
return(PermissionGrantInfo.NonGranted);
}
var permissionGrant = await PermissionGrantRepository.FindAsync(name, providerName, providerKey);
return(new PermissionGrantInfo(
permissionGrant != null,
permissionGrant?.ProviderScope ?? nameof(PermissionScopeType.Prohibited),
providerKey
));
}
protected virtual async Task GrantAsync(string name, string providerKey)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, providerKey).ConfigureAwait(false);
if (permissionGrant != null)
{
return;
}
await PermissionGrantRepository.InsertAsync(
new PermissionGrant(
GuidGenerator.Create(),
name,
Name,
providerKey,
CurrentTenant.Id
)
).ConfigureAwait(false);
}
protected virtual async Task <PermissionGrantCacheItem> GetCacheItemAsync(string name, string providerName, string providerKey)
{
var cacheKey = CalculateCacheKey(name, providerName, providerKey);
var cacheItem = await Cache.GetAsync(cacheKey);
if (cacheItem != null)
{
return(cacheItem);
}
cacheItem = new PermissionGrantCacheItem(
name,
await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null
);
await Cache.SetAsync(
cacheKey,
cacheItem
);
return(cacheItem);
}
public async Task SeedAsync(
string providerName,
string providerKey,
IEnumerable <string> grantedPermissions,
Guid?tenantId = null)
{
foreach (var permissionName in grantedPermissions)
{
if (await PermissionGrantRepository.FindAsync(permissionName, providerName, providerKey) != null)
{
continue;
}
await PermissionGrantRepository.InsertAsync(
new PermissionGrant(
GuidGenerator.Create(),
permissionName,
providerName,
providerKey,
tenantId
)
).ConfigureAwait(false);
}
}
