public static bool Authorize(HttpRequestMessage request, RoleID[] roles)
{
string authToken = request.Headers.GetHeaderValue("authToken");
string activeUser = request.Headers.GetHeaderValue("username");
if (!string.IsNullOrEmpty(authToken) && !string.IsNullOrEmpty(activeUser))
{
var database = new Database();
var session =
database.AuthenticationTokens.Include(at => at.AssociatedVolunteer).Include(at => at.AssociatedVolunteer.Roles)
.FirstOrDefault(at => at.Token.ToString() == authToken);
if (session == null) return false;
int[] roleIDs = roles.Select(r => (int) r).ToArray();
var lastAccessedTime = session.LastAccessedTime;
//I have to do this so the auth token gets updated in the DB. Probably worth switching up what I'm doing here.
database.SaveChanges();
var matchingRoles = session.AssociatedVolunteer.Roles.Where(r => roleIDs.Contains(r.ID)).ToList();
if (session.AssociatedVolunteer.Username == activeUser &&
matchingRoles.Count == roles.Length &&
lastAccessedTime > DateTime.UtcNow.AddMinutes(-AuthorizationOptions.AuthTokenTimeout) &&
lastAccessedTime < DateTime.UtcNow.AddSeconds(20)
)
{
return true;
}
}
return false;
}
public override void RenderPage()
{
try
{
UserRule objUserRule = new UserRule();
litRoleName.Text = objUserRule.Sys_Role.FirstOrDefault(s => s.RoleID == RoleID).RoleName;
sys_authorizegroup objsys_authorizegroup = objUserRule.sys_authorizegroup.First(s => s.AuthorizeGroupID == AuthorizeGroupID);
if (objsys_authorizegroup.IsSupertGroup)
{
XmlDataSource.Data = objPowerRule.GetPowerTreexXmlText(objsys_authorizegroup.ModuleTypeID, CurrentUser.IsSuper);
}
else
{
XmlDataSource.Data = objPowerRule.GetPowerTreexXmlText(objsys_authorizegroup.ModuleTypeID, objsys_authorizegroup.AuthorizeGroupID);
}
if (RoleID.IsNoNull())
{
// 取得角色权限
tvwPower.SetSelectValue(objUserRule.GetRoleKeyPower(RoleID), false);
}
tvwPower.DataBind();
}
catch
{
}
}
public HttpResponseMessage RoleAuthorization(string PowerKey, string RoleIDS)
{
var response = new MyHttpResponseMessage();
response.apiNumber = "C018_MBController_RoleAuthorization";
var msg = "";
try
{
var roleIDList = RoleIDS.ToArryList('_');
foreach (var RoleID in roleIDList)
{
var rolePower = new ORM.SqlSugar.Model.mb.mb_RolePower();
rolePower.PowerKey = PowerKey;
rolePower.RoleID = RoleID.ToInt32();
bool result = mb.mb_RolePowerSugar.Insert(rolePower);
if (result)
{
response.SetContent(HttpStatus.ok, "授权成功", result, ResponseType.josn);
}
else
{
response.SetContent(HttpStatus.error, "授权失败", result, ResponseType.josn);
}
}
}
catch (Exception ex)
{
msg = "ERROR";
AddErrorLog(LogEnum.org, ex.Message, ex.StackTrace);
response.SetContent(HttpStatus.error, ex.Message, msg, ResponseType.josn);
}
return(response);
}
public void UpdateModel(Person person, Person currentPerson)
{
person.RoleID = RoleID.GetValueOrDefault(); // will never default due to RequiredAttribute
person.ReceiveSupportEmails = ShouldReceiveSystemCommunications;
person.ReceiveRSBRevisionRequestEmails = ShouldReceiveRSBRevisionRequests;
var assignedRole = Models.Role.AllLookupDictionary[RoleID.GetValueOrDefault()];
if (assignedRole == Models.Role.Admin || assignedRole == Models.Role.SitkaAdmin)
{
HttpRequestStorage.DatabaseEntities.StormwaterJurisdictionPeople.DeleteStormwaterJurisdictionPerson(
