public async Task <JsonResult> UpdateUserPermission([FromBody] UserPerModel model)
{
JMessage msg = new JMessage {
Error = true, Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_FAIL"), CommonUtil.ResourceValue("PERMISSION").ToLower())
};
string userName = string.Empty;
try
{
var user = await _context.Users.FirstOrDefaultAsync(x => x.Id == model.UserId);
if (user != null)
{
var app = await _context.AdApplications.FirstOrDefaultAsync(x => x.ApplicationCode == model.AppCode);
if (app != null)
{
// Update user is exceeded permission
user.IsExceeded = model.IsExceeded;
//// Update Branch Reference
//var oldBranchRef = user.OrgReference;
//user.OrgReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : "";
user.UpdatedDate = DateTime.Now;
user.UpdatedBy = ESEIM.AppContext.UserName;
_context.Update(user);
//_actionLog.InsertActionLog("ASP_NET_USERS", "Update success branch reference of user: "******"Update", false, user.UserName);
// Update Group User and Permission
var listOldGroup = _context.AdUserInGroups.Where(x => x.UserId == user.Id && x.ApplicationCode == app.ApplicationCode).ToList();
var listOldPermissionAll = _context.AdPermissions.Where(x => x.ApplicationCode == app.ApplicationCode && x.UserId == user.Id && listOldGroup.Any(y => y.GroupUserCode == x.GroupUserCode)).ToList();
if (model.GroupUsers.Count > 0)
{
var listOldGroupDel = listOldGroup.Where(x => model.GroupUsers.All(y => y.GroupCode != x.GroupUserCode)).ToList();
_context.RemoveRange(listOldGroupDel); // Remove all old group not selected
var listOldPermissionDel = listOldPermissionAll.Where(x => model.GroupUsers.All(y => y.GroupCode != x.GroupUserCode || (y.GroupCode == x.GroupUserCode && y.RoleId != x.RoleId))).ToList();
_context.RemoveRange(listOldPermissionDel); // Remove all old permission
var listPermissionAll = _context.AdPermissions.Where(x => x.ApplicationCode == model.AppCode && model.GroupUsers.Any(y => y.GroupCode == x.GroupUserCode && y.RoleId == x.RoleId)).ToList();
var listPermissionDefault = listPermissionAll.Where(x => x.UserId == null).ToList();
var listPermissionUser = listPermissionAll.Where(x => x.UserId == model.UserId).ToList();
foreach (var groupUser in model.GroupUsers)
{
var oldGroup = listOldGroup.FirstOrDefault(x => x.GroupUserCode == groupUser.GroupCode && x.ApplicationCode == model.AppCode);
var listPerDefaultGroup = listPermissionDefault.Where(x => x.GroupUserCode == groupUser.GroupCode && x.ApplicationCode == model.AppCode);
if (oldGroup != null)
{
//if (groupUser.RoleId != oldGroup.RoleId)
//{
// Update user in group
oldGroup.BranchReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : "";
if (!oldGroup.IsMain)
{
oldGroup.RoleId = groupUser.RoleId;
}
oldGroup.GrantAll = true;
_context.Update(oldGroup); // Update entity
//}
}
else
{
// Add user to group
var userInGroup = new AdUserInGroup();
userInGroup.UserId = model.UserId;
userInGroup.GroupUserCode = groupUser.GroupCode;
userInGroup.ApplicationCode = model.AppCode;
userInGroup.RoleId = groupUser.RoleId;
userInGroup.GrantAll = true;
userInGroup.BranchReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : "";
_context.Add(userInGroup); // Add entity
}
// Add or Update permission
if (groupUser.Resources != null && groupUser.Resources.Count > 0)
{
groupUser.Resources = groupUser.Resources.Where(x => x.HasPermission && !x.IsFunction).ToList();
// Get all permission need remove
var permissionDel = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && !groupUser.Resources.Any(y => y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode));
_context.RemoveRange(permissionDel); // Remove all permission not in selected
// Get all permission need update
var permissionUpdate = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && groupUser.Resources.Any(y => y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode)).ToList();
if (permissionUpdate.Count > 0)
{
foreach (var perUpdate in permissionUpdate)
{
var resUpdate = groupUser.Resources.FirstOrDefault(y => y.FunctionCode == perUpdate.FunctionCode && y.Code == perUpdate.ResourceCode);
perUpdate.ExpiredDate = resUpdate?.ExpiredDate;
}
}
// Get all permission need add
var permissionAdd = groupUser.Resources.Where(x => !listPermissionUser.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code && y.GroupUserCode == groupUser.GroupCode && y.RoleId == groupUser.RoleId))
.Select(x => new AdPermission
{
ApplicationCode = model.AppCode,
FunctionCode = x.FunctionCode,
ResourceCode = x.Code,
GroupUserCode = groupUser.GroupCode,
UserId = model.UserId,
RoleId = groupUser.RoleId,
ExpiredDate = x.ExpiredDate,
}).ToList();
_context.AddRange(permissionAdd); // Add entity
}
else
{
//var permissionDel = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && !listPerDefaultGroup.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.ResourceCode));
//_context.RemoveRange(permissionDel); // Remove all permission not in selected
