public IActionResult Grant(GrantViewModel vm) { var aluno = _bancoContexto.Usuario.FirstOrDefault(u => u.RM == vm.RM); if (aluno == default(Usuario)) { return(NotFound(new { message = "Aluno não encontrado" })); } _bancoContexto.Status.ToList().FindAll(s => s.Usuario == aluno).ForEach(s => { if (s.DataFim > vm.DataInicio) { s.DataFim = vm.DataInicio.AddDays(-1); } }); var situacao = new Status(); situacao.DataFim = vm.DataFim; situacao.DataInicio = vm.DataInicio; situacao.Descricao = vm.Descricao; situacao.Usuario = aluno; _bancoContexto.Status.Add(situacao); _bancoContexto.SaveChanges(); return(Ok(new { message = "Status modificado com sucesso!" })); }
private async Task <GrantsViewModel> BuildViewModelAsync() { var grants = await _interaction.GetAllUserConsentsAsync(); var list = new List <GrantViewModel>(); foreach (var grant in grants) { var client = await _clients.FindClientByIdAsync(grant.ClientId); if (client != null) { var resources = await _resources.FindResourcesByScopeAsync(grant.Scopes); var item = new GrantViewModel() { ClientId = client.ClientId, ClientName = client.ClientName ?? client.ClientId, ClientLogoUrl = client.LogoUri, ClientUrl = client.ClientUri, Created = grant.CreationTime, Expires = grant.Expiration, IdentityGrantNames = resources.IdentityResources.Select(x => x.DisplayName ?? x.Name).ToArray(), ApiGrantNames = resources.ApiResources.Select(x => x.DisplayName ?? x.Name).ToArray() }; list.Add(item); } } return(new GrantsViewModel { Grants = list }); }
protected internal virtual async Task <GrantsViewModel> CreateGrantsViewModelAsync() { var model = new GrantsViewModel(); var grants = await this.Facade.Interaction.GetAllUserGrantsAsync(); foreach (var grant in grants) { var client = await this.Facade.ClientStore.FindClientByIdAsync(grant.ClientId); if (client == null) { continue; } var resources = await this.ResourceStore.FindResourcesByScopeAsync(grant.Scopes); var item = new GrantViewModel() { Client = client, Created = grant.CreationTime, Description = grant.Description, Expiration = grant.Expiration, }; item.ApiScopes.Add(resources.ApiScopes.ToArray()); item.IdentityResources.Add(resources.IdentityResources.ToArray()); model.Grants.Add(item); } return(model); }
public IActionResult EditGroup(GrantViewModel model, string rolename) { var old_layers = GetLayers(rolename).OrderBy(r => r.Table_schema).ThenBy(r => r.Table_name).ToList(); var old_dicts = GetDicts(rolename).OrderBy(r => r.Table_schema).ThenBy(r => r.Table_name).ToList(); var layers = new List <Grant>(); if (model.LayersList != null) { layers = model.LayersList.OrderBy(r => r.Table_schema).ThenBy(r => r.Table_name).ToList(); } var layerGranters = CompareGrants(old_layers, layers); var dicts = new List <Grant>(); if (model.DictsList != null) { dicts = model.DictsList.OrderBy(r => r.Table_schema).ThenBy(r => r.Table_name).ToList(); } var dictGranters = CompareGrants(old_dicts, dicts); try { if (layerGranters?.Count() > 0) { foreach (var gran in layerGranters) { _service.GrantTableToRole(gran.TableSchema, gran.TableName, rolename, gran.IsSelect, gran.IsUpdate, gran.IsInsert, gran.IsDelete, gran.selChanged, gran.updChanged, gran.insChanged, gran.delChanged); } } if (dictGranters?.Count() > 0) { foreach (var gran in dictGranters) { _service.GrantTableToRole(gran.TableSchema, gran.TableName, rolename, gran.IsSelect, gran.IsUpdate, gran.IsInsert, gran.IsDelete, gran.selChanged, gran.updChanged, gran.insChanged, gran.delChanged); } } if (layerGranters?.Count() > 0 || dictGranters?.Count() > 0) { TempData["message"] = $"Сохранено."; } } catch (Exception e) { TempData["error"] = $"Warning. {e.Message}"; } return(RedirectToAction("Index")); }