person.StormwaterJurisdictionPeople);
}
if (ModelObjectHelpers.IsRealPrimaryKeyValue(person.PersonID))
{
// Existing person
person.UpdateDate = DateTime.Now;
}
else
{
// New person
person.CreateDate = DateTime.Now;
}
}
public override int GetHashCode()
{
int hashCode = 13;
hashCode = (hashCode * 7) + RoleID.GetHashCode();
return(hashCode);
}
public List <SecurityRole> GetAllRolePrivileges(RoleID roleId)
{
Logging.LogDebugMessage("Method: GetAllRolePrivileges, MethodType: Post, Layer: SecurityController, Parameters: roleId = " + JsonConvert.SerializeObject(roleId));
using (SecurityBL rolePrivileges = new SecurityBL())
{
return(rolePrivileges.GetAllRolePrivileges(roleId));
}
}
public override int GetHashCode()
{
int hash = GetType().GetHashCode();
hash = (hash * 397) ^ RoleID.GetHashCode();
hash = (hash * 397) ^ UserID.GetHashCode();
return(hash);
}
public override int GetHashCode()
{
int hashCode = -1773594654;
hashCode = hashCode * -1521134295 + RoleID.GetHashCode();
hashCode = hashCode * -1521134295 + EqualityComparer <string> .Default.GetHashCode(Name);
return(hashCode);
}
public override bool Equals(object obj)
{
var other = obj as UserRole;
if (other == null)
{
return(false);
}
return(RoleID.Equals(other.RoleID) && UserID.Equals(other.UserID));
}
public override bool Equals(object obj)
{
var other = obj as RoleObject;
if (other == null)
{
return(false);
}
return(RoleID.Equals(other.RoleID) && ObjectID.Equals(other.ObjectID));
}
public override int GetHashCode()
{
int hashCode = -1482740488;
hashCode = hashCode * -1521134295 + UserRoleID.GetHashCode();
hashCode = hashCode * -1521134295 + RoleID.GetHashCode();
hashCode = hashCode * -1521134295 + UserID.GetHashCode();
hashCode = hashCode * -1521134295 + HospitalID.GetHashCode();
return(hashCode);
}
/// <summary>
/// 页面初始化
/// </summary>
public override void RenderPage()
{
if (RoleID.IsNoNull())
{
rptDatalList.DataSource = objModuleRule.GetUserRolePowerModuleData(ModuleID, CurrentAccountTypeAdminUserID);
rptDatalList.DataBind();
}
else
{
}
}
public override int GetHashCode()
{
/*
* var hashCode = -2127770830;
* hashCode = hashCode * -1521134295 + Index.GetHashCode();
* hashCode = hashCode * -1521134295 + EqualityComparer<string>.Default.GetHashCode(Name);
* hashCode = hashCode * -1521134295 + Quantity.GetHashCode();
* return hashCode;
*/
return(-2127770830 + Id.GetHashCode() + RoleID.GetHashCode());
}
/// <summary>
/// 页面初始化
/// </summary>
public override void RenderPage()
{
if (RoleID.IsNoNull())
{
rptDatalList.DataSource = objModuleRule.GetRolePowerModuleData(ModuleID, RoleID);
rptDatalList.DataBind();
}
else
{
}
}
public void Clear()
{
if (RoleID != null)
{
RoleID.Clear();
}
RoleName = "";
ModelID = 0;
Grade = 0;
WeaponID = 0;
FactionName = "";
Fighting = 0;
}
private void Initialize()
{
RoleID.CheckStringIsNullOrEmpty("RoleID");
if (Request["format"] == "xlsx")
{
this.ExFormat = "xlsx";
}
else
{
this.ExFormat = "xml";
}
}
public bool IsInRole(string role)
{
List <string> roleList = role.Split(',').ToList();
foreach (var item in roleList)
{
if (item == RoleID.ToString())
{
return(true);
}
}
return(false);
}
public override int GetHashCode()
{
unchecked // Overflow is fine, just wrap
{
int hash = (int)2166136261;
hash = (hash * 16777619) ^ UserID.GetHashCode();
