/// <summary> /// Read all grants: to have a global view of permissions granting: for a role or a user, what kind of permission is granted, for every scope (extension). /// </summary> /// <returns></returns> public static GrantViewModel ReadAll(RoleManager <IdentityRole <string> > roleManager_, IStorage storage_, Dictionary <string, string> roleNameByRoleId_) { GrantViewModel model = new GrantViewModel(); // 1. Get all scopes from available extensions, create initial dictionaries foreach (IExtensionMetadata extensionMetadata in ExtensionManager.GetInstances <IExtensionMetadata>()) { model.PermissionsByRoleAndScope.Add(extensionMetadata.GetScope(), new Dictionary <string, List <Common.Enums.Permission> >()); } // 2. Read data from RolePermission table // Names of roles that have permissions attributed HashSet <string> rolesWithPerms = new HashSet <string>(); // Read role/permission/extension settings List <RolePermission> allRp = storage_.GetRepository <IRolePermissionRepository>().All(); foreach (RolePermission rp in allRp) { if (!model.PermissionsByRoleAndScope.ContainsKey(rp.Scope)) { // A database record related to a not loaded extension (scope). Ignore this. continue; } string roleName = roleNameByRoleId_.ContainsKey(rp.RoleId) ? roleNameByRoleId_[rp.RoleId] : null; if (!model.PermissionsByRoleAndScope[rp.Scope].ContainsKey(roleName)) { model.PermissionsByRoleAndScope[rp.Scope].Add(roleName, new List <Common.Enums.Permission>()); } // Format the list of Permission enum values according to DB enum value model.PermissionsByRoleAndScope[rp.Scope][roleName] = PermissionHelper.GetLowerOrEqual(PermissionHelper.FromId(rp.PermissionId)); rolesWithPerms.Add(roleName); } // 3. Also read roles for which no permissions were set IList <string> roleNames = roleManager_.Roles.Select(r_ => r_.Name).ToList(); foreach (string role in roleNames) { if (rolesWithPerms.Contains(role)) { continue; } foreach (string scope in model.PermissionsByRoleAndScope.Keys) { model.PermissionsByRoleAndScope[scope].Add(role, new List <Common.Enums.Permission>()); } } return(model); }
/// <summary> /// Every permission with its scope, linked to user and user's roles. /// </summary> /// <param name="userId_"></param> /// <returns>List of key/value : permission and scope</returns> public HashSet <KeyValuePair <Common.Enums.Permission, string> > AllForUser(string userId_) { IEnumerable <KeyValuePair <Common.Enums.Permission, string> > permissionsOfRoles = from p in storageContext.Set <Permission>() join rp in storageContext.Set <RolePermission>() on p.Id equals rp.PermissionId join r in storageContext.Set <IdentityRole <string> >() on rp.RoleId equals r.Id join ur in storageContext.Set <IdentityUserRole <string> >() on r.Id equals ur.RoleId where ur.UserId == userId_ select new KeyValuePair <Common.Enums.Permission, string>(PermissionHelper.FromId(p.Id), rp.Scope); IEnumerable <KeyValuePair <Common.Enums.Permission, string> > permissionsOfUser = from p in storageContext.Set <Permission>() join up in storageContext.Set <UserPermission>() on p.Id equals up.PermissionId where up.UserId == userId_ select new KeyValuePair <Common.Enums.Permission, string>(PermissionHelper.FromId(p.Id), up.Scope); HashSet <KeyValuePair <Common.Enums.Permission, string> > allPermissions = new HashSet <KeyValuePair <Common.Enums.Permission, string> >(); foreach (KeyValuePair <Common.Enums.Permission, string> p in permissionsOfRoles) { allPermissions.Add(p); } foreach (KeyValuePair <Common.Enums.Permission, string> p in permissionsOfUser) { allPermissions.Add(p); } return(allPermissions); }