Example #1
0
        /// <summary>
        /// Update permission from database
        /// </summary>
        /// <param name="userId"></param>
        /// <returns></returns>
        public virtual bool UpdatePermissionDetail(PermissionModel objPermissionModel, string roleList)
        {
            System.Collections.ObjectModel.Collection <DBParameters> parameters = new System.Collections.ObjectModel.Collection <DBParameters>();
            parameters.Add(new DBParameters()
            {
                Name = "@permission_uid", Value = objPermissionModel.permission_uid, DBType = DbType.AnsiString
            });
            parameters.Add(new DBParameters()
            {
                Name = "@permission_name", Value = objPermissionModel.permission_name, DBType = DbType.String
            });
            parameters.Add(new DBParameters()
            {
                Name = "@permission_description", Value = objPermissionModel.permission_description, DBType = DbType.String
            });
            parameters.Add(new DBParameters()
            {
                Name = "@page_name", Value = objPermissionModel.page_name, DBType = DbType.String
            });
            parameters.Add(new DBParameters()
            {
                Name = "@role_list", Value = roleList, DBType = DbType.String
            });
            parameters.Add(new DBParameters()
            {
                Name = "@updated_by", Value = 1, DBType = DbType.String
            });

            return(Convert.ToBoolean(this.ExecuteProcedure("[auth].[permission_update]", ExecuteType.ExecuteScalar, parameters)));
        }
Example #2
0
        private RoleMappingModel MapToModel(RoleMapping entity, string requestId = "")
        {
            // Perform mapping
            var model = RoleMappingModel.Empty;

            model.Id          = entity.Id ?? String.Empty;
            model.AdGroupName = entity.AdGroupName ?? String.Empty;
            model.Role        = new RoleModel
            {
                Id          = entity.Role.Id,
                DisplayName = entity.Role.DisplayName
            };
            model.Permissions = new List <PermissionModel>();
            foreach (var item in entity.Permissions)
            {
                var permissionmodel = new PermissionModel()
                {
                    Id   = item.Id,
                    Name = item.Name
                };
                model.Permissions.Add(permissionmodel);
            }

            return(model);
        }
        // POST: api/user
        public IHttpActionResult Post(HttpRequestMessage request, [FromBody] PermissionModel value)
        {
            if (_log.IsDebugEnabled)
            {
                _log.DebugFormat("Executing call in debug mode");
            }

            var headers = request.Headers;

            //Check the request object to see if they passed a userId
            if (headers.Contains("userid"))
            {
                var user = headers.GetValues("userid").First();
                _log.InfoFormat("Handling POST request from user: {0}", user);

                if (!ModelState.IsValid)
                {
                    return(BadRequest("Invalid data."));
                }
                try
                {
                    PermissionActions permissionActions = new PermissionActions();

                    permissionActions.Insert(value, user);
                    return(Ok());
                }
                catch (Exception e)
                {
                    _log.Error("An error occurred while adding Permission.", e);
                    return(InternalServerError(e));
                }
            }

            return(BadRequest("Header value <userid> not found."));
        }
Example #4
0
        private void RekursifSaveNodes(TreeNodeCollection nodes)
        {
            foreach (TreeNode node in nodes)
            {
                RolesModel      roles      = roles_coll.FirstOrDefault(r => r.rolename == RolesComboBoxEdit.Text);
                PermissionModel permission = permission_coll.FirstOrDefault(p => p.permission_name == node.Name);

                if (node.Checked == true)
                {
                    if (!userAkses.RolesHasPermission(roles, permission))
                    {
                        userAkses.AddPermissionToRole(roles, permission);
                    }
                }
                else
                {
                    if (userAkses.RolesHasPermission(roles, permission))
                    {
                        userAkses.RemovePermissionFromRole(roles, permission);
                    }
                }

                TreeNodeCollection ChildNodes = node.Nodes;
                if (ChildNodes != null)
                {
                    RekursifSaveNodes(ChildNodes);
                }
            }
        }
Example #5
0
        private void AddResourcePermissionToFunction(ApplicationFunctionModel applicationFuction, SecurityContractPermission permission)
        {
            logger.Debug($"Assinging permission {permission.Name} to function: {applicationFuction.Name}.");
            // Check if there is an existing permission within the database. Add this one if found, else create a new one and add it.
            var existingPermission = permissionRepository.GetByName(permission.Name);