hash = (hash * 16777619) ^ UserName.GetHashCode();
// We dont care about password, for now
// hash = (hash * 16777619) ^ UserPassword.GetHashCode();
hash = (hash * 16777619) ^ RoleID.GetHashCode();
hash = (hash * 16777619) ^ RoleName.GetHashCode();
return(hash);
}
}
public void SaveInfo()
{
sys_authorizegroup objsys_authorizegroup = objUserRule.sys_authorizegroup.FirstOrDefault(p => p.AuthorizeGroupID == AuthorizeGroupID);
if (RoleID.IsNull())
{
if (objUserRule.Sys_Role.Any(s => s.ModuleTypeID == objsys_authorizegroup.ModuleTypeID && objRole.AuthorizeGroupID == AuthorizeGroupID && s.RoleName == txtRoleName.Text))
{
MessageDialog("对不起此角色名称已经存在");
return;
}
objRole.RoleID = Guid.NewGuid().ToString();
objRole.AuthorizeGroupID = AuthorizeGroupID;
objRole.RefUserID = "";
objRole.IsUserRole = false;
objRole.UserID = CurrentUser.UserID;
objRole.RoleName = txtRoleName.Text.Trim();
objRole.RoleCode = objRole.RoleName.ConvertChineseSpell(false);
objRole.Remark = txtRemark.Text;
objRole.IsLockOut = false;
objRole.ModuleTypeID = objsys_authorizegroup.ModuleTypeID;
objRole.RoleGroupID = "";
objRole.IsSystem = false;
objRole.AccountTypeID = CurrentUser.AccountTypeID;
objUserRule.InsertRole(objRole);
MessageDialog("新增成功", "RoleList.aspx");
}
else
{
if (objUserRule.Sys_Role.Any(s => s.ModuleTypeID == objsys_authorizegroup.ModuleTypeID && s.RoleID != RoleID && objRole.AuthorizeGroupID == AuthorizeGroupID && s.RoleName == txtRoleName.Text))
{
MessageDialog("对不起此角色名称已经存在");
return;
}
objRole = objUserRule.Sys_Role.First(p => p.RoleID == RoleID);
objRole.RoleName = txtRoleName.Text.Trim();
objRole.RoleCode = objRole.RoleName.ConvertChineseSpell(false);
objRole.Remark = txtRemark.Text;
objRole.IsLockOut = false;
objUserRule.SaveChanges();
if (chkRoleUser.Items.Count > 0)
{
objUserRule.AddRoleUser(RoleID, chkRoleUser.SelectValueString);
objUserRule.RemoveRoleUser(RoleID, chkRoleUser.SelectNoValueString);
}
MessageDialog("修改成功", "RoleList.aspx");
}
}
protected void Page_Load(Object sender, EventArgs e)
{
if (!IsPostBack)
{
JoinDate.SetValue(DateTime.Now);
RoleID.DataSource = db.ExecuteDataTable("SELECT id,name FROM [T_UserRole]");
RoleID.DataTextField = "name";
RoleID.DataValueField = "id";
RoleID.DataBind();
RoleID.Items.Insert(0, new ListItem("选择角色", "0"));
if (IsEdit)
{
LoadData();
UserName.Enabled = false;
//Req1.Visible = Req2.Visible = false;
}
}
}
/// <summary>Gets the list of all role privileges.</summary>
/// <param name="role">The RoleID Object.</param>
/// <returns>List of SecurityRole.</returns>
public List <SecurityRole> GetAllRolePrivileges(RoleID role)
{
Logging.LogDebugMessage("Method: GetAllRolePrivileges, MethodType: Post, Layer: SecurityDAL, Parameters: roleId = " + JsonConvert.SerializeObject(role));
var dataSet = new DataSet();
var adminRolesList = new List <SecurityRole>();
try
{
using (var command = new SqlCommand())
{
command.Connection = new SqlConnection(this.connectionString);
command.CommandText = "USP_RolePrivilegeSelect";
command.CommandType = CommandType.StoredProcedure;
command.Parameters.Add(new SqlParameter()
{
ParameterName = "@RoleID", Value = role.RoleId
});
// command.Parameters.Add(new SqlParameter() { ParameterName = "@UserID", Value = 2 });
using (SqlDataAdapter adapter = new SqlDataAdapter(command))
