/// <summary>
/// Checks if current user has privilegies to access the given resource
/// </summary>
/// <param name="resource">Resource name</param>
/// <param name="acl">ACL</param>
/// <param name="assign">Assig roles and resources to ACL</param>
public void checkACL(string resource, CMS_Acl acl, bool assign)
{
CMS_Login login = new CMS_Login();
if (assign)
{
using (ACLDataContext DataContext = new ACLDataContext())
{
var roles = DataContext.roles
.OrderBy(x=>x.parentid)
.Select(x=>new{RoleName = x.name, RoleID = x.id,RoleParentId = x.parentid, RoleParentName = x.role1.name}).ToList();
////var roles = from r in DataContext.roles
//// join r2 in DataContext.roles on r.parentid equals r2.id into joined
//// from a in joined.DefaultIfEmpty()
//// orderby r.parentid
//// select new { RoleName = r.name, RoleID = r.id, RoleParentId = r.parentid, RoleParentName = a.role1.name };
Dictionary<long?, CMS_Role> parentals = new Dictionary<long?, CMS_Role>();
foreach (var a in roles)
{
if (a.RoleParentId != null && parentals.ContainsKey(a.RoleParentId))
{
CMS_Role r = new CMS_Role(a.RoleName, parentals[a.RoleParentId]);
acl.addRole(r);
parentals.Add(a.RoleID, r);
}
else
{
CMS_Role r = new CMS_Role(a.RoleName);
acl.addRole(r);
parentals.Add(a.RoleID, r);
}
}
var resources = from res in DataContext.resources
select new { ResourceName = res.name, Action = res.action, Controller = res.controller };
foreach (var a in resources)
{
acl.addResource(new CMS_Resource(a.Controller + ":" + a.Action));
}
var rules = from r in DataContext.roles
join cr in DataContext.role_resources on r.id equals cr.rolesid
join res in DataContext.resources on cr.resourcesid equals res.id
orderby r.id
select new { Role = r.name, Controller = res.controller, Action = res.action };
if (rules.Count() > 0)
{
foreach (var a in rules)
{
acl.allow(a.Role, a.Controller + ":" + a.Action);
}
}
}
}
user user;
string role;
if (login.hasIdentity())
{
user = login.getIdentity();
role = this.roles().getById(user.rolesid).name;
}
else
{
user = null;
role = "guest";
}
if (!acl.isAllowed(role, resource))
{
if (!login.hasIdentity())
{
throw new Exception("You are not logged in! Log in and try again.");
}
else
{
//trigger error
throw new Exception("You are not allowed to view this datasource!"); //TODO
}
}
}
public bool CreateOrUpdate(CMS_RoleModels model, ref string Id, ref string msg)
{
NSLog.Logger.Info("RoleCreateOrUpdate", model);
var Result = true;
using (var cxt = new CMS_Context())
{
try
{
model.Name = model.Name.Trim();
if (string.IsNullOrEmpty(model.Id)) /* insert */
{
Id = Guid.NewGuid().ToString();
model.Id = Id;
var checkDup = cxt.CMS_Role.Where(o => o.Name.Trim() == model.Name.Trim()).FirstOrDefault();
if (checkDup == null)
{
var e = new CMS_Role
{
ID = Id,
StoreID = model.StoreID,
Name = model.Name,
IsActive = model.IsActive,
Status = (byte)Commons.EStatus.Actived,
CreatedDate = DateTime.Now,
CreatedUser = model.CreatedBy,
ModifiedUser = model.CreatedBy,
LastModified = DateTime.Now,
};
cxt.CMS_Role.Add(e);
}
else
{
msg = "Duplicate Name";
Result = false;
}
}
else /* updated */
{
var checkDupCode = cxt.CMS_Role.Where(o => o.Name.Trim() == model.Name.Trim() && o.ID != model.Id).FirstOrDefault();
if (checkDupCode == null)
{
var e = cxt.CMS_Role.Find(model.Id);
if (e != null)
{
e.Name = model.Name;
e.IsActive = model.IsActive;
e.Status = (byte)Commons.EStatus.Actived;
e.ModifiedUser = model.CreatedBy;
e.LastModified = DateTime.Now;
}
else
{
Result = false;
msg = "Unable to find role.";
}
}
else
{
msg = "Duplicate name";
Result = false;
}
}
if (cxt.SaveChanges() > 0 && Result == true)
{
/* insert list module permission */
CreateOrUpdatePermission(model);
}
NSLog.Logger.Info("ResponseRoleCreateOrUpdate", new { Result, msg });
}
catch (Exception ex)
{
Result = false;
msg = "System Error.";
NSLog.Logger.Error("ErrorRoleCreateOrUpdate", ex);
}
}
return(Result);
}
