public override RoleDto EntityToEntityDto(Role entity)
{
RoleDto roledto = Mapper.Map <Role, RoleDto>(entity);
if (entity != null)
{
// roledto.RolesInUserGroupRolePermissions.Clear();
// if (entity.RolesInUserGroupRolePermissions != null)
// {
// foreach (UserGroup usergroup in entity.RolesInUserGroupRolePermissions)
// {
// UserGroupDto usergroupDto = new UserGroupDto();
// usergroupDto = Mapper.Map<UserGroup, UserGroupDto>(usergroup);
// roledto.RolesInUserGroupRolePermissions.Add(usergroupDto);
// }
// }
// roledto.RolesInUserRolePermissions.Clear();
if (entity.RolesInUserRolePermissions != null)
{
foreach (UserRolePermission URP in entity.RolesInUserRolePermissions)
{
UserRolePermissionDto urpDto = new UserRolePermissionDto();
urpDto = Mapper.Map <UserRolePermission, UserRolePermissionDto>(URP);
roledto.RolesInUserRolePermissions.Add(urpDto);
}
}
}
return(roledto);
}
public virtual void CreateUser()
{
var userdto = new UserDto
{
Title = "Ms",
Name = "shraddha",
UserName = "******",
MobileNo = "9922077123",
Email = "*****@*****.**",
CountryCode = "91",
MothersMaidenName = "manisha",
UserOfClient = new ClientDto
{
CAId = 1
},
IsActive = true,
DateOfBirth = Convert.ToDateTime("06/10/1984"),
Password = Helper.Encode("P@ssword"),
CreatedBy = -1,
CreatedDate = DateTime.Now,
IsLockedOut = false,
IsOnLine = false,
LastActivityDate = DateTime.Now,
LastLockedOutDate = DateTime.Now,
LastLoginDate = DateTime.Now,
ModifiedBy = -1,
ModifiedDate = DateTime.Now,
LastPassword = Helper.Encode("password"),
LastPasswordChangedDate = DateTime.Now,
SecondLastPassword = Helper.Encode("pass"),
SecondLastPasswordChangedDate = DateTime.Now.AddDays(-1),
IsDeleted = false,
AllowDelete = true,
AllowEdit = true
};
var userRolePermissionDto = new UserRolePermissionDto
{
AllowAdd = true,
AllowDelete = true,
AllowEdit = true,
AllowPrint = true,
AllowView = true
};
RoleDto roleDto = this.RoleService.GetById(RoleId);
userRolePermissionDto.PermissionForRole = roleDto;
userdto.UserWithRolePermissions.Add(userRolePermissionDto);
this.UserInstance = this.UserService.Create(userdto, CurrentUserInstance.UserName);
Assert.IsFalse(this.UserInstance.UserId == 0, "User Id should have been updated");
Assert.AreEqual(this.UserInstance.Name, userdto.Name, "First Name are different");
}
public virtual void AssignRoletoUser()
{
RoleDto roleDto = this.RoleService.GetById(9);
RoleDto roleDto1 = this.RoleService.GetById(11);
UserDto userDto = this.UserService.GetById(43);
var urpdto = new UserRolePermissionDto
{
PermissionForUser = new List <UserDto>
{
new UserDto
{
UserId = userDto.UserId
}
},
PermissionForRole = roleDto,
AllowAdd = true,
AllowEdit = true,
AllowView = true,
AllowDelete = true,
AllowPrint = false
};
var urpdto1 = new UserRolePermissionDto
{
PermissionForUser = new List <UserDto>
{
new UserDto
{
UserId = userDto.UserId
}
},
PermissionForRole = roleDto1,
AllowAdd = true,
AllowEdit = true,
AllowView = true,
AllowDelete = false,
AllowPrint = false
};
userDto.UserWithRolePermissions.Clear();
userDto.UserWithRolePermissions.Add(urpdto);
userDto.UserWithRolePermissions.Add(urpdto1);
this.UserInstance = this.UserService.Update(userDto, CurrentUserInstance.UserName);
Assert.IsTrue(this.UserInstance.UserWithRolePermissions[0].UserRolePermissionId != 0, "user Id should have been updated");
}
public ActionResult SaveUserRolePermissions()
{
string username = Request.QueryString["username"];
UserServiceReference.UserServiceClient client = new UserServiceClient();
try
{
UserDto user = client.GetByUserName(username);
IList <UserRolesModel> userRoleModelList = (IList <UserRolesModel>)Session["UserRolesModelList" + username];
user.UserWithRolePermissions = new List <UserRolePermissionDto>();
user.UserWithRolePermissions.Clear();
foreach (UserRolesModel urmodel in userRoleModelList)
{
if (urmodel.AllowAdd || urmodel.AllowEdit || urmodel.AllowPrint || urmodel.AllowView || urmodel.AllowDelete)
{
UserRolePermissionDto URPDto = new UserRolePermissionDto()
{
PermissionForRole = urmodel.UserRoleDto,
AllowAdd = urmodel.AllowAdd,
AllowDelete = urmodel.AllowDelete,
AllowEdit = urmodel.AllowEdit,
AllowPrint = urmodel.AllowPrint,
AllowView = urmodel.AllowView,
};
user.UserWithRolePermissions.Add(URPDto);
}
}
user.ViewOfUserUserGroupRolePermissions = null;