            PermissionModel permissionToAdd = new PermissionModel
            {
                Name        = permission.Name,
                Description = permission.Description
            };

            if (existingPermission != null)
            {
                logger.Debug($"Permission {permission.Name} already exists within the database. Not adding it.");
                permissionToAdd = existingPermission;
            }
            else
            {
                logger.Debug($"Permission {permission.Name} does not exist in the database. Adding it.");
            }

            applicationFuction.ApplicationFunctionPermissions.Add(new ApplicationFunctionPermissionModel
            {
                ApplicationFunction = applicationFuction,
                Permission          = permissionToAdd
            });
        }
Example #6
0
        private void RefreshData()
        {
            PermissionListResponse permissionListResponse = LocalApi.Execute(new PermissionListRequest());

            if (permissionListResponse.Permissions == null)
            {
                return;
            }
            List <PermissionModel> permissionModelList = new List <PermissionModel>();

            //重新排序
            foreach (PermissionModel permissionModel in permissionListResponse.Permissions.Where(m => !m.ParentId.HasValue))
            {
                PermissionModel tm = permissionModel;
                permissionModelList.Add(tm);  //先显示根对象
                permissionModelList.AddRange(permissionListResponse.Permissions.Where(m =>
                {
                    int?parentId     = m.ParentId;
                    int permissionId = tm.PermissionId;
                    if (parentId.GetValueOrDefault() != permissionId)
                    {
                        return(false);
                    }
                    return(parentId.HasValue);
                }));  //再显示该根对象下的子对象
            }

            this.dataGrid.ItemsSource = permissionModelList;
        }
Example #7
0
        public async Task <ActionResult> Index(int id = 0, double scroll = 0)
        {
            try
            {
                var model = new PermissionModel
                {
                    ProfileId         = id,
                    ProfileDictionary = await _dictionaryAllService.GetProfileDictionaryAsync(),
                    Scroll            = scroll
                };

                if (id == 0)
                {
                    model.ScreenList = await _screenService.GetAllAsync();
                }
                else
                {
                    model.ProfileForScreenList = _permissionService.GetProfileForScreen(id);
                }

                return(View(model));
            }
            catch (Exception e)
            {
                ShowMessageDialog(MensagensResource.ErroCarregar, e);
                return(RedirectToAction("Index", "Home"));
            }
        }
Example #8
0
        public static IList <PermissionNode> BuildPermissionNodes(IList <PermissionModel> permissonModels)
        {
            List <PermissionNode> permissionNodeList = new List <PermissionNode>();

            foreach (PermissionModel permissionModel1 in permissonModels.Where <PermissionModel>((Func <PermissionModel, bool>)(m => !m.ParentId.HasValue)))
            {
                PermissionModel tm             = permissionModel1;
                PermissionNode  permissionNode = new PermissionNode();
                permissionNode.Code = tm.PermissionCode;
                permissionNode.Text = tm.PermissionName;
                foreach (PermissionModel permissionModel2 in permissonModels.Where <PermissionModel>((Func <PermissionModel, bool>)(m =>
                {
                    int?parentId = m.ParentId;
                    int permissionId = tm.PermissionId;
                    if (parentId.GetValueOrDefault() != permissionId)
                    {
                        return(false);
                    }
                    return(parentId.HasValue);
                })).ToList <PermissionModel>())
                {
                    permissionNode.Children.Add(new PermissionNode()
                    {
                        Code = permissionModel2.PermissionCode,
                        Text = permissionModel2.PermissionName
                    });
                }
                permissionNodeList.Add(permissionNode);
            }
            return((IList <PermissionNode>)permissionNodeList);
        }
Example #9
0
        public bool Can(String permission)
        {
            bool            returned   = false;
            PermissionModel Permission = permission_coll.FirstOrDefault(p => p.permission_name == permission);

            /**
             * Cek Permission via Role
             **/
            var UserRoles = user_roles_coll.Where(ur => ur.username.username == User.username);

