private async static Task SeedClaimsForSuperAdmin(this RoleManager <IdentityRole> roleManager)
{
var adminRole = await roleManager.FindByNameAsync("SuperAdmin");
await roleManager.AddPermissionClaim(adminRole, "Users");
await roleManager.AddPermissionClaim(adminRole, "Products");
}
private async static Task SeedClaimsForSuperAdmin(this RoleManager <IdentityRole> roleManager)
{
var adminRole = await roleManager.FindByNameAsync("SuperAdmin");
await roleManager.AddPermissionClaim(adminRole, MasterPermissions.Create);
await roleManager.AddPermissionClaim(adminRole, MasterPermissions.Update);
await roleManager.AddPermissionClaim(adminRole, MasterPermissions.View);
await roleManager.AddPermissionClaim(adminRole, MasterPermissions.Delete);
}
public async Task <Result <string> > UpdatePermissionsAsync(PermissionRequest request)
{
try
{
var role = await _roleManager.FindByIdAsync(request.RoleId);
if (role.Name == RoleConstants.AdministratorRole)
{
return(await Result <string> .FailAsync(_localizer["Not allowed to modify Permissions for this Role."]));
}
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
var selectedClaims = request.RoleClaims.Where(a => a.Selected).ToList();
foreach (var claim in selectedClaims)
{
await _roleManager.AddPermissionClaim(role, claim.Value);
}
return(await Result <string> .SuccessAsync(_localizer["Permission Updated."]));
}
catch (Exception ex)
{
return(await Result <string> .FailAsync(ex.Message));
}
}
public async Task <Result <string> > UpdatePermissionsInRole(PermissionViewModel model)
{
var role = await _roleManager.FindByIdAsync(model.Id);
//Remove all Claims First
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
var selectedClaims = model.RoleClaims.Where(a => a.Selected).ToList();
foreach (var claim in selectedClaims)
{
await _roleManager.AddPermissionClaim(role, claim.Value);
}
return(Result <string> .Success("true"));
}
private void AddAdministrator()
{
Task.Run(async() =>
{
//Check if Role Exists
var adminRole = new BlazorHeroRole(RoleConstants.AdministratorRole, _localizer["Administrator role with full permissions"]);
var adminRoleInDb = await _roleManager.FindByNameAsync(RoleConstants.AdministratorRole);
if (adminRoleInDb == null)
{
await _roleManager.CreateAsync(adminRole);
adminRoleInDb = await _roleManager.FindByNameAsync(RoleConstants.AdministratorRole);
_logger.LogInformation(_localizer["Seeded Administrator Role."]);
}
//Check if User Exists
var superUser = new BlazorHeroUser
{
FirstName = "Mukesh",
LastName = "Murugan",
Email = "*****@*****.**",
UserName = "******",
EmailConfirmed = true,
PhoneNumberConfirmed = true,
CreatedOn = DateTime.Now,
IsActive = true
};
var superUserInDb = await _userManager.FindByEmailAsync(superUser.Email);
if (superUserInDb == null)
{
await _userManager.CreateAsync(superUser, UserConstants.DefaultPassword);
var result = await _userManager.AddToRoleAsync(superUser, RoleConstants.AdministratorRole);
if (result.Succeeded)
{
_logger.LogInformation(_localizer["Seeded Default SuperAdmin User."]);
}
else
{
foreach (var error in result.Errors)
{
_logger.LogError(error.Description);
}
}
}
foreach (var permission in Permissions.GetRegisteredPermissions())
{
await _roleManager.AddPermissionClaim(adminRoleInDb, permission);
}
}).GetAwaiter().GetResult();
}
public async Task <IActionResult> Update(PermissionViewModel model)
{
var role = await _roleManager.FindByIdAsync(model.RoleId);
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
var selectedClaims = model.RoleClaims.Where(a => a.Selected).ToList();
foreach (var claim in selectedClaims)
{
await _roleManager.AddPermissionClaim(role, claim.Value);
}
return(RedirectToAction("Index", new { roleId = model.RoleId }));
}
private void AddAdministrator()
{
Task.Run(async() =>
{
//Check if Role Exists
var adminRole = new BlazorHeroRole(RoleConstants.AdministratorRole, _localizer["Administrator role with full permissions"]);
var adminRoleInDb = await _roleManager.FindByNameAsync(RoleConstants.AdministratorRole);
if (adminRoleInDb == null)
{
await _roleManager.CreateAsync(adminRole);
_logger.LogInformation(_localizer["Seeded Administrator Role."]);
}
//Check if User Exists
var superUser = new BlazorHeroUser
{
FirstName = "Mukesh",
LastName = "Murugan",
Email = "*****@*****.**",
UserName = "******",
EmailConfirmed = true,
PhoneNumberConfirmed = true,
CreatedOn = DateTime.Now,
IsActive = true
};
var superUserInDb = await _userManager.FindByEmailAsync(superUser.Email);
if (superUserInDb == null)
{
await _userManager.CreateAsync(superUser, UserConstants.DefaultPassword);
var result = await _userManager.AddToRoleAsync(superUser, RoleConstants.AdministratorRole);
