public void AddPermission(PermissionRecord permission, string[] rolesToMap)
{
Guard.ArgumentNotNull(() => permission);
Guard.ArgumentNotNull(() => rolesToMap);
if (permission.SystemName.IsEmpty())
return;
var permissionRecord = _permissionRecords.FirstOrDefault(x => x.SystemName == permission.SystemName);
if (permissionRecord == null)
{
_permissionRecords.Add(permission);
_ctx.SaveChanges();
}
permissionRecord = _permissionRecords.FirstOrDefault(x => x.SystemName == permission.SystemName);
foreach (var roleName in rolesToMap)
{
var role = _customerRoles.FirstOrDefault(x => x.SystemName == roleName);
if (role != null && !role.PermissionRecords.Any(x => x.SystemName == permission.SystemName))
{
role.PermissionRecords.Add(permissionRecord);
}
}
_ctx.SaveChanges();
}
/// <summary>
/// Authorize permission
/// </summary>
/// <param name="permission">Permission record</param>
/// <param name="customer">Customer</param>
/// <returns>true - authorized; otherwise, false</returns>
public virtual bool Authorize(PermissionRecord permission, Customer customer)
{
if (permission == null)
return false;
if (customer == null)
return false;
//old implementation of Authorize method
//var customerRoles = customer.CustomerRoles.Where(cr => cr.Active);
//foreach (var role in customerRoles)
// foreach (var permission1 in role.PermissionRecords)
// if (permission1.SystemName.Equals(permission.SystemName, StringComparison.InvariantCultureIgnoreCase))
// return true;
//return false;
return Authorize(permission.SystemName, customer);
}
/// <summary>
/// Updates the permission
/// </summary>
/// <param name="permission">Permission</param>
public virtual void UpdatePermissionRecord(PermissionRecord permission)
{
if (permission == null)
throw new ArgumentNullException("permission");
_permissionRecordRepository.Update(permission);
_cacheManager.RemoveByPattern(PERMISSIONS_PATTERN_KEY);
}
/// <summary>
/// Authorize permission
/// </summary>
/// <param name="permission">Permission record</param>
/// <returns>true - authorized; otherwise, false</returns>
public virtual bool Authorize(PermissionRecord permission)
{
return Authorize(permission, _workContext.CurrentCustomer);
}
/// <summary>
/// Install permissions
/// </summary>
/// <param name="permissionProvider">Permission provider</param>
public virtual void InstallPermissions(IPermissionProvider permissionProvider)
{
using (var scope = new DbContextScope(_permissionRecordRepository.Context, autoDetectChanges: false, autoCommit: false))
{
//install new permissions
var permissions = permissionProvider.GetPermissions();
foreach (var permission in permissions)
{
var permission1 = GetPermissionRecordBySystemName(permission.SystemName);
if (permission1 == null)
{
//new permission (install it)
permission1 = new PermissionRecord()
{
Name = permission.Name,
SystemName = permission.SystemName,
Category = permission.Category,
};
// default customer role mappings
var defaultPermissions = permissionProvider.GetDefaultPermissions();
foreach (var defaultPermission in defaultPermissions)
{
var customerRole = _customerService.GetCustomerRoleBySystemName(defaultPermission.CustomerRoleSystemName);
if (customerRole == null)
{
//new role (save it)
customerRole = new CustomerRole()
{
Name = defaultPermission.CustomerRoleSystemName,
Active = true,
SystemName = defaultPermission.CustomerRoleSystemName
};
_customerService.InsertCustomerRole(customerRole);
}
var defaultMappingProvided = (from p in defaultPermission.PermissionRecords
where p.SystemName == permission1.SystemName
select p).Any();
var mappingExists = (from p in customerRole.PermissionRecords
where p.SystemName == permission1.SystemName
select p).Any();
if (defaultMappingProvided && !mappingExists)
{
permission1.CustomerRoles.Add(customerRole);
}
}
//save new permission
InsertPermissionRecord(permission1);
}
}
scope.Commit();
}
}