            //if (!UserRoles.Any())
            //{
            //  MessageBox.Show("User belum memiliki roles, silahkan hubungi sistem administrator terlebih dahulu", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
            //  return false;
            //}

            foreach (UserHasRolesModel UserRole in UserRoles)
            {
                RolesModel Role = roles_coll.FirstOrDefault(r => r.rolename == UserRole.rolename.rolename);
                var        RoleHasPermission = role_permission_coll.Where(rp => rp.rolename.rolename == Role.rolename && rp.permission_name.permission_name == Permission.permission_name);
                if (RoleHasPermission.Count() > 0)
                {
                    returned = true;
                    break;
                }
            }

            return(returned);
        }
Example #10
0
 /// <summary>
 /// 为用户添加权限
 /// </summary>
 /// <param name="phone"></param>
 /// <param name="pwd"></param>
 private void AddPermission(string phone, string pwd, string smsContnet)
 {
     try
     {
         //password需要MD5
         string tranId = phone + DateTime.Now.ToString("yyMMddHHmmss");
         string auth   = Md5(string.Format("{0}*{1}*_Pay_weekly", phone, tranId));
         //string url = "http://www.cbnweek.com/v/user_permissions_api";
         string          url      = "http://www.cbnweek.com/v/user_permissionsTest_api";
         string          paramStr = string.Format("username={0}&password={1}&transaction_id={2}&auth={3}&time=3", phone, pwd, tranId, auth);
         string          result   = HttpHelper.HttpGet(url, paramStr);
         PermissionModel model    = (PermissionModel)JsonConvert.DeserializeObject(result, typeof(PermissionModel));
         if (model.Code == 200)
         {
             SendSMS(phone, smsContnet);
         }
         else
         {
             failCount++;
             log.Error(string.Format("手机号:{0} 创建新用户失败,原因:{1}", phone, model.Data));
         }
     }
     catch (Exception e)
     {
         failCount++;
         log.Error(string.Format("手机号:{0} 添加用户权限失败,原因:{1}", phone, e.Message));
     }
 }
Example #11
0
        public ActionResult PermissionEditor(string GroupID)
        {
            Gid = GroupID;
            PermissionModel permissionmodel = new PermissionModel();

            permissionmodel.MyPermissionAllow = new List <PagePermissionModel>();
            permissionmodel.MyPermissionDeny  = new List <PagePermissionModel>();
            try
            {
                var Pages = pagemanager.GetAllPagesForGroups(GroupID);
                foreach (Page p in Pages)
                {
                    PagePermissionModel model = new PagePermissionModel();
                    model.PageID   = p.PageID;
                    model.PageName = p.PageName;
                    model.Selected = false;
                    if (pagemanager.GetPagePermissionStatus(p.PageID, Gid))
                    {
                        permissionmodel.MyPermissionDeny.Add(model);
                    }
                    else
                    {
                        permissionmodel.MyPermissionAllow.Add(model);
                    }
                }

                return(PartialView("_PageList", permissionmodel));
            }

            catch (Exception e)
            {
                ViewBag.message = e.Message;
                return(View("Error"));
            }
        }
Example #12
0
        private void LoadAuthorisationPermissions(SafeUserModel userModel)
        {
            userModel.PermissionGroups = new ObservableCollection <PermissionGroupModel>();

            var userPermissions = userModel.User.UserPermissions.Select(x => x.Permission);

            foreach (var permissionGroup in PermissionGroups)
            {
                var premissionGroupModel = new PermissionGroupModel(permissionGroup);
                premissionGroupModel.Permissions = new ObservableCollection <PermissionModel>();

                foreach (Permission permission in permissionGroup.Permissions.OrderBy(x => x.Name))
                {
                    var permissionModel = new PermissionModel(permission)
                    {
                        IsChecked = userPermissions.Contains(permission)
                    };

                    permissionModel.PropertyChanged            += PermissionModelOnPropertyChanged;
                    permissionModel.Permission.PropertyChanged += OnPropertyChanged;
                    premissionGroupModel.Permissions.Add(permissionModel);
                }

                premissionGroupModel.IsChecked = premissionGroupModel.Permissions.Any() &&
                                                 premissionGroupModel.Permissions.All((x) => x.IsChecked);

                premissionGroupModel.PropertyChanged += PremissionGroupModelOnPropertyChanged;

                premissionGroupModel.PermissionGroup.PropertyChanged += OnPropertyChanged;

