// LinkDemand
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
// static class 2.0 / no public ctor before (1.x)
MethodInfo mi = this.Type.GetMethod ("EnumToString");
Assert.IsNotNull (mi, "EnumToString");
return mi.Invoke (null, new object[2] { typeof(SecurityAction), SecurityAction.Demand });
}
// LinkDemand
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
// no public ctor is available but we know the Count property isn't protected
MethodInfo mi = this.Type.GetProperty ("Count").GetGetMethod ();
Assert.IsNotNull (mi, "Count");
return mi.Invoke (css, null);
}
// LinkDemand
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
// no public ctor is available but we know that it's properties don't have any restrictions
MethodInfo mi = this.Type.GetProperty ("AcceptTypes").GetGetMethod ();
Assert.IsNotNull (mi, "get_AcceptTypes");
return mi.Invoke (response.Cache.VaryByHeaders, null);
}
public PerformanceCounterPermissionAttribute (SecurityAction action)
: base (action)
{
categoryName = ResourcePermissionBase.Any;
machineName = ResourcePermissionBase.Local;
permissionAccess = PerformanceCounterPermissionAccess.Write;
}
private object CreateControlStringCtor (SecurityAction action, AspNetHostingPermissionLevel level)
{
// not public empty (default) ctor - at least not before 2.0
ConstructorInfo ci = this.Type.GetConstructor (new Type[1] { typeof (string) });
Assert.IsNotNull (ci, ".ctor(string)");
return ci.Invoke (new object[1] { tempFile });
}
public DeclSecurityOptions(DeclSecurity ds) {
this.Action = ds.Action;
this.CustomAttributes.AddRange(ds.CustomAttributes);
this.V1XMLString = ds.GetNet1xXmlString();
if (this.V1XMLString == null)
this.SecurityAttributes.AddRange(ds.SecurityAttributes);
}
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
if ((level != AspNetHostingPermissionLevel.None) && (action == SecurityAction.PermitOnly))
return UnmanagedCreateControl (action, level);
else
return base.CreateControl (action, level);
}
// Constructors.
public PerformanceCounterPermissionAttribute(SecurityAction action)
: base(action)
{
machineName = ".";
categoryName = "*";
permissionAccess = PerformanceCounterPermissionAccess.Browse;
}
public HostProtectionAttribute( SecurityAction action )
: base( action )
{
if (action != SecurityAction.LinkDemand)
throw new ArgumentException(Environment.GetResourceString("Argument_InvalidFlag"));
Contract.EndContractBlock();
}
public ServiceControllerPermissionAttribute (SecurityAction action)
: base (action)
{
machine_name = ResourcePermissionBase.Local;
service_name = ResourcePermissionBase.Any;
permission_access = ServiceControllerPermissionAccess.Browse;
}
// LinkDemand
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
ConstructorInfo ci = this.Type.GetConstructor (new Type[7] { typeof (string), typeof (string),
typeof (int), typeof (string), typeof (string), typeof (string), typeof (BuildMethod) });
Assert.IsNotNull (ci, ".ctor(2xstring,int,3xstring,BuildMethod)");
return ci.Invoke (new object[7] { null, null, null, null, null, null, null });
}
// LinkDemand
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
// no public ctor but we know the properties aren't protected
MethodInfo mi = this.Type.GetProperty ("Visible").GetGetMethod ();
Assert.IsNotNull (mi, "Visible");
return mi.Invoke (pager_style, null);
}
public void AddDeclarativeSecurity(SecurityAction action, PermissionSet pset)
{
lock (this.SyncRoot)
{
this.AddDeclarativeSecurityNoLock(action, pset);
}
}
// LinkDemand
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
// there are no public ctor so we're taking a method that we know isn't protected
// (by a Demand) and call it thru reflection so any linkdemand (on the class) will
// be promoted to a Demand
MethodInfo mi = this.Type.GetProperty ("AllKeys").GetGetMethod ();