user = client.Update(user, ((UserDto)Session[Constants.SKCURRENTUSER]).UserName);
}
catch (Exception ex)
{
return(View("ErrorPage"));
}
finally
{
if (Session["UserRolesModelList" + username] != null)
{
Session.Remove("UserRolesModelList" + username);
}
}
return(RedirectToAction("UsersIndex", new { usertype = Request.QueryString["usertype"] }));
}
public UserRolePermissionDto Create(UserRolePermissionDto user, UserDto loggedInUserDto)
{
return(ExecuteCommand(proxy => proxy.Create(user, loggedInUserDto)));
}
public UserRolePermissionDto Create(UserRolePermissionDto user, string userName)
{
return(ExecuteCommand(proxy => proxy.Create(user, userName)));
}
public UserRolePermissionDto Create(UserRolePermissionDto user, UserDto loggedInUserDto)
{
return(ExecuteCommand(() => Service.Create(user, loggedInUserDto)));
}
public static bool IsUserInRole(IList <string> roleNames, RolePermission permissions, UserDto currentUser)
{
//UserServiceClient client = new UserServiceClient();
//UserDto currentUser = client.GetByUserName(userName);
bool hasAccess = false;
try
{
foreach (string roleName in roleNames)
{
var res = currentUser.UserWithRolePermissions.Where(x => x.PermissionForRole.RoleName == roleName);
if (res.Count() != 0)
{
UserRolePermissionDto urpDto = res.FirstOrDefault();
switch (permissions)
{
case RolePermission.Add:
hasAccess = urpDto.AllowAdd;
break;
case RolePermission.Update:
hasAccess = urpDto.AllowEdit;
break;
case RolePermission.View:
hasAccess = urpDto.AllowView;
break;
case RolePermission.Delete:
hasAccess = urpDto.AllowDelete;
break;
case RolePermission.Print:
hasAccess = urpDto.AllowPrint;
break;
}
res = null;
return(hasAccess);
}
else
{
var resGroupRole = currentUser.ViewOfUserUserGroupRolePermissions.Where(x => x.PermissionForRole.RoleName == roleName);
if (resGroupRole.Count() != 0)
{
viewUserUserGroupRolePermissionsDto vwUgRoleDto = resGroupRole.FirstOrDefault();
switch (permissions)
{
case RolePermission.Add:
hasAccess = vwUgRoleDto.AllowAdd;
break;
case RolePermission.Update:
hasAccess = vwUgRoleDto.AllowEdit;
break;
case RolePermission.View:
hasAccess = vwUgRoleDto.AllowView;
break;
case RolePermission.Delete:
hasAccess = vwUgRoleDto.AllowDelete;
break;
case RolePermission.Print:
hasAccess = vwUgRoleDto.AllowPrint;
break;
}
//return hasAccess;
}
}
}
}
catch (Exception ex)
{
}
return(hasAccess);
}
public UserRolePermissionDto Create(UserRolePermissionDto userRolePermissionDto, string userName)
{
return(ExecuteCommand(() => Service.Create(userRolePermissionDto, userName)));
}
public virtual async Task <bool> HasPermissionAsync(ClaimsPrincipal User, string permKey, bool isAdminRequired = false, IEnumerable <string> clientIds = null)
{
if (!String.IsNullOrWhiteSpace(permKey))
{
UserRolePermissionDto perms = null;
if (User.FindFirst(JwtClaimTypes.Subject) != null)
{
// 说明有用户参与
perms = await GetUserRolesAndPermissionsAsync(User, clientIds);
}
else
{
// 可能是直接由Client Credential 方式获取的 token
// 此时 perm 直接以 claim 形式存在
var permClaim = User.FindFirst(Constants.CLIENT_CLAIM_PREFIX + permKey);
if (permClaim != null && !isAdminRequired)
{
// 由于 Client 并非 User,所以没有管理员之说
return(true);
}
}
if (perms != null)
{
bool isAdmin = false;
bool isSuperAdmin = false;
// 如果这个用户本来就有这个 claim,则也是 super
if (User.HasClaim(itm => itm.Type == Constants.SUPERADMIN_CLAIM_TYPE))
{
isAdmin = true;
isSuperAdmin = true;
}
else
{
// 自定义 ClaimsIdentity 用于保存当前用户所归属的所有 Client
ClaimsIdentity roleIdentity = new ClaimsIdentity("PermissionHandler");
if (perms.Roles != null)
{
foreach (var role in perms.Roles)
{
if (role.IsSuperAdmin && !isSuperAdmin)
{
roleIdentity.AddClaim(new Claim(Constants.SUPERADMIN_CLAIM_TYPE, true.ToString()));
isAdmin = true;
isSuperAdmin = true;
}
if (role.IsAdmin && !isAdmin)
{
isAdmin = true;
}
if (!String.IsNullOrWhiteSpace(role.ClientId))
{
roleIdentity.AddClaim(new Claim(JwtClaimTypes.ClientId, role.ClientId));
}
}
}
if (!User.Identities.Any(itm => itm.AuthenticationType == "PermissionHandler"))
{
User.AddIdentity(roleIdentity);
}
}
// 如果是超级管理员,则有所有权限
if (isSuperAdmin)
{
return(true);
}
if (perms.Permissions.Any(itm => itm.Key == permKey))
{
// 如果要求只能是管理员,则必须具有管理员的角色
if (!isAdminRequired || (isAdminRequired && isAdmin))
{
return(true);
}
}
return(false);
}
}
return(false);
}
