// Moves this object left and all objects to its right left, until one of them
// can't move without breaking the diagram.
// Returns amount actually moved, which may be less than amount asked for.
public override float PullLeft(float amount)
{
if (RightObject != null)
{
if (RightObject is MiniTreeGroup)
{
// Groups are stretchy so we can ignore if they get stuck (and hence reduce 'amount')
RightObject.PullLeft(amount);
}
else
{
amount = RightObject.PullLeft(amount);
}
}
if (amount <= 0f)
{
// Nothing to do
return(amount);
}
// Individuals are free to move unless anchored by an attached group.
fX -= amount;
return(amount);
}
// Moves this object right and all objects to its right right, until one of them
// can't move without breaking the diagram.
// Returns amount actually moved, which may be less than amount asked for.
public override float PushRight(float amount)
{
if (RightObject != null)
{
amount = RightObject.PushRight(amount);
}
else if (RightObjectAlien != null)
{
if (RightObjectAlien is MiniTreeIndividual)
{
// Push right until hit alien object
float distance = ((MiniTreeIndividual)RightObjectAlien).Left - Right;
if (distance < amount)
{
amount = distance;
}
}
}
if (amount <= 0f)
{
// Nothing to do
return(amount);
}
fX += amount; // Individuals are free to move unless anchored by a group attached
return(amount);
}
public void AddPermission(RightObject obj, Operation operation)
{
Permission p = new Permission();
p.ObjectId = obj.ObjectId;
p.OperationId = operation.OperationId;
p.Name = "" + obj.Name + "." + operation.OperationCode;
_db.Save(p);
}
public void AddObject(RightObject r)
{
var checkResult = _db.ExecuteScalar <int>("Select count(*) from Right_Object where name='" + r.Name + "'");
if (checkResult > 1)
{
throw new Exception("含有相同名称的资源!");
}
_db.Update(r);
}
public void SaveObject(RightObject r)
{
var checkSql = "Select count(*) from Right_Object where name='" + r.Name + "'";
if (!_db.IsNew(r))
{
checkSql += " and ObjectId != " + r.ObjectId;
}
if (_db.ExecuteScalar <int>(checkSql) > 1)
{
throw new Exception("含有相同名称的资源!");
}
_db.Save(r);
}
public bool HaveRight(string badge, string resource, string operationCode)
{
User u = GetUserByBadge(badge);
if (u == null)
{
return(false);
}
List <Role> r = GetRoleByUser(u);
if (r == null)
{
return(false);
}
List <Permission> permission = new List <Permission>();
foreach (Role rItem in r)
{
var oneRolePermission = GetPermissionByRole(rItem.RoleId);
permission.AddRange(oneRolePermission);
}
RightObject obj = GetRightObject(resource);
Operation operation = GetOperation(operationCode);
if (obj == null)
{
return(false);
}
if (operation == null)
{
return(false);
}
var havePermission = permission.Where(a => a.ObjectId == obj.ObjectId).Where(b => b.OperationId == operation.OperationId);
if (havePermission != null && havePermission.Count() > 0)
{
return(true);
}
return(false);
}
public JsonResult GetRightObjectById(int id)
{
string msg = string.Empty;
bool state = true;
var rst = new RightObject();
try
{
rst = ars.GetRightObject(id);
}
catch (Exception e)
{
state = false;
msg = e.Message;
}
return(new JsonResult {
Data = new { State = state, Msg = msg, Data = rst }, JsonRequestBehavior = JsonRequestBehavior.AllowGet
});
}
public JsonResult SaveRightObject(string json)
{
string msg = string.Empty;
bool state = true;
try
{
RightObject ro = Newtonsoft.Json.JsonConvert.DeserializeObject <RightObject>(json);
ars.SaveObject(ro);
}
catch (Exception e)
{
state = false;
msg = e.Message;
}
return(new JsonResult {
Data = new { State = state, Msg = msg }, JsonRequestBehavior = JsonRequestBehavior.AllowGet
});
}
/// <summary>
/// Конструктор атрибута метода контроллера для назначения
/// </summary>
/// <param name="rightModule">Модуль, </param>
/// <param name="rightObject">Объект(клиент, договор, займ)</param>
/// <param name="rightOperator">Действие(сооздать, коппировать, удалить)</param>
public PermissionAttribute(RightModule rightModule, RightObject rightObject, RightOperator rightOperator)
{
Names = $"{ rightModule}.{rightObject}.{rightOperator}";
}
/// <summary>
/// Класс описывающий требования для политики безопасности доступа в метод/действие контроллера.