/// <summary> /// Read all grants: /// /// - to have a global view of permissions granting: /// /// -- for a role or a user, what kind of permission is granted, for every extensions. /// </summary> /// <param name="roleManager_">Role manager instance.</param> /// <param name="storage_">Storage interface provided by services container.</param> /// <param name="roleNameByRoleId_">Dictionary of all roles with id.</param> /// <returns>Return a GrantViewModel model object.</returns> public static GrantViewModel ReadAll(RoleManager <IdentityRole <string> > roleManager_, IStorage storage_, Dictionary <string, string> roleNameByRoleId_) { GrantViewModel model = new GrantViewModel(); // 1. Get all scopes from available extensions, create initial dictionaries foreach (IExtensionMetadata extensionMetadata in ExtensionManager.GetInstances <IExtensionMetadata>()) { model.PermissionsByRoleAndExtension.Add(extensionMetadata.Name, new Dictionary <string, List <global::SoftinuxBase.Security.Common.Enums.Permission> >()); } // 2. Read data from RolePermission table // Names of roles that have permissions attributed HashSet <string> rolesWithPerms = new HashSet <string>(); // Read role/permission/extension settings List <RolePermission> allRp = storage_.GetRepository <IRolePermissionRepository>().AllRolesWithPermissions().ToList(); foreach (RolePermission rp in allRp) { if (!model.PermissionsByRoleAndExtension.ContainsKey(rp.Extension)) { // A database record related to a not loaded extension (scope). Ignore this. continue; } string roleName = roleNameByRoleId_.ContainsKey(rp.RoleId) ? roleNameByRoleId_[rp.RoleId] : null; if (!model.PermissionsByRoleAndExtension[rp.Extension].ContainsKey(roleName)) { model.PermissionsByRoleAndExtension[rp.Extension].Add(roleName, new List <global::SoftinuxBase.Security.Common.Enums.Permission>()); } // Format the list of Permission enum values according to DB enum value model.PermissionsByRoleAndExtension[rp.Extension][roleName] = PermissionHelper.GetLowerOrEqual(PermissionHelper.FromName(rp.Permission.Name)); rolesWithPerms.Add(roleName); } // 3. Also read roles for which no permissions were set IList <string> roleNames = roleManager_.Roles.Select(r_ => r_.Name).ToList(); foreach (string role in roleNames) { if (rolesWithPerms.Contains(role)) { continue; } foreach (string scope in model.PermissionsByRoleAndExtension.Keys) { model.PermissionsByRoleAndExtension[scope].Add(role, new List <global::SoftinuxBase.Security.Common.Enums.Permission>()); } } return(model); }
public Task <IViewComponentResult> InvokeAsync() { // Create a dictionary with all roles for injecting as json into grant permission page Dictionary <string, IdentityRole <string> > rolesList = new Dictionary <string, IdentityRole <string> >(); // Create a dictionary with role id and name, since we will use role name in GrantViewModel // and we have role id in RolePermission table. Dictionary <string, string> roleNameByRoleId = new Dictionary <string, string>(); foreach (var role in _roleManager.Roles) { roleNameByRoleId.Add(role.Id, role.Name); rolesList.Add(role.Id, role); } ViewBag.RolesList = rolesList; GrantViewModel model = ReadGrants.ReadAll(_roleManager, Storage, roleNameByRoleId); return(Task.FromResult <IViewComponentResult>(View("_List_Roles_Extensions", model))); }
public ActionResult Edit([Bind(Include = "GrantID,GrantStatusID,Name,Description,Start,End")] GrantViewModel grantViewModel) { if (ModelState.IsValid) { Grant model = dbGrants.Grants.Find(grantViewModel.GrantID); model.Name = grantViewModel.Name; model.GrantStatusID = grantViewModel.GrantStatusID; model.Description = grantViewModel.Description; model.Start = grantViewModel.Start; model.End = grantViewModel.End; model.DateModified = DateTime.Now; model.UserModifiedID = Guid.Parse(User.Identity.GetUserId()); dbGrants.Entry(model).State = EntityState.Modified; dbGrants.SaveChanges(); return(RedirectToAction("Index")); } PopulateGrantStatusDropDownList(grantViewModel.GrantStatusID); return(View(grantViewModel)); }