return mi.Invoke (appstate, null);
}
/*-------------------- Constructors ---------------------------------*/
internal DeclSecurity(MetaDataElement paren, SecurityAction act, byte[] perSet)
{
Contract.Requires(perSet != null);
parent = paren;
action = act;
permissionSet = perSet;
tabIx = MDTable.DeclSecurity;
}
public HostProtectionAttribute (SecurityAction action)
: base (action)
{
if (action != SecurityAction.LinkDemand) {
string msg = String.Format (Locale.GetText ("Only {0} is accepted."), SecurityAction.LinkDemand);
throw new ArgumentException (msg, "action");
}
}
internal DeclSecurity(PEReader buff)
{
Contract.Requires(buff != null);
action = (SecurityAction)buff.ReadUInt16();
parentIx = buff.GetCodedIndex(CIx.HasDeclSecurity);
permissionSet = buff.GetBlob();
tabIx = MDTable.DeclSecurity;
}
public Action (SecurityAction action)
{
this.action = action;
this.TextView = new TextView ();
this.TextView.Editable = false;
this.Expander = new Expander (action.ToString ());
this.Expander.Add (this.TextView);
}
#pragma warning disable 618
public HostProtectionAttribute( SecurityAction action )
#pragma warning restore 618
: base( action )
{
#pragma warning disable 618
if (action != SecurityAction.LinkDemand)
#pragma warning restore 618
throw new ArgumentException(Environment.GetResourceString("Argument_InvalidFlag"));
Contract.EndContractBlock();
}
public EventLogPermissionAttribute (SecurityAction action)
: base (action)
{
machineName = ResourcePermissionBase.Local;
#if NET_2_0
permissionAccess = EventLogPermissionAccess.Write;
#else
permissionAccess = EventLogPermissionAccess.Browse;
#endif
}
public PerformanceCounterPermissionAttribute (SecurityAction action)
: base (action)
{
categoryName = ResourcePermissionBase.Any;
machineName = ResourcePermissionBase.Local;
#if NET_2_0
permissionAccess = PerformanceCounterPermissionAccess.Write;
#else
permissionAccess = PerformanceCounterPermissionAccess.Browse;
#endif
}
[System.Security.SecurityCritical] // auto-generated
#pragma warning disable 618
internal static Exception MakeSecurityException(AssemblyName asmName, Evidence asmEvidence, PermissionSet granted, PermissionSet refused, RuntimeMethodHandleInternal rmh, SecurityAction action, Object demand, IPermission permThatFailed)
#pragma warning restore 618
{
#if FEATURE_CAS_POLICY
// See if we need to throw a HostProtectionException instead
HostProtectionPermission hostProtectionPerm = permThatFailed as HostProtectionPermission;
if(hostProtectionPerm != null)
return new HostProtectionException(GetResString("HostProtection_HostProtection"), HostProtectionPermission.protectedResources, hostProtectionPerm.Resources);
// Produce relevant strings
String message = "";
MethodInfo method = null;
try
{
if(granted == null && refused == null && demand == null)
{
message = GetResString("Security_NoAPTCA");
}
else
{
if(demand != null && demand is IPermission)
message = String.Format(CultureInfo.InvariantCulture, GetResString("Security_Generic"), demand.GetType().AssemblyQualifiedName );
else if (permThatFailed != null)
message = String.Format(CultureInfo.InvariantCulture, GetResString("Security_Generic"), permThatFailed.GetType().AssemblyQualifiedName);
else
message = GetResString("Security_GenericNoType");
}
method = SecurityRuntime.GetMethodInfo(rmh);
}
catch(Exception e)
{
// Environment.GetResourceString will throw if we are ReadyForAbort (thread abort). (We shouldn't do a Contract.Assert in this case or it will lock up the thread.)
if(e is System.Threading.ThreadAbortException)
throw;
}
/* catch(System.Threading.ThreadAbortException)
{
// Environment.GetResourceString will throw if we are ReadyForAbort (thread abort). (We shouldn't do a BCLDebug.Assert in this case or it will lock up the thread.)