{
adapter.Fill(dataSet);
if (dataSet != null)
{
adminRolesList = EntityCollectionHelper.ConvertTo <SecurityRole>(dataSet.Tables[0]).ToList();
}
}
}
}
catch (SqlException sqlEx)
{
Logging.LogErrorMessage("Method: GetAllRolePrivileges, Layer: SecurityDAL, Stack Trace: " + sqlEx.ToString());
throw;
}
catch (Exception ex)
{
Logging.LogErrorMessage("Method: GetAllRolePrivileges, Layer: SecurityDAL, Stack Trace: " + ex.ToString());
throw;
}
return(adminRolesList);
}
/// <summary>Gets the list of all role privileges.</summary>
/// <param name="roleId">The RoleID Object.</param>
/// <returns>List of SecurityRole.</returns>
public List <SecurityRole> GetAllRolePrivileges(RoleID roleId)
{
Logging.LogDebugMessage("Method: GetAllRolePrivileges, MethodType: Post, Layer: SecurityBL, Parameters: roleId = " + JsonConvert.SerializeObject(roleId));
using (SecurityDAL rolePrivileges = new SecurityDAL())
{
try
{
return(rolePrivileges.GetAllRolePrivileges(roleId));
}
catch (SqlException sqlEx)
{
Logging.LogErrorMessage("Method: GetAllRolePrivileges, Layer: SecurityBL, Stack Trace: " + sqlEx.ToString());
throw;
}
catch (Exception ex)
{
Logging.LogErrorMessage("Method: GetAllRolePrivileges, Layer: SecurityBL, Stack Trace: " + ex.ToString());
throw;
}
}
}
public override int GetHashCode()
{
int hash = 1;
if (Uid != 0)
{
hash ^= Uid.GetHashCode();
}
if (RoleID != 0)
{
hash ^= RoleID.GetHashCode();
}
if (Token.Length != 0)
{
hash ^= Token.GetHashCode();
}
if (_unknownFields != null)
{
hash ^= _unknownFields.GetHashCode();
}
return(hash);
}
public override void RenderPage()
{
if (RoleID.IsNoNull())
{
objRole = objUserRule.Sys_Role.First(s => s.RoleID == RoleID && s.AuthorizeGroupID == AuthorizeGroupID);
if (CheckEditObjectIsNull(objRole))
{
return;
}
string userIDString = objUserRule.GetRoleUser(RoleID);
if (!string.IsNullOrWhiteSpace(userIDString))
{
foreach (Sys_User objSys_User in objUserRule.Sys_User.WhereCondition("it.UserID in {" + userIDString.ConvertStringID() + "}").ToList())
{
chkRoleUser.Items.Add(new ListItem()
{
Text = objSys_User.UserName, Value = objSys_User.UserID, Selected = true
});
}
}
Page.DataBind();
}
}
public override int GetHashCode()
{
return(BitConverter.ToInt32(RoleID.ToByteArray(), 0));
}
public AuthorizableController(RoleID[] roles = null)
{
this.DefaultAuthRoles = roles ?? AuthorizationOptions.DefaultAuthRoles;
}
public static AuthorizationResult Authorize(HttpRequestMessage request, RoleID[] roles)
{
string authToken = request.Headers.GetHeaderValue("authToken");
string activeUser = request.Headers.GetHeaderValue("username");
if (!string.IsNullOrEmpty(authToken) && !string.IsNullOrEmpty(activeUser))
{
using (var database = new Database())
{
var decodedAuthToken = Authorization.DecodeToken(authToken);
if (decodedAuthToken == null)
return AuthorizationResult.InvalidToken;
if (decodedAuthToken.username != activeUser)
return AuthorizationResult.MismatchedUser;
if (decodedAuthToken.timeDiff > AuthorizationOptions.AuthTokenTimeout)
return AuthorizationResult.ExpiredToken;
//Valid token, need to check roles
var dbRoles = database.RoleVolunteers
.Where(rv => rv.Volunteer.Username == activeUser)
.Include(rv => rv.Volunteer)
.Select(rv => rv.Role.ID).ToArray();
if (roles.Select(r => (int)r).Intersect(dbRoles).Count() == roles.Length)