public IActionResult EditGroup(string userid, string rolename, bool ispart) { GrantViewModel model = new GrantViewModel(); model.UserList = GetUsers(userid).ToList(); model.LayersList = GetLayers(rolename).ToList(); model.DictsList = GetDicts(rolename).ToList(); ViewBag.Title = "Редактирование группы"; ViewBag.Rolename = rolename; ViewBag.Userid = userid; //if (_device.Type.ToString().ToLower() == "desktop") // return PartialView(model); //else // return View("EditGroupMobile", model); if (ispart) { return(PartialView("EditGroupPart", model)); } else { return(PartialView(model)); } }
public async Task ReadAllAsync() { var repo = DatabaseFixture.Storage.GetRepository <IRolePermissionRepository>(); var permRepo = DatabaseFixture.Storage.GetRepository <IPermissionRepository>(); try { // Arrange // 1. Create base roles await CreateBaseRolesIfNeededAsync(); // 2. Create "Special User" role await CreateRoleIfNotExistingAsync("Special User"); // 3. Read roles to get their IDs var adminRole = await DatabaseFixture.RoleManager.FindByNameAsync(Role.Administrator.GetRoleName()); var userRole = await DatabaseFixture.RoleManager.FindByNameAsync(Role.User.GetRoleName()); var anonymousRole = await DatabaseFixture.RoleManager.FindByNameAsync(Role.Anonymous.GetRoleName()); var specialUserRole = await DatabaseFixture.RoleManager.FindByNameAsync("Special User"); // 4. Read permissions to get their IDs var adminPermissionId = permRepo.All().FirstOrDefault(p_ => p_.Name == Permission.Admin.GetPermissionName())?.Id; var writePermissionId = permRepo.All().FirstOrDefault(p_ => p_.Name == Permission.Write.GetPermissionName())?.Id; var readPermissionId = permRepo.All().FirstOrDefault(p_ => p_.Name == Permission.Read.GetPermissionName())?.Id; var neverPermissionId = permRepo.All().FirstOrDefault(p_ => p_.Name == Permission.Never.GetPermissionName())?.Id; Assert.NotNull(adminPermissionId); Assert.NotNull(writePermissionId); Assert.NotNull(readPermissionId); Assert.NotNull(neverPermissionId); // 5. Create role-extension links // Cleanup first repo.DeleteAll(); await DatabaseFixture.Storage.SaveAsync(); repo.Create(new RolePermission { RoleId = adminRole.Id, Extension = Constants.SoftinuxBaseSecurity, PermissionId = adminPermissionId }); repo.Create(new RolePermission { RoleId = userRole.Id, Extension = Constants.SoftinuxBaseSecurity, PermissionId = readPermissionId }); repo.Create(new RolePermission { RoleId = anonymousRole.Id, Extension = Constants.SoftinuxBaseSecurity, PermissionId = neverPermissionId }); repo.Create(new RolePermission { RoleId = specialUserRole.Id, Extension = Constants.SoftinuxBaseSecurity, PermissionId = writePermissionId }); repo.Create(new RolePermission { RoleId = adminRole.Id, Extension = "Chinook", PermissionId = adminPermissionId }); repo.Create(new RolePermission { RoleId = userRole.Id, Extension = "Chinook", PermissionId = writePermissionId }); await DatabaseFixture.Storage.SaveAsync(); // 6. Build the dictionary that is used by the tool and created in GrantPermissionsController Dictionary <string, string> roleNameByRoleId = new Dictionary <string, string>(); roleNameByRoleId.Add(adminRole.Id, adminRole.Name); roleNameByRoleId.Add(userRole.Id, userRole.Name); roleNameByRoleId.Add(anonymousRole.Id, anonymousRole.Name); roleNameByRoleId.Add(specialUserRole.Id, specialUserRole.Name); // Execute GrantViewModel model = ReadGrants.ReadAll(DatabaseFixture.RoleManager, DatabaseFixture.Storage, roleNameByRoleId); // Assert // 1. Number of keys: extensions Assert.Equal(ExtensionManager.GetInstances <IExtensionMetadata>().Count(), model.PermissionsByRoleAndExtension.Keys.Count); // 2. Number of roles for "Security" extension Assert.True(model.PermissionsByRoleAndExtension.ContainsKey(Constants.SoftinuxBaseSecurity)); // We may have additional linked roles left by other tests... Assert.True(model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity].Keys.Count >= 