throw;
}
catch
{
}
*/
// make the exception object
return new SecurityException(message, asmName, granted, refused, method, action, demand, permThatFailed, asmEvidence);
#else
return new SecurityException(GetResString("Arg_SecurityException"));
#endif
}
public SecurityDeclaration FromByteArray (SecurityAction action, byte [] declaration, bool resolve)
{
SecurityDeclaration dec = new SecurityDeclaration (action, this);
#if !CF_1_0 && !CF_2_0
dec.PermissionSet = new PermissionSet (SSP.PermissionState.None);
if (IsEmptyDeclaration (declaration))
return dec;
if (declaration[0] == 0x2e) {
// new binary format introduced in 2.0
int pos = 1;
int start;
int numattr = Utilities.ReadCompressedInteger (declaration, pos, out start);
if (numattr == 0)
return dec;
BinaryReader br = new BinaryReader (new MemoryStream (declaration));
for (int i = 0; i < numattr; i++) {
pos = start;
SSP.SecurityAttribute sa = CreateSecurityAttribute (action, br, declaration, pos, out start, resolve);
if (sa == null) {
dec.Resolved = false;
dec.Blob = declaration;
return dec;
}
try {
IPermission p = sa.CreatePermission ();
dec.PermissionSet.AddPermission (p);
} catch {
dec.Resolved = false;
dec.Blob = declaration;
return dec;
}
}
dec.Resolved = true;
} else {
Parser.LoadXml (Encoding.Unicode.GetString (declaration));
try {
dec.PermissionSet.FromXml (Parser.ToXml ());
dec.PermissionSet.ToXml ();
dec.Resolved = true;
} catch {
dec.Resolved = false;
dec.Blob = declaration;
}
}
#endif
return dec;
}
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
if ((level != AspNetHostingPermissionLevel.None) && (action == SecurityAction.PermitOnly)) {
try {
return FileIOPermissionCreateControl (action, level);
}
catch (TargetInvocationException tie) {
throw tie;
}
}
else
return CreateControlStringCtor (action, level);
}
#pragma warning disable 618
private static void ThrowSecurityException(RuntimeAssembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandleInternal rmh, SecurityAction action, Object demand, IPermission permThatFailed)
#pragma warning restore 618
{
AssemblyName asmName = null;
Evidence asmEvidence = null;
if (asm != null)
{
// Assert here because reflection will check grants and if we fail the check,
// there will be an infinite recursion that overflows the stack.
PermissionSet.s_fullTrust.Assert();
asmName = asm.GetName();
}
throw SecurityException.MakeSecurityException(asmName, asmEvidence, granted, refused, rmh, action, demand, permThatFailed);
}
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
// the ctor NRE makes it more complex
try {
return base.CreateControl (action, level);
}
catch (TargetInvocationException tie) {
// we really checking for security exceptions that occurs before a NRE can occurs
if (tie.InnerException is NullReferenceException)
return String.Empty;
else
return null;
}
}
public void AddDeclarativeSecurity(SecurityAction action, PermissionSet pset)
{
if (pset == null)
{
throw new ArgumentNullException("pset");
}
if ((!Enum.IsDefined(typeof(SecurityAction), action) || (action == SecurityAction.RequestMinimum)) || ((action == SecurityAction.RequestOptional) || (action == SecurityAction.RequestRefuse)))
{
throw new ArgumentOutOfRangeException("action");
}
if (this.m_methodBuilder.IsTypeCreated())
{
throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_TypeHasBeenCreated"));
}
byte[] blob = pset.EncodeXml();
TypeBuilder.AddDeclarativeSecurity(this.GetModuleBuilder().GetNativeHandle(), this.GetToken().Token, action, blob, blob.Length);
}
private bool Can(FileEntry file, Guid userId, SecurityAction action)
{
if (!ProjectSecurity.CanReadFiles(Project)) return false;
if (IsAdmin(userId)) return true;
if (file == null || Project == null) return false;
if (file is Folder && ((Folder)file).FolderType == FolderType.DEFAULT && file.CreateBy == userId) return true;
if (file is File && file.CreateBy == userId) return true;
switch (action)
{
case SecurityAction.Read: return Project.Private ? dao.IsInTeam(Project.ID, userId) : true;
case SecurityAction.Create: return dao.IsInTeam(Project.ID, userId);
case SecurityAction.Edit: return Project.Responsible == userId;