                userModel.PermissionGroups.Add(premissionGroupModel);
            }
        }
Example #13
0
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            var options    = context.HttpContext.RequestServices.GetService <IOptions <SystemOptions> >().Value;
            var descriptor = context.ActionDescriptor as ControllerActionDescriptor;

            if (descriptor == null)
            {
                return;
            }
            if (descriptor.ControllerTypeInfo.IsAssignableFrom(typeof(AnonymousController)))
            {
                return;
            }
            if (descriptor.MethodInfo.GetCustomAttribute <AnonymousAttribute>() != null)
            {
                return;
            }
            if (!context.HttpContext.User.Identity.IsAuthenticated)
            {
                OnUnAuthorization(context).GetAwaiter().GetResult();
            }
            var actionNoAttribute = descriptor.MethodInfo.GetCustomAttribute <ActionNoAttribute>(true);
            var moduleNoAttribute = descriptor.ControllerTypeInfo.GetCustomAttribute <ModuleNoAttribute>(true);
            var model             = new PermissionModel();

            model.SystemNo   = options.SystemNo;
            model.SystemName = options.SystemName;
            model.ModuleNo   = moduleNoAttribute?.ModuleNo ?? descriptor.ControllerName;
            model.ModuleName = moduleNoAttribute?.ModuleName ?? descriptor.ControllerName;
            model.ActionNo   = actionNoAttribute?.ActionNo ?? descriptor.ActionName;
            model.ActionName = actionNoAttribute?.ActionName ?? descriptor.ActionName;
            _logger          = context.HttpContext.RequestServices.GetService <ILoggerFactory>();
            Logger.LogInformation($"{"Action:\t" + model + "\t" + "Authorization Complete!"}");
        }
Example #14
0
        public ActionResult GetPermissionForGeneralProfile()
        {
            Guid userId = Guid.Empty;

            if (Session[SessionObjects.UserId] != null)
            {
                if (Session[SessionObjects.UserId].ToString() != Common.UserNameSystem)
                {
                    userId = (Guid)Session[SessionObjects.UserId];
                }
                else
                {
                    return(Json(new List <string>()));
                }
            }
            PermissionModel permission = new PermissionModel();   //do không truyền kiểu string lên được nên mượn model có guid để truyền lên api

            permission.UserID = userId;
            TempPermissionModel result = new TempPermissionModel();
            var service = new RestServiceClient <TempPermissionModel>(UserLogin);

            if (HttpContext.Cache[SessionObjects.Permission + userId] == null)
            {
                service.SetCookies(this.Request.Cookies, _hrm_Sys_Service);
                result = service.Put(_hrm_Sys_Service, "api/SysPermission/", permission);
                //lưu cache quyền của user
                HttpContext.Cache[SessionObjects.Permission + userId] = result;
            }
            else
            {
                result = (TempPermissionModel)HttpContext.Cache[SessionObjects.Permission + userId];
            }
            return(Json(result.Data));
        }
Example #15
0
        public List <PermissionModel> PermissionFY(int currentPage, int pageSize, out int rows)
        {
            var result4 = CreateContext().Permissions
                          .AsNoTracking()
                          .OrderBy(e => e.id);

            rows = result4.Count();                        //总行数
            var data = result4                             //.Where(e=>e)
                       .Skip((currentPage - 1) * pageSize) //忽略多少条数
                       .Take(pageSize)                     //取多少条数
                       .ToList();
            List <Permission>      list  = data.ToList();
            List <PermissionModel> list2 = new List <PermissionModel>();

            foreach (var p in list)
            {
                PermissionModel pp = new PermissionModel()
                {
                    id    = p.id,
                    state = p.state,
                    Pid   = p.Pid,
                    text  = p.text,
                    Url   = p.Url
                };
                list2.Add(pp);
            }
            return(list2);
        }
Example #16
0
        public async Task <IActionResult> permissionAsync()
        {
            PermissionModel model = new PermissionModel();

            model.loggedInUser = User.Identity.Name;
            var userList = await context.Users.ToListAsync();

            model.userList = userList;
            List <List <string> > userRoles = new List <List <string> >();