4); // 3. Admin role Assert.True(model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity].ContainsKey(adminRole.Name)); // Admin -> Admin, Write, Read, Never Assert.Equal(4, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][adminRole.Name].Count); Assert.Contains(Permission.Admin, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][adminRole.Name]); Assert.Contains(Permission.Write, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][adminRole.Name]); Assert.Contains(Permission.Read, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][adminRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][adminRole.Name]); // 4. Special User role Assert.True(model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity].ContainsKey(specialUserRole.Name)); // Write -> Write, Read, Never Assert.Equal(3, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][specialUserRole.Name].Count); Assert.Contains(Permission.Write, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][specialUserRole.Name]); Assert.Contains(Permission.Read, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][specialUserRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][specialUserRole.Name]); // 5. User role Assert.True(model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity].ContainsKey(userRole.Name)); // Read -> Read, Never Assert.Equal(2, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][userRole.Name].Count); Assert.Contains(Permission.Read, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][userRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][userRole.Name]); // 6. Anonymous role Assert.True(model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity].ContainsKey(anonymousRole.Name)); // Never -> Never Assert.Single(model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][anonymousRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndExtension[Constants.SoftinuxBaseSecurity][anonymousRole.Name]); // 7. Number of roles for Chinook extension // When the dll doesn't exist on disk, this is our case, no permissions should be found Assert.False(model.PermissionsByRoleAndExtension.ContainsKey("Chinook")); // No need to check the details for this extension // 8. SoftinuxBase.SeedDatabase extension was found Assert.True(model.PermissionsByRoleAndExtension.ContainsKey("SoftinuxBase.SeedDatabase")); } finally { // Cleanup created data repo.DeleteAll(); await DatabaseFixture.Storage.SaveAsync(); var specialUserRole = await DatabaseFixture.RoleManager.FindByNameAsync("Special User"); await DatabaseFixture.RoleManager.DeleteAsync(specialUserRole); } }
public async void Test() { var repo = DatabaseFixture.Storage.GetRepository <IRolePermissionRepository>(); try { // Arrange // 1. Create base roles await CreateBaseRolesIfNeeded(); // 2. Create "Special User" role await CreateRoleIfNotExisting("Special User"); // 3. Read roles to get their IDs var adminRole = await DatabaseFixture.RoleManager.FindByNameAsync(Role.Administrator.GetRoleName()); var userRole = await DatabaseFixture.RoleManager.FindByNameAsync(Role.User.GetRoleName()); var anonymousRole = await DatabaseFixture.RoleManager.FindByNameAsync(Role.Anonymous.GetRoleName()); var specialUserRole = await DatabaseFixture.RoleManager.FindByNameAsync("Special User"); // 4. Create role-extension links // Cleanup first repo.DeleteAll(); DatabaseFixture.Storage.Save(); repo.Create(new RolePermission { RoleId = adminRole.Id, Scope = "Security", PermissionId = Permission.Admin.GetPermissionName() }); repo.Create(new RolePermission { RoleId = userRole.Id, Scope = "Security", PermissionId = Permission.Read.GetPermissionName() }); repo.Create(new RolePermission { RoleId = anonymousRole.Id, Scope = "Security", PermissionId = Permission.Never.GetPermissionName() }); repo.Create(new RolePermission { RoleId = specialUserRole.Id, Scope = "Security", PermissionId = Permission.Write.GetPermissionName() }); repo.Create(new RolePermission { RoleId = adminRole.Id, Scope = "Chinook", PermissionId = Permission.Admin.GetPermissionName() }); repo.Create(new RolePermission { RoleId = userRole.Id, Scope = "Chinook", PermissionId = Permission.Write.GetPermissionName() }); DatabaseFixture.Storage.Save(); // 5. Build the dictionary that is used by the tool and created in GrantPermissionsController Dictionary <string, string> roleNameByRoleId = new Dictionary <string, string>(); roleNameByRoleId.Add(adminRole.Id, adminRole.Name); roleNameByRoleId.Add(userRole.Id, userRole.Name); roleNameByRoleId.Add(anonymousRole.Id, anonymousRole.Name); roleNameByRoleId.Add(specialUserRole.Id, specialUserRole.Name); // Execute GrantViewModel model = ReadGrants.ReadAll(DatabaseFixture.RoleManager, DatabaseFixture.Storage, roleNameByRoleId); // Assert // 1. Number of keys: extensions Assert.Equal(ExtensionManager.GetInstances <IExtensionMetadata>().Count(), model.PermissionsByRoleAndScope.Keys.Count); // 2. Number of roles for "Security" extension Assert.True((model.PermissionsByRoleAndScope.ContainsKey("Security"))); Assert.Equal(4, model.PermissionsByRoleAndScope["Security"].Keys.Count); // 3. Admin role Assert.True(model.PermissionsByRoleAndScope["Security"].ContainsKey(adminRole.Name)); // Admin -> Admin, Write, Read, Never Assert.Equal(4, model.PermissionsByRoleAndScope["Security"][adminRole.Name].Count); Assert.Contains(Permission.Admin, model.PermissionsByRoleAndScope["Security"][adminRole.Name]); Assert.Contains(Permission.Write, model.PermissionsByRoleAndScope["Security"][adminRole.Name]); Assert.Contains(Permission.Read, model.PermissionsByRoleAndScope["Security"][adminRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndScope["Security"][adminRole.Name]); // 4. Special User role Assert.True(model.PermissionsByRoleAndScope["Security"].ContainsKey(specialUserRole.Name)); // Write -> Write, Read, Never Assert.Equal(3, model.PermissionsByRoleAndScope["Security"][specialUserRole.Name].Count); Assert.Contains(Permission.Write, model.PermissionsByRoleAndScope["Security"][specialUserRole.Name]); Assert.Contains(Permission.Read, model.PermissionsByRoleAndScope["Security"][specialUserRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndScope["Security"][specialUserRole.Name]); // 5. User role Assert.True(model.PermissionsByRoleAndScope["Security"].ContainsKey(userRole.Name)); // Read -> Read, Never Assert.Equal(2, model.PermissionsByRoleAndScope["Security"][userRole.Name].Count); Assert.Contains(Permission.Read, model.PermissionsByRoleAndScope["Security"][userRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndScope["Security"][userRole.Name]); // 6. Anonymous role Assert.True(model.PermissionsByRoleAndScope["Security"].ContainsKey(anonymousRole.Name)); // Never -> Never Assert.Single(model.PermissionsByRoleAndScope["Security"][anonymousRole.Name]); Assert.Contains(Permission.Never, model.PermissionsByRoleAndScope["Security"][anonymousRole.Name]); // 7. Number of roles for Chinook extension Assert.True((model.PermissionsByRoleAndScope.ContainsKey("Chinook"))); Assert.Equal(2, model.PermissionsByRoleAndScope["Chinook"].Keys.Count); // No need to check the details for this extension // 8. SeedDatabase extension was found, no permissions should be found Assert.True((model.PermissionsByRoleAndScope.ContainsKey("SeedDatabase"))); Assert.Equal(0, model.PermissionsByRoleAndScope["SeedDatabase"].Keys.Count); } finally { // Cleanup created data repo.DeleteAll(); DatabaseFixture.Storage.Save(); var specialUserRole = await DatabaseFixture.RoleManager.FindByNameAsync("Special User"); await DatabaseFixture.RoleManager.DeleteAsync(specialUserRole); } }
// // GET: /Admin/Grants/Details/5 public ActionResult Details(Guid id) { var grant = _svc.GetGrantDetailById(id); var vm = new GrantViewModel(grant); return View(vm); }