/// </summary>
/// <param name="rightModule">Значение RightModule enum для проверки прав доступа к контроллеру. </param>
/// <param name="rightObject">Значение RightObject enum для проверки прав доступа к работе с объектом.</param>
/// <param name="rightOperator">Значение RightOperator enum для проверки прав доступа к выполнению текущей операции</param>
public PermissionRequirement(RightModule rightModule, RightObject rightObject, RightOperator rightOperator)
{
RightModule = rightModule;
RightObject = rightObject;
RightOperator = rightOperator;
}
public void DeleteObject(RightObject r)
{
_db.Delete(r);
}
/// <summary>
/// 保存应用
/// </summary>
/// <param name="badge"></param>
/// <param name="item"></param>
public void SaveApplication(KeyValuePair <string, string> user, RightApplication item)
{
if (item.ApplicationId == ConfigurationManager.AppSettings["RightApplicationId"])
{
throw new InfoException("不能编辑权限管理应用");
}
db.BeginTransaction();
try
{
if (string.IsNullOrEmpty(item.ApplicationId))
{
if (db.Exists <RightApplication>("ApplicationName = @0", item.ApplicationName))
{
throw new InfoException("应用名称【{0}】已存在", item.ApplicationName);
}
item.ApplicationId = Guid.NewGuid().ToString();
db.Insert(item);
// 新建应用时,初始化创建权限对象【权限角色】、【权限分配】【权限查询】及其对象操作
var object1 = new RightObject
{
ApplicationId = item.ApplicationId,
ObjectName = "权限分配"
};
var objectOperation1 = new RightObjectOperation
{
ObjectId = object1.Id,
OperationName = "查看"
};
var objectOperation2 = new RightObjectOperation
{
ObjectId = object1.Id,
OperationName = "保存"
};
db.Insert(object1);
db.Insert(objectOperation1);
db.Insert(objectOperation2);
var object2 = new RightObject
{
ApplicationId = item.ApplicationId,
ObjectName = "权限角色"
};
var objectOperation3 = new RightObjectOperation
{
ObjectId = object2.Id,
OperationName = "查看"
};
var objectOperation4 = new RightObjectOperation
{
ObjectId = object2.Id,
OperationName = "新增&编辑"
};
var objectOperation5 = new RightObjectOperation
{
ObjectId = object2.Id,
OperationName = "删除"
};
db.Insert(object2);
db.Insert(objectOperation3);
db.Insert(objectOperation4);
db.Insert(objectOperation5);
var object3 = new RightObject
{
ApplicationId = item.ApplicationId,
ObjectName = "权限查询"
};
var objectOperation6 = new RightObjectOperation
{
ObjectId = object2.Id,
OperationName = "查询"
};
db.Insert(object3);
db.Insert(objectOperation6);
logService.WriteInsertOperateLog(user, item.ApplicationId, item.Id, item);
}
else
{
var oldItem = GetApplication(item.ApplicationId);
if (oldItem == null)
{
throw new InfoException("【{0}】记录不存在", item.Id);
}
item.Id = oldItem.Id;
db.Update(item);
logService.WriteUpdateOperateLog(user, item.ApplicationId, item.Id, oldItem, item);
}
db.CompleteTransaction();
}
catch (Exception e)
{
db.AbortTransaction();
throw e;
}
}
/// <summary>
/// 保存权限对象
/// </summary>
/// <param name="badge"></param>
/// <param name="applicationId"></param>
/// <param name="item"></param>
public void SaveObject(KeyValuePair <string, string> user, string applicationId, RightObject item)
{
if (applicationId == ConfigurationManager.AppSettings["RightApplicationId"])
{
throw new InfoException("不能新增/编辑权限管理应用的权限对象");
}
db.BeginTransaction();
try
{
if (db.Exists <RightObject>("ApplicationId = @0 AND ObjectName = @1 AND Id != @2", applicationId, item.ObjectName, item.Id))
{
throw new InfoException("权限对象【{0}】已存在", item.ObjectName);
}
if (db.IsNew(item))
{
db.Insert(item);
logService.WriteInsertOperateLog(user, applicationId, item.Id, item);
}
else
{
var oldItem = db.SingleOrDefault <RightObject>(item.Id);
if (oldItem == null)
{
throw new InfoException("【{0}】记录不存在", item.Id);
}
if (oldItem.ObjectName == "权限分配" || oldItem.ObjectName == "权限角色" || oldItem.ObjectName == "权限查询")
{
throw new InfoException("不能编辑保留权限对象【{0}】", oldItem.ObjectName);
}
db.Update(item);
logService.WriteUpdateOperateLog(user, applicationId, item.Id, oldItem, item);
}
db.CompleteTransaction();
}
catch (Exception e)
{
db.AbortTransaction();
throw e;
}
}
/// <summary> /// Получение набора прав по модулю и объекту /// </summary> /// <param name="module">Идентификатор модуля</param> /// <param name="rightObject">Идентификатор объекта</param> /// <returns></returns> public async Task <List <Right> > GetAllRights(RightModule module, RightObject rightObject) => await _context.Rights.Where(x => x.Module == module && x.Object == rightObject).ToListAsync();