public static StatUnitViewModel Create(
IStatisticalUnit domainEntity,
DataAccessPermissions dataAccess,
IReadOnlyDictionary <string, bool> mandatoryFields,
ActionsEnum ignoredActions)
{
var properties = GetFilteredProperties(domainEntity.GetType())
.Select(x => PropertyMetadataFactory.Create(
x.PropInfo, domainEntity, x.Writable,
mandatoryFields.TryGetValue(x.PropInfo.Name, out var mandatory) ? mandatory : (bool?)null));
return(new StatUnitViewModel
{
StatUnitType = StatisticalUnitsTypeHelper.GetStatUnitMappingType(domainEntity.GetType()),
Properties = properties,
Permissions = dataAccess.Permissions.Where(x => properties.Any(d => x.PropertyName.EndsWith($".{d.LocalizeKey}"))).ToList() //TODO: Filter By Type (Optimization)
});
IEnumerable <(PropertyInfo PropInfo, bool Writable)> GetFilteredProperties(Type type)
=> type.GetProperties(BindingFlags.Instance | BindingFlags.Public)
.Where(x =>
dataAccess.HasWriteOrReadPermission(DataAccessAttributesHelper.GetName(type, x.Name)) &&
x.CanRead &&
x.CanWrite &&
(x.GetCustomAttribute <NotMappedForAttribute>(true) == null ||
!x.GetCustomAttribute <NotMappedForAttribute>(true).Actions.HasFlag(ignoredActions))
)
.OrderBy(x => ((DisplayAttribute)x.GetCustomAttribute(typeof(DisplayAttribute)))?.GetOrder() ?? int.MaxValue)
.Select(x => (x, dataAccess.HasWritePermission(DataAccessAttributesHelper.GetName(type, x.Name))));
}
private static List <DataAccessAttributeVm> GetDataAccessAttributes <T>(DataAccessPermissions permissions) where T : IStatisticalUnit
{
return(DataAccessAttributesProvider <T> .Attributes.Select(v => Mapper.Map(v, new DataAccessAttributeVm()
{
Allowed = permissions.HasWritePermission(v.Name),
CanRead = permissions.HasReadPermission(v.Name),
CanWrite = permissions.HasWritePermission(v.Name)
})).ToList());
}
public static DataAccessModel FromPermissions(DataAccessPermissions roleStandardDataAccessArray)
{
return(new DataAccessModel
{
LocalUnit = GetDataAccessAttributes <LocalUnit>(roleStandardDataAccessArray),
LegalUnit = GetDataAccessAttributes <LegalUnit>(roleStandardDataAccessArray),
EnterpriseUnit = GetDataAccessAttributes <EnterpriseUnit>(roleStandardDataAccessArray),
EnterpriseGroup = GetDataAccessAttributes <EnterpriseGroup>(roleStandardDataAccessArray),
});
}
/// <summary>
/// Method for obtaining data access attributes
/// </summary>
/// <param name = "userId"> User Id </param>
/// <param name = "type"> User type </param>
/// <returns> </returns>
public async Task <DataAccessPermissions> GetDataAccessAttributes(string userId, StatUnitTypes?type)
{
var dataAccess = await(
from userRoles in _context.UserRoles
join role in _context.Roles on userRoles.RoleId equals role.Id
where userRoles.UserId == userId
select role.StandardDataAccessArray
)
.ToListAsync();
var commonPermissions = new DataAccessPermissions(
DataAccessAttributesProvider.CommonAttributes
.Select(v => new Permission(v.Name, true, true)));
var permissions = DataAccessPermissions.Combine(dataAccess.Append(commonPermissions));
if (type.HasValue)
{
var name = StatisticalUnitsTypeHelper.GetStatUnitMappingType(type.Value).Name;
permissions = permissions.ForType(name);
}
return(permissions);
}
/// <summary>
/// Main method handler for logging in
/// </summary>
/// <returns></returns>
public async Task <IActionResult> Index()
{
if (_env.IsDevelopment() || _assets == null)
{
var assetsFileName = Path.Combine(_env.WebRootPath, "./dist/assets.json");
using (var stream = System.IO.File.OpenRead(assetsFileName))
using (var reader = new StreamReader(stream))
{
var json = await reader.ReadToEndAsync();
_assets = DeserializeObject(json);
}
}
var user = await _ctx.Users
.Include(x => x.UserRoles)
.ThenInclude(x => x.Role)
.FirstAsync(u => u.Login == User.Identity.Name);
var roles = await _ctx.Roles
.Where(r => user.UserRoles.Any(ur => ur.RoleId == r.Id)).ToListAsync();
if (user == null || !roles.Any())
{
return(RedirectToAction("LogOut", "Account"));
}
var dataAccessAttributes = DataAccessPermissions.Combine(
roles.Select(r => r.StandardDataAccessArray));
var systemFunctions = roles
.SelectMany(r => r.AccessToSystemFunctionsArray)
.Distinct()
.Select(x => ((SystemFunctions)x).ToString());
ViewData["assets:main:js"] = (string)_assets.main.js;
ViewData["userName"] = User.Identity.Name;
ViewData["dataAccessAttributes"] = SerializeObject(dataAccessAttributes);
ViewData["systemFunctions"] = string.Join(",", systemFunctions);
ViewData["mandatoryFields"] = SerializeObject(_dbMandatoryFields);
ViewData["locales"] = SerializeObject(_localization.Locales);
ViewData["defaultLocale"] = _localization.DefaultKey;
ViewData["Language1"] = _localization.Language1;
ViewData["Language2"] = _localization.Language2;
ViewData["resources"] = SerializeObject(Localization.AllResources);
ViewData["roles"] = SerializeObject(roles.Select(x => x.Name).ToArray());
ViewData["reportingSettings"] = SerializeObject(_reportingSettings);
ViewData["validationSettings"] = SerializeObject(_validationSettings);
ViewData["sampleFramePredicateFieldMeta"] = SerializeObject(typeof(FieldEnum)
.GetMembers()
.Where(x => x.GetCustomAttributes <OperationAllowedAttribute>().Any())
.Select(ToPredicateFieldMeta)
.ToImmutableDictionary());
ViewData["analysisRules"] = SerializeObject(_analysisRules);
// Send the request token as a JavaScript-readable cookie
var tokens = _antiforgery.GetAndStoreTokens(Request.HttpContext);
Response.Cookies.Append("XSRF-TOKEN", tokens.RequestToken, new CookieOptions {
HttpOnly = false
});
return(View("~/Views/Index.cshtml"));
KeyValuePair <int, object> ToPredicateFieldMeta(MemberInfo x)
{
var field = (FieldEnum)Enum.Parse(typeof(FieldEnum), x.Name);
return(new KeyValuePair <int, object>(
(int)field,
new
{
value = field.ToString(),
operations = x.GetCustomAttribute <OperationAllowedAttribute>().AllowedOperations,
}));
}
}