            //Big o what?
            foreach (var u in userList)
            {
                List <string> roles = new List <string>();
                //add list A to userroles
                foreach (var role in roleManager.Roles.ToList())
                {
                    if (await userManager.IsInRoleAsync(await userManager.FindByNameAsync(u.UserName), role.ToString()))
                    {
                        roles.Add(role.ToString());
                    }
                }
                userRoles.Add(roles);
            }
            model.rolesList = userRoles;
            return(View(model));
        }
        public List <PermissionModel> SortPermissionForTree(int parentId, string indexKey = "1")
        {
            var model = new List <PermissionModel>();

            foreach (var p in _permissionService.GetAllPermissionsByParentId(parentId))
            {
                var pm = new PermissionModel
                {
                    Id       = p.Id,
                    Name     = _permissionService.GetFormattedBreadCrumb(p),
                    ParentId = p.ParentId
                };
                if (parentId == 0)
                {
                    pm.IndexKey = p.Id.ToString();
                }
                else
                {
                    pm.IndexKey = indexKey + "_" + p.Id.ToString();
                }

                pm.ChildPermissions.AddRange(SortPermissionForTree(p.Id, pm.IndexKey));
                model.Add(pm);
            }
            return(model);
        }
        public ActionResult Create()
        {
            var model = new PermissionModel();

            PrepareAllPermissionsModel(model);
            return(View(model));
        }
            public override PermissionModel <ReportPermission> IsPermitted(int userId, Report report)
            {
                var permissionModel = PermissionModel <ReportPermission> .Create(ReportPermission.AddComment);

                if (report.Private)
                {
                    return(permissionModel.AppendPermission(() => userId == report.CreatorId));
                }

                return(report.Status switch
                {
                    (int)ReportStatusType.Awaiting => permissionModel
                    .AppendPermission(() => userId == report.CreatorId && report.ReportComments.Count + 1 <=
                                      ReportPermissionConstants.MaxCommentsWhenIsAwaiting)
                    .AppendPermission(() => userId == report.AssigneeId),
                    (int)ReportStatusType.Assigned => permissionModel
                    .AppendPermission(() => userId == report.CreatorId && report.ReportComments.Count + 1 <=
                                      ReportPermissionConstants.MaxCommentsWhenIsAwaiting)
                    .AppendPermission(() => userId == report.AssigneeId &&
                                      !report.ReportComments.Any(rc => rc.UserId == userId)),
                    (int)ReportStatusType.Opened => permissionModel
                    .AppendPermission(() => userId == report.CreatorId && report.ReportComments
                                      .TakeLast(ReportPermissionConstants.MaxCommentsInRow).Any(rc => rc.UserId != userId))
                    .AppendPermission(() => report.ReportSubscribers.Any(rs => rs.UserId == userId) && report
                                      .ReportComments
                                      .TakeLast(ReportPermissionConstants.MaxCommentsInRow).Any(rc => rc.UserId != userId))
                    .AppendPermission(() => userId == report.AssigneeId),
                    (int)ReportStatusType.Closed => permissionModel
                    .AppendPermission(() => userId == report.CreatorId),
                    _ => permissionModel
                });
Example #20
0
        public async Task <PermissionModel> UpdateAsync(PermissionModel permission)
        {
            a3SContext.Entry(permission).State = EntityState.Modified;
            await a3SContext.SaveChangesAsync();

            return(permission);
        }
Example #21
0
        public ActionResult AddPermission(PermissionModel permissionMdeol)
        {
            string state = HolidaysWebConst.HolidaysWebConst.SUCCESS;
            //验证传入的数据
            string msg = Validate.ValidateString(
                new CustomValidate()
            {
                FieldName = "权限名称", FieldValue = permissionMdeol.Name, MinLength = 1, MaxLength = 100, IsRequired = true
            },
                new CustomValidate()
            {
                FieldName = "权限描述", FieldValue = permissionMdeol.Description, MinLength = 1, MaxLength = 100, IsRequired = true
            }
                );