return AuthorizationResult.Success;
return AuthorizationResult.Unauthorized;
}
}
return AuthorizationResult.InvalidRequest;
}
public override int GetHashCode()
{
return(-2127770830 + Id.GetHashCode() + RoleID.GetHashCode());
}
public string GetProperty(string propertyName, string format, CultureInfo formatProvider, UserInfo accessingUser,
Scope accessLevel, ref bool propertyNotFound)
{
string OutputFormat = string.Empty;
if (format == string.Empty)
{
OutputFormat = "g";
}
else
{
OutputFormat = format;
}
string propName = propertyName.ToLowerInvariant();
switch (propName)
{
case "roleid":
return(PropertyAccess.FormatString(RoleID.ToString(), format));
case "groupid":
return(PropertyAccess.FormatString(RoleID.ToString(), format));
case "status":
return(PropertyAccess.FormatString(Status.ToString(), format));
case "groupname":
return(PropertyAccess.FormatString(RoleName, format));
case "rolename":
return(PropertyAccess.FormatString(RoleName, format));
case "groupdescription":
return(PropertyAccess.FormatString(Description, format));
case "description":
return(PropertyAccess.FormatString(Description, format));
case "usercount":
return(PropertyAccess.FormatString(UserCount.ToString(), format));
case "street":
return(PropertyAccess.FormatString(GetString("Street", string.Empty), format));
case "city":
return(PropertyAccess.FormatString(GetString("City", string.Empty), format));
case "region":
return(PropertyAccess.FormatString(GetString("Region", string.Empty), format));
case "country":
return(PropertyAccess.FormatString(GetString("Country", string.Empty), format));
case "postalcode":
return(PropertyAccess.FormatString(GetString("PostalCode", string.Empty), format));
case "website":
return(PropertyAccess.FormatString(GetString("Website", string.Empty), format));
case "datecreated":
return(PropertyAccess.FormatString(CreatedOnDate.ToString(), format));
case "photourl":
return(PropertyAccess.FormatString(FormatUrl(PhotoURL), format));
case "stat_status":
return(PropertyAccess.FormatString(GetString("stat_status", string.Empty), format));
case "stat_photo":
return(PropertyAccess.FormatString(GetString("stat_photo", string.Empty), format));
case "stat_file":
return(PropertyAccess.FormatString(GetString("stat_file", string.Empty), format));
case "url":
return(PropertyAccess.FormatString(FormatUrl(GetString("URL", string.Empty)), format));
case "issystemrole":
return(PropertyAccess.Boolean2LocalizedYesNo(IsSystemRole, formatProvider));
case "grouptype":
return(IsPublic ? "Public.Text" : "Private.Text");
case "groupcreatorname":
return(PropertyAccess.FormatString(GetString("GroupCreatorName", string.Empty), format));
default:
if (Settings.ContainsKey(propertyName))
{
return(PropertyAccess.FormatString(GetString(propertyName, string.Empty), format));
}
propertyNotFound = true;
return(string.Empty);
}
}
public override string ToString()
{
return(RoleID.ToString());
}
public static RoleBase Create(RoleID roleID)
{
return(Create(roleID.ToString()));
}
public override int GetHashCode()
{
return(123456789 + ID.GetHashCode() + RoleID.GetHashCode());
}
public FantasyCriticRole ToDomain()
{
FantasyCriticRole domain = new FantasyCriticRole(RoleID.ToGuid(), Name, NormalizedName);
return(domain);
}
