private async Task <RolePermissionCacheItem> GetRolePermissionCacheItemAsync(long roleId)
{
var cacheKey = roleId + "@0";
return(await _cacheManager.GetRolePermissionCache().GetAsync(cacheKey, async() =>
{
var newCacheItem = new RolePermissionCacheItem(roleId);
var role = await Store.FindByIdAsync(roleId.ToString(), CancellationToken);
if (role == null)
{
throw new SmdException("There is no role with given id: " + roleId);
}
foreach (var permissionInfo in await RolePermissionStore.GetPermissionsAsync(roleId))
{
if (permissionInfo.IsGranted)
{
newCacheItem.GrantedPermissions.AddIfNotContains(permissionInfo.Name);
}
else
{
newCacheItem.GrantedPermissions.Remove(permissionInfo.Name);
}
}
return newCacheItem;
}));
}
/// <summary>
/// Prohibits a permission for a role.
/// </summary>
/// <param name="role">Role</param>
/// <param name="permission">Permission</param>
public async Task ProhibitPermissionAsync(TRole role, Permission permission)
{
if (!await IsGrantedAsync(role.Id, permission))
{
return;
}
await RolePermissionStore.RemovePermissionAsync(role, new PermissionGrantInfo(permission.Name, true));
}
/// <summary>
/// Grants a permission for a role.
/// </summary>
/// <param name="role">Role</param>
/// <param name="permission">Permission</param>
public async Task GrantPermissionAsync(TRole role, Permission permission)
{
if (await IsGrantedAsync(role.Id, permission))
{
return;
}
await RolePermissionStore.RemovePermissionAsync(role, new PermissionGrantInfo(permission.Name, false, null));
await RolePermissionStore.AddPermissionAsync(role, new PermissionGrantInfo(permission.Name, true, null));
}
/// <summary>
/// Grants a permission for a role.
/// </summary>
/// <param name="role">Role</param>
/// <param name="permission">Permission</param>
public async Task GrantPermissionAsync(Role role, Permission permission)
{
if (await IsGrantedAsync(role.Id, permission))
{
return;
}
await RolePermissionStore.AddPermissionAsync(role, new PermissionGrantInfo(permission.Name, true));
await RemoveRolePermissionCacheItemAsync(role.Id);
}
/// <summary>
/// Prohibits a permission for a role.
/// </summary>
/// <param name="role">Role</param>
/// <param name="permission">Permission</param>
public async Task ProhibitPermissionAsync(TRole role, Permission permission)
{
if (!await HasPermissionAsync(role, permission))
{
return;
}
if (permission.IsGrantedByDefault)
{
await RolePermissionStore.AddPermissionAsync(role, new PermissionGrantInfo(permission.Name, false));
}
else
{
await RolePermissionStore.RemovePermissionAsync(role, new PermissionGrantInfo(permission.Name, true));
}
}
private async Task <RolePermissionCacheItem> GetRolePermissionCacheItemAsync(int roleId)
{
var cacheKey = roleId + "@" + (GetCurrentTenantId() ?? 0);
return(await _cacheManager.GetRolePermissionCache().GetAsync(cacheKey, async() =>
{
var newCacheItem = new RolePermissionCacheItem(roleId);
foreach (var permissionInfo in await RolePermissionStore.GetPermissionsAsync(roleId))
{
if (permissionInfo.IsGranted)
{
newCacheItem.GrantedPermissions.Add(permissionInfo.Name);
}
}
return newCacheItem;
}));
}
private RolePermissionCacheItem GetRolePermissionCacheItem(int roleId)
{
var cacheKey = roleId + "@" + (GetCurrentTenantId() ?? 0);
return(_cacheManager.GetRolePermissionCache().Get(cacheKey, () =>
{
var newCacheItem = new RolePermissionCacheItem(roleId);
var role = AbpStore.FindById(roleId.ToString(), CancellationToken);
if (role == null)
{
throw new AbpException("There is no role with given id: " + roleId);
}
var staticRoleDefinition = RoleManagementConfig.StaticRoles.FirstOrDefault(r =>
r.RoleName == role.Name && r.Side == role.GetMultiTenancySide()
);
if (staticRoleDefinition != null)
{
foreach (var permission in _permissionManager.GetAllPermissions())
{
if (staticRoleDefinition.IsGrantedByDefault(permission))
{
newCacheItem.GrantedPermissions.Add(permission.Name);
}
}
}
foreach (var permissionInfo in RolePermissionStore.GetPermissions(roleId))
{
if (permissionInfo.IsGranted)
{
newCacheItem.GrantedPermissions.AddIfNotContains(permissionInfo.Name);
}
else
{
newCacheItem.GrantedPermissions.Remove(permissionInfo.Name);
}
}
return newCacheItem;
}));
}
private async Task <RolePermissionCacheItem> GetRolePermissionCacheItemAsync(int roleId)
{
var cacheKey = roleId + "@" + (GetCurrentTenantId() ?? 0);
return(await CacheManager.GetRolePermissionCache().GetAsync(cacheKey, async() =>
{
var newCacheItem = new RolePermissionCacheItem(roleId);
var role = await Store.FindByIdAsync(roleId);
if (role == null)
{
throw new CodeZeroException("There is no role with given id: " + roleId);
}
var staticRoleDefinition = RoleManagementConfig.StaticRoles.FirstOrDefault(r =>
r.RoleName == role.Name && r.Side == role.GetMultiTenancySide());
if (staticRoleDefinition != null)
{
foreach (var permission in PermissionManager.GetAllPermissions())
{
if (staticRoleDefinition.IsGrantedByDefault(permission))
{
newCacheItem.GrantedPermissions.Add(permission.Name);
}
}
}
foreach (var permissionInfo in await RolePermissionStore.GetPermissionsAsync(roleId))
{
if (permissionInfo.IsGranted)
{
newCacheItem.GrantedPermissions.AddIfNotContains(permissionInfo.Name);
}
else
{
newCacheItem.GrantedPermissions.Remove(permissionInfo.Name);
}
}
return newCacheItem;
}));
}
private async Task <RolePermissionCacheItem> GetRolePermissionCacheItemAsync(int roleId)
{
return(await _rolePermissionCache.GetAsync(roleId, async() =>
{
var newCacheItem = new RolePermissionCacheItem(roleId);
foreach (var permissionInfo in await RolePermissionStore.GetPermissionsAsync(roleId))
{
if (permissionInfo.IsGranted)
{
newCacheItem.GrantedPermissions.Add(permissionInfo.Name);
}
else
{
newCacheItem.ProhibitedPermissions.Add(permissionInfo.Name);
}
}
return newCacheItem;
}));
}
/// <summary>
/// Resets all permission settings for a role.
/// It removes all permission settings for the role.
/// Role will have permissions those have <see cref="Permission.IsGrantedByDefault"/> set to true.
/// </summary>
/// <param name="role">Role</param>
public async Task ResetAllPermissionsAsync(TRole role)
{
await RolePermissionStore.RemoveAllPermissionSettingsAsync(role);
}
/// <summary>
/// Checks if a role has a permission.
/// </summary>
/// <param name="role">The rolepermission</param>
/// <param name="permission">The permission</param>
/// <returns>True, if the role has the permission</returns>
public async Task <bool> HasPermissionAsync(TRole role, Permission permission)
{
return(permission.IsGrantedByDefault
? !(await RolePermissionStore.HasPermissionAsync(role, new PermissionGrantInfo(permission.Name, false)))
: (await RolePermissionStore.HasPermissionAsync(role, new PermissionGrantInfo(permission.Name, true))));
}