            if (msg == null)
            {
                Permission permission = new Permission()
                {
                    CreateTime  = DateTime.Now,
                    Description = permissionMdeol.Description,
                    Name        = permissionMdeol.Name,
                    Type        = permissionMdeol.Type,
                    ParentId    = 0
                };
                int addSuccess = OperateContext.Current.BLLSession.IPermissionBLL.Add(permission);
                if (addSuccess != 1)//添加失败
                {
                    state = HolidaysWebConst.HolidaysWebConst.FAIL;
                    msg   = "添加失败";
                }
            }
            return(OperateContext.Current.RedirectAjax(state, msg, null, null));
        }
Example #22
0
        public async Task <IActionResult> PostIndex(ResourceModel model)
        {
            PermissionModel result = await ProcessConsentAsync(model);

            if (result.IsRedirect)
            {
                if (await _clientStore.IsPkceClientAsync(result.ClientId))
                {
                    return(Redirect(result.RedirectUri));
                }

                return(Redirect(result.RedirectUri));
            }

            if (result.HasValidationError)
            {
                ModelState.AddModelError("", result.ValidationError);
            }

            if (result.ShowView)
            {
                return(View("Index", result.ViewModel));
            }

            return(View("Error"));
        }
Example #23
0
        public async Task <PermissionModel> CreateAsync(PermissionModel permission)
        {
            a3SContext.Permission.Add(permission);
            await a3SContext.SaveChangesAsync();

            return(permission);
        }
Example #24
0
        public static IEnumerable <PermissionModel> GetAllActionByAssembly()
        {
            var result = new List <PermissionModel>();

            // 获取命名空间下所有的类型
            var types = Assembly.Load("mvcIdentity").GetTypes();

            //取控制器
            foreach (var type in types)
            {
                if (type.BaseType == typeof(BaseController))//如果是 BaseController 的子类
                {
                    //反射控制器
                    var controller = new ReflectedControllerDescriptor(type);
                    //取控制器的Action,共有实例方法
                    var actions = controller.GetCanonicalActions();
                    //构建权限
                    foreach (var action in actions)
                    {
                        //创建权限
                        var ap = new PermissionModel()
                        {
                            Action     = action.ActionName,
                            Controller = controller.ControllerName,
                            //Params = FormatParams(action),
                            Description = GetDescription(action)
                        };
                        result.Add(ap);
                    }
                }
            }
            return(result);
        }
Example #25
0
        private PermissionModel CreatePermissionModel(AdminPermissionModel item, List <AdminPermissionModel> list, IdentityManager.RoleType roleType)
        {
            bool check    = false;
            bool disabled = false;
            bool visible  = true;

            if (list != null)
            {
                var t = list.FirstOrDefault(p => p.Id == item.Id);
                if (t != null || roleType == IdentityManager.RoleType.SuperAdmin)
                {
                    check = true;
                }
            }
            // Q101是后台管理人员必须要拥有的权限,所以添加一个后台管理人员,那么这个权限必须要有
            if (item.Id == "Q101")
            {
                check    = true;
                disabled = true;
                visible  = false;
            }
            var per = new PermissionModel()
            {
                Title    = item.Name,
                Value    = item.Id,
                Checked  = check,
                Disabled = disabled,
                Visible  = visible,
                Data     = new List <PermissionModel>()
            };

            return(per);
        }
Example #26
0
        public async Task TestConstructor_OnActionExecutingAsync_UserHasPermission()
        {
            var permissionModel = new PermissionModel
            {
                Id   = Permission.ViewProgram.Id,
                Name = Permission.ViewProgram.Value
            };
            var id   = 1;
            var user = GetTestUser();
            var foreignResourceCache = new ForeignResourceCache(0, 1, 0, null, null, null);

            userProvider.Setup(x => x.GetCurrentUser()).Returns(user);
            userProvider.Setup(x => x.IsUserValidAsync(It.IsAny <IWebApiUser>())).ReturnsAsync(true);
            resourceService.Setup(x => x.GetResourceTypeId(It.IsAny <string>())).Returns(1);
            resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
            permissionService.Setup(x => x.HasPermission(It.IsAny <int>(), It.IsAny <int?>(), It.IsAny <int>(), It.IsAny <List <IPermission> >())).Returns(true);
            permissionService.Setup(x => x.GetPermissionByNameAsync(It.IsAny <string>())).ReturnsAsync(permissionModel);

            var attribute     = new ResourceAuthorizeAttribute(permissionModel.Name, ResourceType.Program.Value, id);
            var actionContext = ContextUtil.CreateActionContext();

            actionContext.RequestContext.Principal = Thread.CurrentPrincipal;

            var cts = new CancellationTokenSource();
            await attribute.OnActionExecutingAsync(actionContext, cts.Token);

