Example #1
0
        public async Task SetAsync(string permissionName, string providerName, string providerKey, bool isGranted)
        {
            var permission = PermissionDefinitionManager.Get(permissionName);

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                //TODO: BusinessException
                throw new ApplicationException($"The permission named '{permission.Name}' has not compatible with the provider named '{providerName}'");
            }

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                //TODO: BusinessException
                throw new ApplicationException($"The permission named '{permission.Name}' has multitenancy side '{permission.MultiTenancySide}' which is not compatible with the current multitenancy side '{CurrentTenant.GetMultiTenancySide()}'");
            }

            var currentGrantInfo = await GetInternalAsync(permission, providerName, providerKey);

            if (currentGrantInfo.IsGranted == isGranted)
            {
                return;
            }

            var provider = ManagementProviders.FirstOrDefault(m => m.Name == providerName);

            if (provider == null)
            {
                //TODO: BusinessException
                throw new AbpException("Unknown permission management provider: " + providerName);
            }

            await provider.SetAsync(permissionName, providerKey, isGranted);
        }
Example #2
0
        public virtual async Task SetAsync(string permissionName, string providerName, string providerScope, string providerKey)
        {
            var permission = PermissionDefinitionManager.Get(permissionName);

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                throw new RocketException($"The permission named '{permission.Name}' has not compatible with the provider named '{providerName}'");
            }

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                throw new RocketException($"The permission named '{permission.Name}' has multitenancy side '{permission.MultiTenancySide}' which is not compatible with the current multitenancy side '{CurrentTenant.GetMultiTenancySide()}'");
            }

            var currentGrantInfo = await GetInternalAsync(permission, providerName, providerKey);

            if (currentGrantInfo.Scope == providerScope)
            {
                return;
            }

            var provider = Providers.FirstOrDefault(m => m.Name == providerName);

            if (provider == null)
            {
                throw new RocketException("Unknown permission management provider: " + providerName);
            }

            await provider.SetAsync(permissionName, providerKey, providerScope);
        }
        public async Task Global_PermissionState_Test()
        {
            var myPermission2 = PermissionDefinitionManager.Get("MyPermission2");

            (await PermissionStateManager.IsEnabledAsync(myPermission2)).ShouldBeFalse();

            using (CurrentPrincipalAccessor.Change(new Claim(AbpClaimTypes.Role, "admin")))
            {
                (await PermissionStateManager.IsEnabledAsync(myPermission2)).ShouldBeTrue();
            }
        }
        public async Task PermissionState_Test()
        {
            var myPermission1 = PermissionDefinitionManager.Get("MyPermission1");

            myPermission1.StateProviders.ShouldContain(x => x.GetType() == typeof(TestRequireEditionPermissionStateProvider));

            (await PermissionStateManager.IsEnabledAsync(myPermission1)).ShouldBeFalse();

            using (CurrentPrincipalAccessor.Change(new Claim(AbpClaimTypes.EditionId, Guid.NewGuid().ToString())))
            {
                (await PermissionStateManager.IsEnabledAsync(myPermission1)).ShouldBeTrue();
            }
        }
Example #5
0
    public virtual async Task <bool> IsGrantedAsync(
        ClaimsPrincipal claimsPrincipal,
        string name)
    {
        Check.NotNull(name, nameof(name));

        var permission = PermissionDefinitionManager.Get(name);

        if (!permission.IsEnabled)
        {
            return(false);
        }

        if (!await StateCheckerManager.IsEnabledAsync(permission))
        {
            return(false);
        }

        var multiTenancySide = claimsPrincipal?.GetMultiTenancySide()
                               ?? CurrentTenant.GetMultiTenancySide();

        if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
        {
            return(false);
        }

        var isGranted = false;
        var context   = new PermissionValueCheckContext(permission, claimsPrincipal);

        foreach (var provider in PermissionValueProviderManager.ValueProviders)
        {
            if (context.Permission.Providers.Any() &&
                !context.Permission.Providers.Contains(provider.Name))
            {
                continue;
            }

