public static StatUnitViewModel Create( IStatisticalUnit domainEntity, DataAccessPermissions dataAccess, IReadOnlyDictionary <string, bool> mandatoryFields, ActionsEnum ignoredActions) { var properties = GetFilteredProperties(domainEntity.GetType()) .Select(x => PropertyMetadataFactory.Create( x.PropInfo, domainEntity, x.Writable, mandatoryFields.TryGetValue(x.PropInfo.Name, out var mandatory) ? mandatory : (bool?)null)); return(new StatUnitViewModel { StatUnitType = StatisticalUnitsTypeHelper.GetStatUnitMappingType(domainEntity.GetType()), Properties = properties, Permissions = dataAccess.Permissions.Where(x => properties.Any(d => x.PropertyName.EndsWith($".{d.LocalizeKey}"))).ToList() //TODO: Filter By Type (Optimization) }); IEnumerable <(PropertyInfo PropInfo, bool Writable)> GetFilteredProperties(Type type) => type.GetProperties(BindingFlags.Instance | BindingFlags.Public) .Where(x => dataAccess.HasWriteOrReadPermission(DataAccessAttributesHelper.GetName(type, x.Name)) && x.CanRead && x.CanWrite && (x.GetCustomAttribute <NotMappedForAttribute>(true) == null || !x.GetCustomAttribute <NotMappedForAttribute>(true).Actions.HasFlag(ignoredActions)) ) .OrderBy(x => ((DisplayAttribute)x.GetCustomAttribute(typeof(DisplayAttribute)))?.GetOrder() ?? int.MaxValue) .Select(x => (x, dataAccess.HasWritePermission(DataAccessAttributesHelper.GetName(type, x.Name)))); }
private static List <DataAccessAttributeVm> GetDataAccessAttributes <T>(DataAccessPermissions permissions) where T : IStatisticalUnit { return(DataAccessAttributesProvider <T> .Attributes.Select(v => Mapper.Map(v, new DataAccessAttributeVm() { Allowed = permissions.HasWritePermission(v.Name), CanRead = permissions.HasReadPermission(v.Name), CanWrite = permissions.HasWritePermission(v.Name) })).ToList()); }
public static DataAccessModel FromPermissions(DataAccessPermissions roleStandardDataAccessArray) { return(new DataAccessModel { LocalUnit = GetDataAccessAttributes <LocalUnit>(roleStandardDataAccessArray), LegalUnit = GetDataAccessAttributes <LegalUnit>(roleStandardDataAccessArray), EnterpriseUnit = GetDataAccessAttributes <EnterpriseUnit>(roleStandardDataAccessArray), EnterpriseGroup = GetDataAccessAttributes <EnterpriseGroup>(roleStandardDataAccessArray), }); }
/// <summary> /// Method for obtaining data access attributes /// </summary> /// <param name = "userId"> User Id </param> /// <param name = "type"> User type </param> /// <returns> </returns> public async Task <DataAccessPermissions> GetDataAccessAttributes(string userId, StatUnitTypes?type) { var dataAccess = await( from userRoles in _context.UserRoles join role in _context.Roles on userRoles.RoleId equals role.Id where userRoles.UserId == userId select role.StandardDataAccessArray ) .ToListAsync(); var commonPermissions = new DataAccessPermissions( DataAccessAttributesProvider.CommonAttributes .Select(v => new Permission(v.Name, true, true))); var permissions = DataAccessPermissions.Combine(dataAccess.Append(commonPermissions)); if (type.HasValue) { var name = StatisticalUnitsTypeHelper.GetStatUnitMappingType(type.Value).Name; permissions = permissions.ForType(name); } return(permissions); }
/// <summary> /// Main method handler for logging in /// </summary> /// <returns></returns> public async Task <IActionResult> Index() { if (_env.IsDevelopment() || _assets == null) { var assetsFileName = Path.Combine(_env.WebRootPath, "./dist/assets.json"); using (var stream = System.IO.File.OpenRead(assetsFileName)) using (var reader = new StreamReader(stream)) { var json = await reader.ReadToEndAsync(); _assets = DeserializeObject(json); } } var user = await _ctx.Users .Include(x => x.UserRoles) .ThenInclude(x => x.Role) .FirstAsync(u => u.Login == User.Identity.Name); var roles = await _ctx.Roles .Where(r => user.UserRoles.Any(ur => ur.RoleId == r.Id)).ToListAsync(); if (user == null || !roles.Any()) { return(RedirectToAction("LogOut", "Account")); } var dataAccessAttributes = DataAccessPermissions.Combine( roles.Select(r => r.StandardDataAccessArray)); var systemFunctions = roles .SelectMany(r => r.AccessToSystemFunctionsArray) .Distinct() .Select(x => ((SystemFunctions)x).ToString()); ViewData["assets:main:js"] = (string)_assets.main.js; ViewData["userName"] = User.Identity.Name; ViewData["dataAccessAttributes"] = SerializeObject(dataAccessAttributes); ViewData["systemFunctions"] = string.Join(",", systemFunctions); ViewData["mandatoryFields"] = SerializeObject(_dbMandatoryFields); ViewData["locales"] = SerializeObject(_localization.Locales); ViewData["defaultLocale"] = _localization.DefaultKey; ViewData["Language1"] = _localization.Language1; ViewData["Language2"] = _localization.Language2; ViewData["resources"] = SerializeObject(Localization.AllResources); ViewData["roles"] = SerializeObject(roles.Select(x => x.Name).ToArray()); ViewData["reportingSettings"] = SerializeObject(_reportingSettings); ViewData["validationSettings"] = SerializeObject(_validationSettings); ViewData["sampleFramePredicateFieldMeta"] = SerializeObject(typeof(FieldEnum) .GetMembers() .Where(x => x.GetCustomAttributes <OperationAllowedAttribute>().Any()) .Select(ToPredicateFieldMeta) .ToImmutableDictionary()); ViewData["analysisRules"] = SerializeObject(_analysisRules); // Send the request token as a JavaScript-readable cookie var tokens = _antiforgery.GetAndStoreTokens(Request.HttpContext); Response.Cookies.Append("XSRF-TOKEN", tokens.RequestToken, new CookieOptions { HttpOnly = false }); return(View("~/Views/Index.cshtml")); KeyValuePair <int, object> ToPredicateFieldMeta(MemberInfo x) { var field = (FieldEnum)Enum.Parse(typeof(FieldEnum), x.Name); return(new KeyValuePair <int, object>( (int)field, new { value = field.ToString(), operations = x.GetCustomAttribute <OperationAllowedAttribute>().AllowedOperations, })); } }