public ActionResult AddPermissions(int id, int convention_id, UserRole role) { var us = new UserService((ClaimsIdentity)User.Identity, db); var user = us.GetUser(); if (user.isSuperAdmin || user.AppUserPermissions.Any(p => p.Convention.Id == convention_id && p.UserRole == UserRole.Admin)) { var permUser = db.AppUsers.Find(id); var con = db.Conventions.Find(convention_id); if (db.AppUserPermissions.Where(a => a.UserRole == role && a.AppUser.Id == id && a.Convention.Id == convention_id).ToList().Count == 0) { var perm = new AppUserPermission() { AppUser = permUser, Convention = con, UserRole = role }; db.AppUserPermissions.Add(perm); db.SaveChanges(); } } return(RedirectToAction("Details", new { id })); }
public ActionResult EditUserPermission(int id, EditAppUserPermissionViewModel model) { //Clave del resource using (var context = new AppSecurityContext()) { var actionRepository = new ActionRepository(context); var resourceRepository = new ResourceRepository(context); var permissionRepository = new PermissionRepository(context); var userPermissionRository = new UserPermissionRepository(context); try { var userPermision = userPermissionRository.GetAll().Where(x => x.Id == id).FirstOrDefault(); var actions = actionRepository.GetAll(); var resource = resourceRepository.Find(userPermision.Permission.ResourceKey); var permissions = userPermissionRository.GetAll() .Where(x => x.Permission.ResourceKey == resource.Key) .Where(x => x.UserId == userPermision.UserId); var actionKeys = permissions.Select(x => x.Permission.ActionKey).ToArray(); model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions); //Se eliminan los permisos anteriores foreach (var perm in permissions) { userPermissionRository.Delete(perm); } if (model.SelectedActions != null) { //Se agregan los nuevos var permissionForInsert = permissionRepository .GetAll() .Where(x => x.ResourceKey == resource.Key) .Where(x => model.SelectedActions.Contains(x.ActionKey)); foreach (var p in permissionForInsert) { var permission = new AppUserPermission(); permission.UserId = userPermision.UserId; permission.PermissionId = p.Id; userPermissionRository.Insert(permission); } model.SelectedActions = actionKeys; model.ResourceKey = resource.Key; model.ResourceName = resource.Name; } context.SaveChanges(); return(RedirectToAction("UserPermission", new { id = model.User.Id })); } catch (Exception ex) { ViewBag.Error = ex.Message; if (ex.InnerException != null) { ViewBag.Error += ex.InnerException.Message; } return(View(model)); } } }
public IHttpActionResult HasPermission(AppUserPermission permission) { var result = userService.HasPermission(permission); return(Ok(result)); }