            var result = await provider.CheckAsync(context);

            if (result == PermissionGrantResult.Granted)
            {
                isGranted = true;
            }
            else if (result == PermissionGrantResult.Prohibited)
            {
                return(false);
            }
        }

        return(isGranted);
    }
Example #6
0
    /// <summary>
    /// 检查权限
    /// </summary>
    /// <param name="claimsPrincipal"></param>
    /// <param name="name"></param>
    /// <returns></returns>
    public virtual async Task <PermissionGrantInfo> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string name)
    {
        if (name is null)
        {
            throw new ArgumentNullException(nameof(name));
        }

        var context = new PermissionValueCheckContext(PermissionDefinitionManager.Get(name), claimsPrincipal);

        foreach (var provider in ValueProviders)
        {
            if (context.Permission.Providers.Any() && !context.Permission.Providers.Contains(provider.Name))
            {
                continue;
            }

            var result = await provider.CheckAsync(context);

            //if (result == PermissionGrantResult.Granted)
            //    return new PermissionGrantInfo(context.Permission.Name, true, provider.Name, result.ProviderKey);
        }

        return(new PermissionGrantInfo(context.Permission.Name, false));
    }
Example #7
0
 public virtual async Task <PermissionWithGrantedProviders> GetAsync(string permissionName, string providerName, string providerKey)
 {
     return(await GetInternalAsync(PermissionDefinitionManager.Get(permissionName), providerName, providerKey));
 }
Example #8
0
        public virtual async Task <MultiplePermissionWithGrantedProviders> GetAsync(string[] permissionNames, string providerName, string providerKey)
        {
            var permissionDefinitions = permissionNames.Select(x => PermissionDefinitionManager.Get(x)).ToArray();

            return(await GetInternalAsync(permissionDefinitions, providerName, providerKey));
        }
Example #9
0
 public async Task <PermissionWithGrantedProviders> GetAsync(string permissionName, string providerName, string providerKey)
 {
     return(await GetInternalAsync(PermissionDefinitionManager.Get(permissionName), providerName, providerKey).ConfigureAwait(false));
 }
Example #10
0
    public async Task <MultiplePermissionGrantResult> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string[] names)
    {
        Check.NotNull(names, nameof(names));

        var multiTenancySide = claimsPrincipal?.GetMultiTenancySide() ?? CurrentTenant.GetMultiTenancySide();

        var result = new MultiplePermissionGrantResult();

        if (!names.Any())
        {
            return(result);
        }

        var permissionDefinitions = new List <PermissionDefinition>();

        foreach (var name in names)
        {
            var permission = PermissionDefinitionManager.Get(name);

            result.Result.Add(name, PermissionGrantResult.Undefined);

            if (permission.IsEnabled &&
                await StateCheckerManager.IsEnabledAsync(permission) &&
                permission.MultiTenancySide.HasFlag(multiTenancySide))
            {
                permissionDefinitions.Add(permission);
            }
        }

        foreach (var provider in PermissionValueProviderManager.ValueProviders)
        {
            var permissions = permissionDefinitions
                              .Where(x => !x.Providers.Any() || x.Providers.Contains(provider.Name))
                              .ToList();

            if (permissions.IsNullOrEmpty())
            {
                break;
            }

            var context = new PermissionValuesCheckContext(
                permissions,
                claimsPrincipal);

            var multipleResult = await provider.CheckAsync(context);

            foreach (var grantResult in multipleResult.Result.Where(grantResult =>
                                                                    result.Result.ContainsKey(grantResult.Key) &&
                                                                    result.Result[grantResult.Key] == PermissionGrantResult.Undefined &&
                                                                    grantResult.Value != PermissionGrantResult.Undefined))
            {
                result.Result[grantResult.Key] = grantResult.Value;
                permissionDefinitions.RemoveAll(x => x.Name == grantResult.Key);
            }

            if (result.AllGranted || result.AllProhibited)
            {
                break;
            }
        }

        return(result);
    }