case SecurityAction.Delete: return Project.Responsible == userId;
default: return false;
}
}
public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
{
if ((level != AspNetHostingPermissionLevel.None) && (action == SecurityAction.PermitOnly)) {
try {
return FileIOPermissionCreateControl (action, level);
}
catch (TargetInvocationException tie) {
#if ONLY_1_1
// hide this error (occurs with ms 1.x)
if ((tie.InnerException is NullReferenceException) &&
(level == AspNetHostingPermissionLevel.Unrestricted)) {
return String.Empty;
}
#endif
throw tie;
}
}
else
return CreateControlStringCtor (action, level);
}
public void AddDeclarativeSecurity(SecurityAction action, PermissionSet pset)
{
if (pset == null)
{
throw new ArgumentNullException("pset");
}
this.ThrowIfGeneric();
if ((!Enum.IsDefined(typeof(SecurityAction), action) || (action == SecurityAction.RequestMinimum)) || ((action == SecurityAction.RequestOptional) || (action == SecurityAction.RequestRefuse)))
{
throw new ArgumentOutOfRangeException("action");
}
this.m_containingType.ThrowIfCreated();
byte[] blob = null;
int cb = 0;
if (!pset.IsEmpty())
{
blob = pset.EncodeXml();
cb = blob.Length;
}
TypeBuilder.AddDeclarativeSecurity(this.m_module.GetNativeHandle(), this.MetadataTokenInternal, action, blob, cb);
}
protected IsolatedStoragePermissionAttribute(SecurityAction action)
public SiteIdentityPermissionAttribute(SecurityAction action) : base(default(SecurityAction))
{
}
public IsolatedStoragePermissionAttribute(SecurityAction action)
#endif
: base(action)
{
}
public AnyRolePermissionAttribute(SecurityAction action)
: base(action)
{
}
void Add(SecurityAction a)
{
}
public SecurityDeclaration(SecurityAction action, byte [] blob)
{
this.action = action;
this.resolved = false;
this.blob = blob;
}
internal SecurityDeclaration(SecurityAction action, uint signature, ModuleDefinition module)
{
this.action = action;
this.signature = signature;
this.module = module;
}
public NetworkInformationPermissionAttribute(SecurityAction action) : base(action)
{
}
public AspNetHostingPermissionAttribute(SecurityAction action) : base(action)
{
_level = AspNetHostingPermissionLevel.None;
}
public TypeDescriptorPermissionAttribute(SecurityAction action) : base(action)
{
}
// Methods
public MySqlClientPermissionAttribute(SecurityAction action) : base(action)
{
}
private object FileIOPermissionCreateControl(SecurityAction action, AspNetHostingPermissionLevel level)
{
return(CreateControlStringCtor(action, level));
}
/// <summary>Initializes a new instance of the <see cref="T:System.Security.Permissions.GacIdentityPermissionAttribute" /> class with the specified <see cref="T:System.Security.Permissions.SecurityAction" /> value.</summary>
/// <param name="action">One of the <see cref="T:System.Security.Permissions.SecurityAction" /> values. </param>
/// <exception cref="T:System.ArgumentException">The <paramref name="action" /> parameter is not a valid <see cref="T:System.Security.Permissions.SecurityAction" /> value. </exception>
public GacIdentityPermissionAttribute(SecurityAction action) : base(action)
{
}
public ReflectionPermissionAttribute(SecurityAction action) : base(default(SecurityAction))
{
}
public PrintingPermissionAttribute(SecurityAction action) : base(action)
{
}
public PermissionSetAttribute(SecurityAction action) : base(default(SecurityAction))
{
}
/// <summary>
/// 保护构造方法,用于调用基类的构造方法
/// </summary>
protected PermissionInterceptorAttribute(SecurityAction action)
: base(action)
{
}
public RefEmitPermissionSet(SecurityAction action, string pset)
{
this.action = action;
this.pset = pset;
}
public SecurityDeclaration(SecurityAction action)
{
this.action = action;
this.resolved = true;
}
public async Task <IActionResult> Create([FromBody] CreateCompanyViewModel model)
{
string userPassword = CreatePassword(6);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
string strRuta = _config["AvatarFiles"];
Company company = new Company
{
Name = model.Name,
ContactName = model.ContactName,
ContactLastName = model.ContactLastName,
InitialDate = model.InitialDate,
Email = model.Email,
Phone = model.Phone,
