/// <summary>
/// 申请App实例Id
/// 置换token
/// 获取远程配置
/// </summary>
private static void InitApp()
{
//获取AppId
var config = AppSeed.GetAppLocalConfig();
if (config.ActionResult)
{
if (config.Data.IsRemoteConfigRoot)//远程配置服务不执行App验证和实例获取
{
AppSeed.Instance.InitConfig();
return;
}
int appId = config.Data.AppID;
int appInstanceId = config.Data.AppInstanceID;
var urlParamater = new Dictionary <string, string>();
String response = null;
urlParamater.Add("t", config.Data.SecurityToken);
String strAppService = JsonHelper.Serlaize <List <AppService> >(GetAppService(appId));
urlParamater.Add("appservice", strAppService);
urlParamater.Add("appinstanceid", appInstanceId.ToString());
response = HttpHelper.Transaction(ConfigHelper.Instance.GetComponentConfig().AppAuthServiceUrl, urlParamater);
TransactionResult <AppAuthReponse> trAppService = JsonHelper.DeserializeSafe <TransactionResult <AppAuthReponse> >(response);
if (trAppService.Code == 0)
{
if (appInstanceId == 0)
{
appInstanceId = trAppService.Data.AppInstanceId;
AppSeed.SetAppInstanceId(appInstanceId);
}
config.Data.SecurityToken = trAppService.Data.AppInstanceToken;//将APP的Token置换为实例Token,但是不保存至文件中
AppSeed.Instance.InitConfig();
//初始化授权数据
SecurityRoot.Init(appId);
//启动心跳
Heart.Isntance.Start(config.Data.SecurityToken, appInstanceId, appId);
}
else
{
throw new Exception(trAppService.Message);
}
}
}
/// <summary>
/// Sets default permissions
/// </summary>
/// <param name="root">Security root</param>
public override void SetRootPermissions(SecurityRoot root)
{
if (root.Permissions != null || root.Permissions.Count > 0)
{
root.Permissions.Clear();
}
var appRoles = Config.Get <SecurityConfig>().ApplicationRoles;
var everyoneRoleId = appRoles[SecurityConstants.AppRoles.Everyone].Id;
var authorsRoleId = appRoles[SecurityConstants.AppRoles.Authors].Id;
var editorsRoleId = appRoles[SecurityConstants.AppRoles.Editors].Id;
// Products
var permissionsforEveryoneToViewProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, everyoneRoleId);
permissionsforEveryoneToViewProducts.GrantActions(false, ProductsConstants.Security.View);
root.Permissions.Add(permissionsforEveryoneToViewProducts);
var permissionsForOwnersToModifyAndDeleteProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, SecurityManager.OwnerRole.Id);
permissionsForOwnersToModifyAndDeleteProducts.GrantActions(false, ProductsConstants.Security.Modify, ProductsConstants.Security.Delete);
root.Permissions.Add(permissionsForOwnersToModifyAndDeleteProducts);
var editorsPermissionsForProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, editorsRoleId);
editorsPermissionsForProducts.GrantActions(
false,
ProductsConstants.Security.Create,
ProductsConstants.Security.Modify,
ProductsConstants.Security.Delete,
ProductsConstants.Security.ChangeOwner);
root.Permissions.Add(editorsPermissionsForProducts);
var authorsPermissionsForProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, authorsRoleId);
authorsPermissionsForProducts.GrantActions(false, ProductsConstants.Security.Create);
root.Permissions.Add(authorsPermissionsForProducts);
}
/// <summary>
/// Sets default permissions
/// </summary>
/// <param name="root">Security root</param>
public override void SetRootPermissions(SecurityRoot root)
{
if (root.Permissions != null || root.Permissions.Count > 0)
{
root.Permissions.Clear();
}
var appRoles = Config.Get<SecurityConfig>().ApplicationRoles;
var everyoneRoleId = appRoles[SecurityConstants.AppRoles.Everyone].Id;
var authorsRoleId = appRoles[SecurityConstants.AppRoles.Authors].Id;
var editorsRoleId = appRoles[SecurityConstants.AppRoles.Editors].Id;
// Products
var permissionsforEveryoneToViewProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, everyoneRoleId);
permissionsforEveryoneToViewProducts.GrantActions(false, ProductsConstants.Security.View);
root.Permissions.Add(permissionsforEveryoneToViewProducts);
var permissionsForOwnersToModifyAndDeleteProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, SecurityManager.OwnerRole.Id);
permissionsForOwnersToModifyAndDeleteProducts.GrantActions(false, ProductsConstants.Security.Modify, ProductsConstants.Security.Delete);
root.Permissions.Add(permissionsForOwnersToModifyAndDeleteProducts);
var editorsPermissionsForProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, editorsRoleId);
editorsPermissionsForProducts.GrantActions(
false,
ProductsConstants.Security.Create,
ProductsConstants.Security.Modify,
ProductsConstants.Security.Delete,
ProductsConstants.Security.ChangeOwner);
root.Permissions.Add(editorsPermissionsForProducts);
var authorsPermissionsForProducts = this.CreatePermission(ProductsConstants.Security.PermissionSetName, root.Id, authorsRoleId);
authorsPermissionsForProducts.GrantActions(false, ProductsConstants.Security.Create);
root.Permissions.Add(authorsPermissionsForProducts);
}