var permissionAdd = listPerDefaultGroup.Where(x => !listPermissionUser.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.ResourceCode && y.GroupUserCode == groupUser.GroupCode && y.RoleId == groupUser.RoleId))
.Select(x => new AdPermission
{
ApplicationCode = x.ApplicationCode,
FunctionCode = x.FunctionCode,
ResourceCode = x.ResourceCode,
GroupUserCode = x.GroupUserCode,
UserId = model.UserId,
RoleId = x.RoleId,
}).ToList();
_context.AddRange(permissionAdd); // Add entity
}
}
}
else
{
_context.RemoveRange(listOldGroup); // Remove all old group
_context.RemoveRange(listOldPermissionAll); // Remove all old permission
}
//_actionLog.InsertActionLog("VIB_PERMISSION", "Update success permission for user: "******"Update", false, user.UserName);
var result = await _context.SaveChangesAsync();
msg.Error = false;
msg.Title = "Update user permission successfully";
}
else
{
msg.Title = "Application is not exists in system!";
}
}
else
{
msg.Title = "User is not exists in system!";
}
}
catch (Exception ex)
{
//_actionLog.InsertActionLog("VIB_PERMISSION", "Update failed permission for user " + userName + " : " + ex.Message, null, null, "Error", true, userName);
msg.Object = ex;
}
return(Json(msg));
}
public async Task <JsonResult> UpdatePermission([FromBody] PermissionModel model)
{
JMessage msg = new JMessage {
Error = true, Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_FAIL"), CommonUtil.ResourceValue("PERMISSION").ToLower())
};
try
{
model.Resources = model.Resources.Where(x => !x.IsFunction).ToList();
if (model.GroupCodes.Count > 0)
{
var listFunctionChild = await _context.AdFunctions.Where(x => x.FunctionCode == model.FunctionCode || x.ParentCode == model.FunctionCode || x.Parent.ParentCode == model.FunctionCode).ToListAsync();
var listGroupUser = await _context.AdGroupUsers.Where(x => model.GroupCodes.Any(y => y == x.GroupUserCode)).ToListAsync();
var listUserInGroup = await _context.AdUserInGroups.Where(x => model.GroupCodes.Any(y => y == x.GroupUserCode) && x.RoleId == model.RoleId).ToListAsync();
var listPermissionAll = await _context.AdPermissions.Where(x => x.ApplicationCode == model.ApplicationCode && x.RoleId == model.RoleId && listGroupUser.Any(y => y.GroupUserCode == x.GroupUserCode) && (string.IsNullOrEmpty(model.FunctionCode) || listFunctionChild.Any(y => y.FunctionCode == x.FunctionCode))).ToListAsync();
var listPermissionDefault = listPermissionAll.Where(x => x.UserId == null).ToList();
var listPermissionUser = listPermissionAll.Where(x => x.UserId != null).ToList();
if (listGroupUser.Count > 0)
{
foreach (var groupUser in listGroupUser)
{
if (!model.IsMultiple)
{
// Remove permission default
var delPermissionDefault = listPermissionDefault.Where(x => x.GroupUserCode == groupUser.GroupUserCode && !model.Resources.Any(y => y.HasPermission && !y.IsFunction && y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode));
_context.RemoveRange(delPermissionDefault);
// Remove permission user
var delPermissionUser = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupUserCode && !model.Resources.Any(y => y.HasPermission && !y.IsFunction && y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode));
_context.RemoveRange(delPermissionUser);
}
// Add permission default
var addPermissionDefault = model.Resources.Where(x => x.HasPermission && !x.IsFunction && !listPermissionDefault.Any(y => y.GroupUserCode == groupUser.GroupUserCode && y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code))
.Select(x => new AdPermission
{
ApplicationCode = model.ApplicationCode,
FunctionCode = x.FunctionCode,
ResourceCode = x.Code,
GroupUserCode = groupUser.GroupUserCode,
RoleId = model.RoleId,
UserId = null,
});
_context.AddRange(addPermissionDefault);
// Add permission user
var listUser = listUserInGroup.Where(x => x.GroupUserCode == groupUser.GroupUserCode).ToList();
//var permissionUser = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupUserCode).GroupBy(g => g.UserId).ToList();
if (listUser.Count > 0)
{
foreach (var perUser in listUser)
{
var addPermissionUser = model.Resources.Where(x => x.HasPermission && !x.IsFunction && x.Scope == false && !listPermissionUser.Any(y => y.GroupUserCode == groupUser.GroupUserCode && y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code))
.Select(x => new AdPermission
{
ApplicationCode = model.ApplicationCode,
FunctionCode = x.FunctionCode,
ResourceCode = x.Code,
GroupUserCode = groupUser.GroupUserCode,
RoleId = model.RoleId,
UserId = perUser.UserId,
});
_context.AddRange(addPermissionUser);
}
}
}
}
var result = await _context.SaveChangesAsync();
}
_actionLog.InsertActionLog("VIB_PERMISSION", "Update define permission for deparment/profit center success", null, null, "Update");
msg.Error = false;
msg.Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_SUCCESS"), CommonUtil.ResourceValue("PERMISSION").ToLower());
}
catch (Exception ex)
{
_actionLog.InsertActionLog("VIB_PERMISSION", "Update define permission failed: " + ex.Message, null, null, "Error");
msg.Object = ex;
}
return(Json(msg));
}