Website = model.Website,
Address = model.Address,
Postal = model.Postal,
City = model.City,
State = model.State,
Country = model.Country,
Schedule = model.Schedule,
Comment = model.Comment,
CreationDate = DateTime.Now,
Enabled = true
};
//Agrego los sectores
if (model.CompanySectors != null)
{
company.CompanySectors = new List <CompanySector>();
foreach (var sector in model.CompanySectors)
{
CompanySector companySector = new CompanySector
{
CompanyId = company.Id,
SectorId = sector.SectorId
};
company.CompanySectors.Add(companySector);
}
}
//Agrego las pantallas
if (model.ConfigScreens != null)
{
company.ConfigScreen = new List <ConfigScreen>();
foreach (var item in model.ConfigScreens)
{
ConfigScreen configScreen = new ConfigScreen
{
CompanyId = company.Id,
Description = item.Description,
Enabled = item.Enabled,
Orden = item.Orden,
Icon = item.Icon,
SystemScreenId = item.SystemScreenId
};
//Dentro de las pantallas agrego los Atributos
if (item.ConfigScreenFields != null)
{
configScreen.ConfigScreenFields = new List <ConfigScreenField>();
foreach (var field in item.ConfigScreenFields)
{
ConfigScreenField configScreenField = new ConfigScreenField
{
ConfigScreenId = item.Id,
Name = field.Name,
Required = field.Required,
Visible = field.Visible,
DefaultValue = field.DefaultValue,
Orden = field.Orden,
Enabled = field.Enabled,
FieldName = field.FieldName,
SystemScreenFieldId = field.SystemScreenFieldId,
};
configScreen.ConfigScreenFields.Add(configScreenField);
}
}
//Dentro de las pantallas agrego las Acciones
if (item.SecurityActions != null)
{
configScreen.SecurityActions = new List <SecurityAction>();
foreach (var action in item.SecurityActions)
{
SecurityAction securityAction = new SecurityAction
{
ConfigScreenId = item.Id,
Description = action.Description,
Enabled = action.Enabled,
SystemActionId = action.SystemActionId,
};
configScreen.SecurityActions.Add(securityAction);
}
}
company.ConfigScreen.Add(configScreen);
}
}
_context.Companies.Add(company);
await _context.SaveChangesAsync();
//Agrego los roles
////Agrego las pantallas que aplican para ese rol
company.SecurityRoles = new List <SecurityRole>();
foreach (var rol in model.SecurityRoles)
{
int i = 0;
SecurityRole securityRole = new SecurityRole
{
Name = rol.Name,
CompanyId = company.Id,
Description = rol.Description,
Enabled = true,
SystemRoleId = rol.SystemRoleId
};
if (i == 0)
{
//Genero el usuario
securityRole.Usuarios = new List <SecurityUser>();
CrearPasswordHash(userPassword, out byte[] passwordHash, out byte[] passwordSalt);
SecurityUser user = new SecurityUser
{
CompanyId = company.Id,
Condicion = true,
Direccion = company.Address,
Email = company.Email,
Nombre = company.Name,
SecurityRoleId = securityRole.Id,
Password_hash = passwordHash,
Password_salt = passwordSalt
};
securityRole.Usuarios.Add(user);
}
i++;
securityRole.SecurityRoleScreens = new List <SecurityRoleScreen>();
securityRole.SecurityRoleActions = new List <SecurityRoleAction>();
foreach (var screen in company.ConfigScreen)
{
//Si la pantalla esta en el rol, la agrego
if (rol.SecurityRoleScreens.Where(x => x.SystemScreenId == screen.SystemScreenId).Any())
{
SecurityRoleScreen securityRoleScreen = new SecurityRoleScreen
{
ConfigScreenId = screen.Id,
SecurityRoleId = securityRole.Id
};
securityRole.SecurityRoleScreens.Add(securityRoleScreen);
foreach (var action in screen.SecurityActions)
{
if (rol.SecurityRoleActions.Where(x => x.SystemActionId == action.SystemActionId).Any())
{
SecurityRoleAction securityRoleAction = new SecurityRoleAction
{
SecurityActionId = action.Id,
SecurityRoleId = securityRole.Id
};
securityRole.SecurityRoleActions.Add(securityRoleAction);
}
}
}
}
company.SecurityRoles.Add(securityRole);
}
//Guardo el avatar
if (company.Id > 0)
{
if (!(string.IsNullOrEmpty(model.LogoName)) && (!string.IsNullOrEmpty(model.Logo)))
{
strRuta = strRuta + "//" + company.Id.ToString() + "//" + model.LogoName;
System.IO.FileInfo file = new System.IO.FileInfo(strRuta);
file.Directory.Create();
System.IO.File.WriteAllBytes(strRuta, Convert.FromBase64String(model.Logo.Substring(model.Logo.LastIndexOf(',') + 1)));
company.Logo = strRuta;