if (result.Succeeded)
{
foreach (var prop in typeof(Permissions).GetNestedTypes().SelectMany(c => c.GetFields(BindingFlags.Public | BindingFlags.Static | BindingFlags.FlattenHierarchy)))
{
var propertyValue = prop.GetValue(null);
if (propertyValue is not null)
{
await _roleManager.AddPermissionClaim(adminRole, propertyValue.ToString());
}
}
}
_logger.LogInformation(_localizer["Seeded User with Administrator Role."]);
}
}).GetAwaiter().GetResult();
}
public async Task <IActionResult> OnPostUpdateAsync()
{
var role = await _roleManager.FindByIdAsync(RoleId);
//Remove all Claims First
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
var selectedClaims = RoleClaims.Where(a => a.Selected).ToList();
foreach (var claim in selectedClaims)
{
await _roleManager.AddPermissionClaim(role, claim.Value);
}
var user = await _userManager.GetUserAsync(User);
await _signInManager.RefreshSignInAsync(user);
return(Page());
}
public async Task <IActionResult> Update(PermissionViewModel model)
{
var role = await _roleManager.FindByIdAsync(model.RoleId);
//Remove all Claims First
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
var selectedClaims = model.RoleClaims.Where(a => a.Selected).ToList();
foreach (var claim in selectedClaims)
{
await _roleManager.AddPermissionClaim(role, claim.Value);
}
_notify.Success($"Updated Claims / Permissions for Role '{role.Name}'");
//var user = await _userManager.GetUserAsync(User);
//await _signInManager.RefreshSignInAsync(user);
return(RedirectToAction("Index", new { roleId = model.RoleId }));
}
public async Task <IActionResult> OnPostUpdateAsync()
{
var role = await _roleManager.FindByIdAsync(RoleId);
//Remove all Claims First
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
var selectedClaims = RoleClaims.Where(a => a.Selected).ToList();
foreach (var claim in selectedClaims)
{
await _roleManager.AddPermissionClaim(role, claim.Value);
}
var user = await _userManager.GetUserAsync(User);
await _signInManager.RefreshSignInAsync(user);
Notify.AddSuccessToastMessage($"Updated Claims / Permissions for Role '{role.Name}'");
return(RedirectToPage("/roles", new { area = "Admin" }));
}
public async Task <Result <string> > UpdatePermissionsAsync(PermissionRequest request)
{
try
{
var errors = new List <string>();
var role = await _roleManager.FindByIdAsync(request.RoleId);
if (role.Name == RoleConstants.AdministratorRole)
{
var currentUser = await _userManager.Users.SingleAsync(x => x.Id == _currentUserService.UserId);
if (!await _userManager.IsInRoleAsync(currentUser, RoleConstants.AdministratorRole))
{
return(await Result <string> .FailAsync(_localizer["Not allowed to modify Permissions for this Role."]));
}
}
var selectedClaims = request.RoleClaims.Where(a => a.Selected).ToList();
if (role.Name == RoleConstants.AdministratorRole)
{
if (!selectedClaims.Any(x => x.Value == Permissions.Roles.View) ||
!selectedClaims.Any(x => x.Value == Permissions.RoleClaims.View) ||
!selectedClaims.Any(x => x.Value == Permissions.RoleClaims.Edit))
{
return(await Result <string> .FailAsync(string.Format(
_localizer["Not allowed to deselect {0} or {1} or {2} for this Role."],
Permissions.Roles.View, Permissions.RoleClaims.View, Permissions.RoleClaims.Edit)));
}
}
var claims = await _roleManager.GetClaimsAsync(role);
foreach (var claim in claims)
{
await _roleManager.RemoveClaimAsync(role, claim);
}
foreach (var claim in selectedClaims)
{
var addResult = await _roleManager.AddPermissionClaim(role, claim.Value);
if (!addResult.Succeeded)
{
errors.AddRange(addResult.Errors.Select(e => _localizer[e.Description].ToString()));
}
}
var addedClaims = await _roleClaimService.GetAllByRoleIdAsync(role.Id);
if (addedClaims.Succeeded)
{
foreach (var claim in selectedClaims)
{
var addedClaim = addedClaims.Data.SingleOrDefault(x => x.Type == claim.Type && x.Value == claim.Value);
if (addedClaim != null)
{
claim.Id = addedClaim.Id;
claim.RoleId = addedClaim.RoleId;
var saveResult = await _roleClaimService.SaveAsync(claim);
if (!saveResult.Succeeded)
{
errors.AddRange(saveResult.Messages);
}
}
}
}
else
{
errors.AddRange(addedClaims.Messages);
}
if (errors.Any())
{
return(await Result <string> .FailAsync(errors));
}
return(await Result <string> .SuccessAsync(_localizer["Permissions Updated."]));
}
catch (Exception ex)
{
return(await Result <string> .FailAsync(ex.Message));
}
}
private async static Task SeedClaimsForAdmin(this RoleManager <IdentityRole <int> > roleManager)
{
var adminRole = await roleManager.FindByNameAsync("Admin");
await roleManager.AddPermissionClaim(adminRole, "Killing");
}