            Assert.AreEqual(AuthorizationResult.Allowed, attribute.GetAuthorizationResult());
        }
Example #27
0
        public async Task TestConstructor_OnActionExecutingAsync_UserIsNotValid()
        {
            var permissionModel = new PermissionModel
            {
                Id   = Permission.ViewProgram.Id,
                Name = Permission.ViewProgram.Value
            };
            var id   = 1;
            var user = GetTestUser();

            userProvider.Setup(x => x.GetCurrentUser()).Returns(user);
            userProvider.Setup(x => x.IsUserValidAsync(It.IsAny <IWebApiUser>())).ReturnsAsync(false);
            permissionService.Setup(x => x.HasPermission(It.IsAny <int>(), It.IsAny <int?>(), It.IsAny <int>(), It.IsAny <List <IPermission> >())).Returns(true);

            var attribute     = new ResourceAuthorizeAttribute(permissionModel.Name, ResourceType.Program.Value, id);
            var actionContext = ContextUtil.CreateActionContext();

            actionContext.RequestContext.Principal = Thread.CurrentPrincipal;

            var exceptionCaught = false;

            try
            {
                var cts = new CancellationTokenSource();
                await attribute.OnActionExecutingAsync(actionContext, cts.Token);
            }
            catch (HttpResponseException e)
            {
                exceptionCaught = true;
                Assert.AreEqual(HttpStatusCode.Forbidden, e.Response.StatusCode);
            }
            Assert.IsTrue(exceptionCaught);
            //make sure we do not fall into into checking permissions
            userProvider.Verify(x => x.GetPermissionsAsync(It.IsAny <IWebApiUser>()), Times.Never());
        }
        public ActionResult ThemMoiQuyen(PermissionModel perModel)
        {
            IPermissionService perService = new PermissionService();

            perService.AddNewPer(baseAddress, "permission/addnewper", perModel);
            return(RedirectToAction("GetAllRole", "Role"));
        }
Example #29
0
        public ActionResult Index(int page = 1)
        {
            var model = new PermissionModel();
            int count = 0;
            var expr  = BuildSearchCriteria();

            page = page > 0 ? page : 1;
            var filterResult = PermissionService.Permissions.GetListPage(expr, x => x.Code, false, out count, "", new Dictionary <string, string>(), page, 10, Request.Url.Query);

            if (filterResult.list.Count == 0 && page != 1)
            {
                return(Index());
            }

            int sortId = (page - 1) * 10 + 1;
            var result = filterResult.list.Select(t => new PermissionModel
            {
                SortId      = sortId++.ToString(),
                Id          = t._ID,
                Name        = t.Name,
                Code        = t.Code,
                Icon        = t.Icon,
                OrderSort   = t.OrderSort,
                Description = t.Description,
                Enabled     = t.Enabled
            }).ToList();

            ViewData["list"]  = result;
            ViewData["zebra"] = filterResult.ZebraString;
            return(View(model));
        }
Example #30
0
        public Response ChangeRights([FromBody] PermissionModel permissionModel)
        {
            Response reqResponse = new Response();

            if (permissionModel.username != "root")
            {
                reqResponse.SetResponse(401, "Not Authorized", "You are not authorized to change the rights of the selected permission!", null);
                goto Finish;
            }

            int userId = _userService.GetUser(permissionModel.username, permissionModel.password);

            if (userId == -1)
            {
                reqResponse.SetResponse(401, "Not Authorized", "Invalid credentials inserted!", null);
                goto Finish;
            }

            if (!_permissionService.ExistsPermission(permissionModel.permissionName))
            {
                reqResponse.SetResponse(500, "Not Existing", "Permission '" + permissionModel.permissionName + "' does not exist in the system.", null);
                goto Finish;
            }

            _permissionService.ChangeRights(permissionModel.permissionName, permissionModel.rights);
            reqResponse = new Response();