}
}
_context.Entry(company).State = EntityState.Modified;
await _context.SaveChangesAsync();
}
catch (Exception ex)
{
return(BadRequest());
}
return(Ok(userPassword));
}
//private string viewAndModify;
// Constructor
public FileIOPermissionAttribute(SecurityAction action) : base(action)
{
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="action">The security action</param>
/// <param name="securityAttrs">The security attributes (now owned by this)</param>
public DeclSecurityUser(SecurityAction action, IList <SecurityAttribute> securityAttrs)
{
this.action = action;
this.securityAttributes = ThreadSafeListCreator.MakeThreadSafe(securityAttrs);
}
private void WriteSecurityAttributeAction(SecurityAction action)
{
this.genericWriter.WriteSecurityDeclarationNamespaceIfNeeded();
this.genericWriter.Write("SecurityAction");
this.genericWriter.WriteToken(".");
switch (action - 1)
{
case 0:
{
this.genericWriter.Write("");
return;
}
case 1:
case 12:
{
this.genericWriter.Write("Demand");
return;
}
case 2:
case 10:
{
this.genericWriter.Write("Assert");
return;
}
case 3:
case 11:
{
this.genericWriter.Write("Deny");
return;
}
case 4:
{
this.genericWriter.Write("PermitOnly");
return;
}
case 5:
case 13:
{
this.genericWriter.Write("LinkDemand");
return;
}
case 6:
case 14:
{
this.genericWriter.Write("InheritanceDemand");
return;
}
case 7:
{
this.genericWriter.Write("RequestMinimum");
return;
}
case 8:
{
this.genericWriter.Write("RequestOptional");
return;
}
case 9:
{
this.genericWriter.Write("RequestRefuse");
return;
}
default:
{
return;
}
}
}
/// <summary>Initializes a new instance of the <see cref="T:System.Security.Permissions.UIPermissionAttribute" /> class with the specified <see cref="T:System.Security.Permissions.SecurityAction" />.</summary><param name="action">One of the <see cref="T:System.Security.Permissions.SecurityAction" /> values. </param>
public UIPermissionAttribute(SecurityAction action)
: base(action)
{
throw new NotImplementedException();
}
public OraclePermissionAttribute(SecurityAction action) : base(action)
{
}
// Constructors
public WebPermissionAttribute(SecurityAction action)
: base(action)
{
}
public async Task <IActionResult> Update([FromBody] UpdateCompanyViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
string strRuta = _config["AvatarFiles"];
Company company = await _context.Companies.Include(x => x.CompanySectors).Include(x => x.SecurityRoles).ThenInclude(x => x.SecurityRoleScreens).Include(x => x.SecurityRoles).ThenInclude(x => x.SecurityRoleActions).Include(x => x.ConfigScreen).ThenInclude(x => x.SecurityActions).Include(x => x.ConfigScreen).ThenInclude(x => x.ConfigScreenFields).Where(x => x.Id == model.Id).FirstOrDefaultAsync();
var listRoles = company.SecurityRoles;
if (company == null)
{
return(BadRequest("Compania inexistente"));
}
//Actualizo la compania
company.Name = model.Name;
company.ContactName = model.ContactName;
company.ContactLastName = model.ContactLastName;
company.InitialDate = model.InitialDate;
company.Email = model.Email;
company.Phone = model.Phone;
company.Website = model.Website;
company.Address = model.Address;
company.Postal = model.Postal;
company.City = model.City;
company.State = model.State;
company.Country = model.Country;
company.Schedule = model.Schedule;
company.Comment = model.Comment;
////Guardo el avatar
if (!(string.IsNullOrEmpty(model.LogoName)) && (!string.IsNullOrEmpty(model.Logo)))
{
strRuta = strRuta + "//" + company.Id.ToString() + "//" + model.LogoName;
System.IO.FileInfo file = new System.IO.FileInfo(strRuta);
file.Directory.Create();
System.IO.File.WriteAllBytes(strRuta, Convert.FromBase64String(model.Logo.Substring(model.Logo.LastIndexOf(',') + 1)));
company.Logo = strRuta;
}
//Sectores
var sectorToBeAdded = model.CompanySectors.Where(a => company.CompanySectors.All(
b => b.SectorId != a.SectorId));
var sectorToBeDeleted = company.CompanySectors.Where(a => model.CompanySectors.All(
b => b.SectorId != a.SectorId));
foreach (var sector in sectorToBeDeleted)
{
company.CompanySectors.Remove(sector);
}
foreach (var sector in sectorToBeAdded)
{
company.CompanySectors.Add(sector);
