public async Task <IActionResult> Login([FromBody] AccountLoginModel model) { var account = await _accountRepository.GetAccountByIdAsync(model.AccountId); if (account == null) { throw new NotFound400Exception("account"); } if (!await _accountRepository.AnyByAccountAsync(model.AccountId, model.Password)) { throw new PasswordIsIncorrectException(); } var permissions = await _groupRepository.GetPermissionsByGroupIdAsync(account.GroupId, 1, int.MaxValue); StringBuilder functionIds = new StringBuilder(); List <string> functionCodes = new List <string>(); if (permissions.Total > 0) { int functionId = permissions.Items[0].FunctionId; var functionCode = await _functionRepository.GetFunctionByIdAsync(functionId); functionIds.Append(functionId); functionCodes.Add(functionCode.Code); for (int i = 1; i < permissions.Items.Count; i++) { functionId = permissions.Items[i].FunctionId; functionCode = await _functionRepository.GetFunctionByIdAsync(functionId); if (functionCode != null) { functionCodes.Add(functionCode.Code); functionIds.Append(',').Append(permissions.Items[i].FunctionId); } } } // create token var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(AppSettings.JwtKey)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(VmsClaimTypes.Name, account.Name), new Claim(VmsClaimTypes.AccountId, account.AccountId), new Claim(VmsClaimTypes.FunctionIds, functionIds.ToString()) }; var token = new JwtSecurityToken(AppSettings.JwtIssuer, null, claims, null, DateTime.Now.AddDays(AppSettings.JwtExpirationDays), credentials); var tokenString = new JwtSecurityTokenHandler().WriteToken(token); return(Ok(new AccountAuthenticateResponse { AccountId = account.AccountId, Token = tokenString, FunctionCodes = functionCodes })); }
public async Task <IActionResult> DeleteFunctionAsync([FromRoute] int functionId) { var function = await _functionRepository.GetFunctionByIdAsync(functionId); if (function == null) { throw new NotFound404Exception("function"); } if (function.Code.Contains("Full")) { throw new ForbiddenException(); // can not delete 'Full' functions } function.IsDeleted = true; function.UpdatedDate = DateTime.Now; function.UpdatedBy = CurrentAccountId; await _functionRepository.UpdateFunctionAsync(function); return(Ok(FunctionDTO.GetFrom(function))); }
public async Task <IActionResult> CreatePermissionAsync([FromRoute] int groupId, [FromBody] PermissionCreateModel model) { var currentAccount = await _accountRepository.GetAccountByIdAsync(CurrentAccountId); if (currentAccount.GroupId > groupId) { throw new ForbiddenException(); // the lower the group id, the higher the authority; can only delete the group with authority lower than the current group } var group = await _groupRepository.GetGroupByIdAsync(groupId); var function = await _functionRepository.GetFunctionByIdAsync(model.FunctionId); if (group == null) { throw new NotFound404Exception("group"); } if (function == null) { throw new NotFound400Exception("function"); } if (await _groupRepository.AnyByPermissionAsync(model.FunctionId, groupId)) { throw new AlreadyExistsException("function"); } var permission = new Permission { FunctionId = model.FunctionId, GroupId = groupId }; await _groupRepository.CreatePermissionAsync(permission); return(Ok(FunctionDTO.GetFrom(function))); }