Finish:
            return(reqResponse);
        }
Example #31
0
        private void LoadAuthorisationPermissions(UserGroupModel groupModel)
        {
            groupModel.PermissionGroups = new ObservableCollection<PermissionGroupModel>();

            var groupPermissions = groupModel.UserGroup.UserGroupPermissions.Select(x => x.Permission);

            foreach (var permissionGroup in PermissionGroups)
            {
                var premissionGroupModel = new PermissionGroupModel(permissionGroup);
                premissionGroupModel.Permissions = new ObservableCollection<PermissionModel>();

                foreach (Permission permission in permissionGroup.Permissions)
                {
                    var permissionModel = new PermissionModel(permission)
                        {
                            IsChecked = groupPermissions.Contains(permission)
                        };

                    permissionModel.PropertyChanged += PermissionModelOnPropertyChanged;
                    permissionModel.Permission.PropertyChanged += OnPropertyChanged;

                    premissionGroupModel.Permissions.Add(permissionModel);
                }

                premissionGroupModel.IsChecked = premissionGroupModel.Permissions.Any() && premissionGroupModel.Permissions.All((x) => x.IsChecked);
                premissionGroupModel.PropertyChanged += PremissionGroupModelOnPropertyChanged;
                premissionGroupModel.PermissionGroup.PropertyChanged += PremissionGroupOnPropertyChanged;

                groupModel.PermissionGroups.Add(premissionGroupModel);
                groupModel.PropertyChanged += OnPropertyChanged;
                groupModel.UserGroup.PropertyChanged += OnPropertyChanged;
            }
        }
Example #32
0
        private void LoadUserPermissions(SafeUserModel userModel)
        {
            userModel.Permissions = new ObservableCollection<PermissionModel>();

            var userPermissions = userModel.User.UserPermissions.Select(x => x.Permission);

            foreach (var permission in Permissions)
            {
                var permissionModel = new PermissionModel(permission)
                {
                    IsChecked = userPermissions.Contains(permission)
                };

                permissionModel.PropertyChanged += PermissionModelOnPropertyChanged;
                permissionModel.Permission.PropertyChanged += OnPropertyChanged;
                userModel.Permissions.Add(permissionModel);
            }
        }
Example #33
0
        private void LoadAuthorisationPermissions(SafeUserModel userModel)
        {
            userModel.PermissionGroups = new ObservableCollection<PermissionGroupModel>();

            var userPermissions = userModel.User.UserPermissions.Select(x => x.Permission);

            foreach (var permissionGroup in PermissionGroups)
            {
                var premissionGroupModel = new PermissionGroupModel(permissionGroup);
                premissionGroupModel.Permissions = new ObservableCollection<PermissionModel>();

                foreach (Permission permission in permissionGroup.Permissions.OrderBy(x => x.Name))
                {
                    var permissionModel = new PermissionModel(permission)
                    {
                        IsChecked = userPermissions.Contains(permission)
                    };

                    permissionModel.PropertyChanged += PermissionModelOnPropertyChanged;
                    permissionModel.Permission.PropertyChanged += OnPropertyChanged;
                    premissionGroupModel.Permissions.Add(permissionModel);
                }

                premissionGroupModel.IsChecked = premissionGroupModel.Permissions.Any() &&
                                                 premissionGroupModel.Permissions.All((x) => x.IsChecked);

                premissionGroupModel.PropertyChanged += PremissionGroupModelOnPropertyChanged;

                premissionGroupModel.PermissionGroup.PropertyChanged += OnPropertyChanged;

                userModel.PermissionGroups.Add(premissionGroupModel);
            }
        }
Example #34
0
        private void LoadPermissions(UserGroupModel groupModel)
        {
            groupModel.Permissions = new ObservableCollection<PermissionModel>();

            var groupPermissions = groupModel.UserGroup.UserGroupPermissions.Select(x => x.Permission);
            foreach (Permission permission in Permissions)
            {
                var permissionModel = new PermissionModel(permission)
                    {
                        IsChecked = groupPermissions.Contains(permission)
                    };

                permissionModel.PropertyChanged += PermissionModelOnPropertyChanged;
                permissionModel.Permission.PropertyChanged += OnPropertyChanged;

                groupModel.Permissions.Add(permissionModel);

                groupModel.PropertyChanged += OnPropertyChanged;
                groupModel.UserGroup.PropertyChanged += OnPropertyChanged;
            }
        }