}
//Screens
//Solo vienen las activas
var screenToBeAdded = model.ConfigScreens.Where(a => company.ConfigScreen.All(
b => b.SystemScreenId != a.SystemScreenId));
var screenToBeDeleted = company.ConfigScreen.Where(a => model.ConfigScreens.All(
b => b.SystemScreenId != a.SystemScreenId));
//Si no se dan de alta o se eliminan, los actualizo
//son todos los que no se graban + los que no se eliminan
List <ConfigScreen> screenNotbeUpdated = new List <ConfigScreen>();
List <ConfigScreen> screenEnabled = new List <ConfigScreen>();
screenNotbeUpdated.AddRange(screenToBeAdded);
screenNotbeUpdated.AddRange(screenToBeDeleted);
var screenToBeUpdated = model.ConfigScreens.Where(a => screenNotbeUpdated.All(
b => b.SystemScreenId != a.SystemScreenId));
screenEnabled.AddRange(screenToBeAdded);
screenEnabled.AddRange(screenToBeUpdated);
//Elimino las pantallas del paso 2
foreach (var screenDtl in screenToBeDeleted.ToList())
{
//Borro los childs
ConfigScreen configScreen = company.ConfigScreen.Where(x => x.SystemScreenId == screenDtl.SystemScreenId).FirstOrDefault();
//Seteo las dependencias
var securityactionsToDelete = configScreen.SecurityActions;
var configScreenFieldToDelete = configScreen.ConfigScreenFields;
//Borro las acciones
foreach (var action in securityactionsToDelete.ToList())
{
configScreen.SecurityActions.Remove(action);
}
//Borro los atributos
foreach (var attr in configScreenFieldToDelete.ToList())
{
configScreen.ConfigScreenFields.Remove(attr);
}
var listRolesToDelete = listRoles;
//Borro las pantallas de los roles
foreach (var item in listRolesToDelete.ToList())
{
var listRolesActionToDelete = item.SecurityRoleActions.Where(x => x.SecurityAction.ConfigScreen.SystemScreenId == screenDtl.SystemScreenId).ToList();
foreach (var action in listRolesActionToDelete)
{
item.SecurityRoleActions.Remove(action);
}
var listRolesScreenToDelete = item.SecurityRoleScreens.Where(x => x.ConfigScreen.SystemScreenId == screenDtl.SystemScreenId).ToList();
foreach (var screen in listRolesScreenToDelete)
{
item.SecurityRoleScreens.Remove(screen);
}
}
company.ConfigScreen.Remove(configScreen);
}
//Modifico
foreach (var screen in company.ConfigScreen)
{
ConfigScreen configScreen = screenToBeUpdated.Where(x => x.SystemScreenId == screen.SystemScreenId).FirstOrDefault();
if (configScreen != null)
{
screen.Description = configScreen.Description;
screen.Enabled = configScreen.Enabled;
screen.Icon = configScreen.Icon;
screen.Orden = configScreen.Orden;
}
//Actualizo los fields
if (configScreen.ConfigScreenFields != null)
{
foreach (var item2 in configScreen.ConfigScreenFields)
{
bool existField = false;
foreach (var item1 in screen.ConfigScreenFields)
{
//Me fijo si esta creado, si esta lo actualizo
if (item1.SystemScreenFieldId == item2.SystemScreenFieldId)
{
item1.Enabled = item2.Enabled;
item1.DefaultValue = item2.DefaultValue;
item1.Orden = item2.Orden;
item1.FieldName = item2.FieldName;
item1.Name = item2.Name;
item1.Required = item2.Required;
item1.Visible = item2.Visible;
existField = true;
break;
}
}
//Sino existe lo creo
if (!existField)
{
ConfigScreenField configScreenField = new ConfigScreenField
{
Enabled = item2.Enabled,
DefaultValue = item2.DefaultValue,
Orden = item2.Orden,
FieldName = item2.FieldName,
Name = item2.Name,
Required = item2.Required,
Visible = item2.Visible,
ConfigScreenId = item2.ConfigScreenId,
SystemScreenFieldId = item2.SystemScreenFieldId
};
screen.ConfigScreenFields.Add(configScreenField);
}
}
}
//Actualizo las acciones
if (configScreen.SecurityActions != null)
{
foreach (var item2 in configScreen.SecurityActions)
{
bool existAction = false;
foreach (var item1 in screen.SecurityActions)
{
if (item1.SystemActionId == item2.SystemActionId)
{
item1.Enabled = item2.Enabled;
item1.Description = item2.Description;
existAction = true;
break;
}
}
//Sino existe lo creo
if (!existAction)
{
SecurityAction securityAction = new SecurityAction
{
Enabled = item2.Enabled,
Description = item2.Description,
ConfigScreenId = item2.ConfigScreenId,
SystemActionId = item2.SystemActionId
};
screen.SecurityActions.Add(securityAction);
}
}
}
}
//Agrego
