/// <summary> /// 移动管理单元 /// </summary> /// <param name="unit">将被移动的管理单元</param> /// <param name="newParent">一个表示目标单元的<see cref="AdminUnit"/> ,或者为null,表示作为顶级管理单元</param> public void MoveAdminUnit(AdminUnit unit, AdminUnit newParent) { unit.NullCheck("unit"); var parent = GetUnitParent(unit, false); if (parent is AUSchema) { CheckAUSchemaPermission((AUSchema)parent); } else { CheckUnitPermission(AUOperationType.AddAdminUnit, "DeleteSubUnit", (AdminUnit)parent); } if (newParent != null) { CheckUnitPermission(AUOperationType.AddAdminUnit, "AddSubUnit", newParent); } else { CheckAUSchemaPermission(unit.GetUnitSchema()); } MoveAUExecutor executor = new MoveAUExecutor(AUOperationType.MoveAdminUnit, unit, newParent) { NeedStatusCheck = this.NeedValidationAndStatusCheck }; ExecuteWithActions(AUOperationType.MoveAdminUnit, () => SCActionContext.Current.DoActions(() => { executor.Execute(); })); }
private void CheckUnitPermission(AUOperationType opType, string permissionName, AdminUnit unit) { unit.NullCheck("unit"); if (unit.Status != SchemaObjectStatus.Normal) { throw new AUStatusCheckException(unit, opType); } if (this._NeedCheckPermissions) { if (unit == null || unit.Status != SchemaObjectStatus.Normal) { throw new ArgumentException(string.Format("不存在参数 unit 指定的管理单元", "unit")); } if (DeluxePrincipal.Current.HasPermissions(permissionName, new string[] { unit.ID }) == false) { //如果没有权限,检查是否超级管理员或者拥有架构权限 if (AUPermissionHelper.IsSupervisor(DeluxePrincipal.Current) == false) { var schema = unit.GetUnitSchema(); if (string.IsNullOrEmpty(schema.MasterRole) || DeluxePrincipal.Current.IsInRole(schema.MasterRole) == false) { throw CreateAclException(opType, unit.Schema, permissionName); } } } } }
public AURoleMemberExecutor(AUOperationType opType, AUSchemaRole role, AdminUnit unit, SCUser[] users) : base(opType) { role.NullCheck("role"); users.NullCheck("users"); unit.NullCheck("unit"); this.schemaRole = role; this.users = users; this.unit = unit; }
public AdminUnitExecutor(AUOperationType opType, AdminUnit parent, AdminUnit child) : base(opType, child) { child.NullCheck("child"); child.ClearRelativeData(); if (parent != null) parent.ClearRelativeData(); if (!(opType != AUOperationType.AddAdminUnit | opType != AUOperationType.RemoveAdminUnit)) throw new ApplicationException("此Executor不支持" + opType + "操作"); this.inputParent = parent; if (this.OperationType == AUOperationType.AddAdminUnit) this.aclContainer = PrepareAclContainer(parent, child); }
public AdminUnitExecutor(AUOperationType opType, AdminUnit parent, AdminUnit child) : base(opType, child) { child.NullCheck("child"); child.ClearRelativeData(); if (parent != null) { parent.ClearRelativeData(); } if (!(opType != AUOperationType.AddAdminUnit | opType != AUOperationType.RemoveAdminUnit)) { throw new ApplicationException("此Executor不支持" + opType + "操作"); } this.inputParent = parent; if (this.OperationType == AUOperationType.AddAdminUnit) { this.aclContainer = PrepareAclContainer(parent, child); } }
/// <summary> /// 移动管理单元 /// </summary> /// <param name="unit">将被移动的管理单元</param> /// <param name="newParent">一个表示目标单元的<see cref="AdminUnit"/> ,或者为null,表示作为顶级管理单元</param> public void MoveAdminUnit(AdminUnit unit, AdminUnit newParent) { unit.NullCheck("unit"); var parent = GetUnitParent(unit, false); if (parent is AUSchema) CheckAUSchemaPermission((AUSchema)parent); else CheckUnitPermission(AUOperationType.AddAdminUnit, "DeleteSubUnit", (AdminUnit)parent); if (newParent != null) CheckUnitPermission(AUOperationType.AddAdminUnit, "AddSubUnit", newParent); else CheckAUSchemaPermission(unit.GetUnitSchema()); MoveAUExecutor executor = new MoveAUExecutor(AUOperationType.MoveAdminUnit, unit, newParent) { NeedStatusCheck = this.NeedValidationAndStatusCheck }; ExecuteWithActions(AUOperationType.MoveAdminUnit, () => SCActionContext.Current.DoActions(() => { executor.Execute(); })); }
private void CheckUnitPermission(AUOperationType opType, string permissionName, AdminUnit unit) { unit.NullCheck("unit"); if (unit.Status != SchemaObjectStatus.Normal) throw new AUStatusCheckException(unit, opType); if (this._NeedCheckPermissions) { if (unit == null || unit.Status != SchemaObjectStatus.Normal) throw new ArgumentException(string.Format("不存在参数 unit 指定的管理单元", "unit")); if (DeluxePrincipal.Current.HasPermissions(permissionName, new string[] { unit.ID }) == false) { //如果没有权限,检查是否超级管理员或者拥有架构权限 if (AUPermissionHelper.IsSupervisor(DeluxePrincipal.Current) == false) { var schema = unit.GetUnitSchema(); if (string.IsNullOrEmpty(schema.MasterRole) || DeluxePrincipal.Current.IsInRole(schema.MasterRole) == false) throw CreateAclException(opType, unit.Schema, permissionName); } } } }