foreach (var screenAdd in screenToBeAdded.ToList())
{
ConfigScreen configScreenAdd = new ConfigScreen
{
CompanyId = model.Id,
Description = screenAdd.Description,
Enabled = screenAdd.Enabled,
Orden = screenAdd.Orden,
Icon = screenAdd.Icon,
SystemScreenId = screenAdd.SystemScreenId
};
//tambien agrego los atributos
//Dentro de las pantallas agrego los Atributos
if (screenAdd.ConfigScreenFields != null)
{
configScreenAdd.ConfigScreenFields = new List <ConfigScreenField>();
foreach (var field in screenAdd.ConfigScreenFields)
{
ConfigScreenField configScreenField = new ConfigScreenField
{
ConfigScreenId = screenAdd.Id,
Name = field.Name,
Required = field.Required,
Visible = field.Visible,
DefaultValue = field.DefaultValue,
Orden = field.Orden,
Enabled = field.Enabled,
FieldName = field.FieldName,
SystemScreenFieldId = field.SystemScreenFieldId,
};
configScreenAdd.ConfigScreenFields.Add(configScreenField);
}
}
//Dentro de las pantallas agrego las Acciones
if (screenAdd.SecurityActions != null)
{
configScreenAdd.SecurityActions = new List <SecurityAction>();
foreach (var action in screenAdd.SecurityActions)
{
SecurityAction securityAction = new SecurityAction
{
ConfigScreenId = screenAdd.Id,
Description = action.Description,
Enabled = action.Enabled,
SystemActionId = action.SystemActionId,
};
configScreenAdd.SecurityActions.Add(securityAction);
}
}
company.ConfigScreen.Add(configScreenAdd);
}
_context.Entry(company).State = EntityState.Modified;
await _context.SaveChangesAsync();
//SecurityRoles
//Vienen todos los roles
foreach (var modelRol in model.SecurityRoles.ToList())
{
//Paso 5
SecurityRole securityRole = company.SecurityRoles.Where(x => x.SystemRoleId == modelRol.SystemRoleId).FirstOrDefault();
if (securityRole != null)
{
securityRole.Description = modelRol.Description;
securityRole.Name = modelRol.Name;
securityRole.Enabled = modelRol.Enabled;
var screenRolToBeAdded = modelRol.SecurityRoleScreens.Where(a => securityRole.SecurityRoleScreens.All(
b => b.ConfigScreen.SystemScreenId != a.SystemScreenId));
var screenRolToBeDeleted = securityRole.SecurityRoleScreens.Where(a => modelRol.SecurityRoleScreens.All(
b => b.SystemScreenId != a.ConfigScreen.SystemScreenId));
var actionRolToBeAdded = modelRol.SecurityRoleActions.Where(a => securityRole.SecurityRoleActions.All(
b => b.SecurityAction.SystemActionId != a.SystemActionId));
var actionRolToBeDeleted = securityRole.SecurityRoleActions.Where(a => modelRol.SecurityRoleActions.All(
b => b.SystemActionId != a.SecurityAction.SystemActionId));
//SCREENS
foreach (var item in screenRolToBeDeleted.ToList())
{
securityRole.SecurityRoleScreens.Remove(item);
}
foreach (var item2 in screenRolToBeAdded.ToList())
{
SecurityRoleScreen securityRoleScreen = new SecurityRoleScreen
{
SecurityRoleId = item2.SystemRoleId,
ConfigScreenId = company.ConfigScreen.Where(x => x.SystemScreenId == item2.SystemScreenId).Select(x => x.Id).FirstOrDefault()
};
securityRole.SecurityRoleScreens.Add(securityRoleScreen);
}
//ACCIONES
foreach (var item in actionRolToBeDeleted.ToList())
{
securityRole.SecurityRoleActions.Remove(item);
}
foreach (var item2 in actionRolToBeAdded.ToList())
{
var configScreen = company.ConfigScreen.Where(x => x.SystemScreenId == item2.SystemScreenId).FirstOrDefault();
if (configScreen != null)
{
foreach (var action in configScreen.SecurityActions)
{
if (item2.SystemActionId == action.SystemActionId)
{
SecurityRoleAction securityRoleAction = new SecurityRoleAction
{
SecurityRoleId = item2.SystemRoleId
};
securityRoleAction.SecurityActionId = action.Id;
securityRole.SecurityRoleActions.Add(securityRoleAction);
break;
}
}
}
}
}
}
_context.Entry(company).State = EntityState.Modified;
await _context.SaveChangesAsync();
}
catch (Exception ex)
{
return(BadRequest());
}
return(Ok());
}
protected IsolatedStoragePermissionAttribute(SecurityAction action) : base(default(SecurityAction))
{
}
// Constructors
public EnvironmentPermissionAttribute(SecurityAction action)
{
}
internal void AddDeclarativeSecurity(IClrProgramItem item,
SecurityAction action,
PermissionSet pset)
{
throw new NotImplementedException("AddDeclarativeSecurity");
}
