public ActionResult UserBasedSecurity(string key)
{
if (!((CustomPrincipal)User).CanViewAdminFeature("UserBasedSecurity"))
{
return(RedirectToAction("Index", "Home"));
}
string setEntity = key;
var Db = new UserBasedSecurityContext();
var Datalist = Db.UserBasedSecurities.ToList();
var EntList = GeneratorBase.MVC.ModelReflector.Entities.Where(p => !p.IsAdminEntity && p.Associations.Where(q => q.Target == "IdentityUser").Count() > 0).ToList();
// var EntList = GeneratorBase.MVC.ModelReflector.Entities.ToList();
if (key == null && EntList.Count > 0)
{
if (Datalist != null && Datalist.Where(p => p.IsMainEntity).Count() > 0)
{
setEntity = Datalist.FirstOrDefault(p => p.IsMainEntity).EntityName;
var Entity = ModelReflector.Entities.FirstOrDefault(p => p.Name == setEntity);
if (Entity != null)
{
ViewData["AlreadySet"] = Entity.DisplayName;
}
else
{
ViewData["AlreadySet"] = setEntity;
}
}
else
{
setEntity = EntList[0].Name;
}
}
List <UserBasedSecurity> Data = new List <Models.UserBasedSecurity>();
if (Datalist != null && Datalist.Where(p => p.EntityName == setEntity && p.IsMainEntity).Count() > 0)
{
Data = Datalist;
}
else
{
List <string> entitiesAdded = new List <string>();
entitiesAdded.Add(setEntity);
Data = GetGridData(Data, setEntity, setEntity, entitiesAdded);
}
ViewBag.EntityList = new SelectList(EntList, "Name", "DisplayName", setEntity);
var RoleList = (new GeneratorBase.MVC.Models.CustomRoleProvider()).GetAllRoles().ToList();
RoleList.Add("All");
var adminString = System.Configuration.ConfigurationManager.AppSettings["AdministratorRoles"]; //CommonFunction.Instance.AdministratorRoles();
RoleList.Remove(adminString);
ViewBag.Roles = new SelectList(RoleList, "", "");
USB DataUSB = new USB(Data);
return(View(DataUSB));
}
public ActionResult ClearUBS()
{
if (!((CustomPrincipal)User).CanAddAdminFeature("UserBasedSecurity"))
{
return(RedirectToAction("Index", "Home"));
}
var Db = new UserBasedSecurityContext();
Db.UserBasedSecurities.RemoveRange(Db.UserBasedSecurities);
Db.SaveChanges();
return(RedirectToAction("Index", "Admin"));
}
public ActionResult SaveUBS(USB model)
{
if (!((CustomPrincipal)User).CanAddAdminFeature("UserBasedSecurity"))
{
return(RedirectToAction("Index", "Home"));
}
if (ModelState.IsValid)
{
var Db = new UserBasedSecurityContext();
Db.UserBasedSecurities.RemoveRange(Db.UserBasedSecurities);
Db.SaveChanges();
foreach (var _model in model.security)
{
Db.UserBasedSecurities.Add(_model);
}
Db.SaveChanges();
}
return(RedirectToAction("Index", "Admin"));
}
protected void Application_AuthorizeRequest(Object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
var roles = ((CustomPrincipal)User).GetRoles();
var isAdmin = ((CustomPrincipal)User).IsAdminUser();
List <Permission> permissions = new List <Permission>();
((CustomPrincipal)User).IsAdmin = isAdmin;
List <PermissionAdminPrivilege> adminprivilegeslist = new List <PermissionAdminPrivilege>();
((CustomPrincipal)User).userroles = roles.ToList();
using (var pc = new PermissionContext())
{
// so we only make one database call instead of one per entity?
var rolePermissions = pc.Permissions.Where(p => roles.Contains(p.RoleName)).ToList();
var adminprivileges = pc.AdminPrivileges.Where(p => roles.Contains(p.RoleName)).ToList();
foreach (var item in (new AdminFeaturesDictionary()).getDictionary())
{
var adminprivilege = new PermissionAdminPrivilege();
var raw = adminprivileges.Where(p => p.AdminFeature == item.Key);
adminprivilege.AdminFeature = item.Key;
adminprivilege.IsAllow = isAdmin || raw.Any(p => p.IsAllow);
adminprivilege.IsAdd = isAdmin || raw.Any(p => p.IsAdd);
adminprivilege.IsEdit = isAdmin || raw.Any(p => p.IsEdit);
adminprivilege.IsDelete = isAdmin || raw.Any(p => p.IsDelete);
adminprivilegeslist.Add(adminprivilege);
}
((CustomPrincipal)User).adminprivileges = adminprivilegeslist;
foreach (var entity in GeneratorBase.MVC.ModelReflector.Entities)
{
var calculated = new Permission();
var raw = rolePermissions.Where(p => p.EntityName == entity.Name);
calculated.EntityName = entity.Name;
calculated.CanEdit = isAdmin || raw.Any(p => p.CanEdit);
calculated.CanDelete = isAdmin || raw.Any(p => p.CanDelete);
calculated.CanAdd = isAdmin || raw.Any(p => p.CanAdd);
calculated.CanView = isAdmin || raw.Any(p => p.CanView);
calculated.IsOwner = raw.Any(p => p.IsOwner != null && p.IsOwner.Value);
if (!isAdmin)
{
calculated.SelfRegistration = raw.Any(p => p.SelfRegistration != null && p.SelfRegistration.Value);
}
else
{
calculated.SelfRegistration = false;
}
if (calculated.IsOwner != null && calculated.IsOwner.Value)
{
calculated.UserAssociation = raw.FirstOrDefault(p => p.IsOwner != null && p.IsOwner.Value).UserAssociation;
}
else
{
calculated.UserAssociation = string.Empty;
}
//code for verb action security
var verblist = raw.Select(x => x.Verbs).ToList();
var verbrolecount = verblist.Count();
List <string> allverbs = new List <string>();
foreach (var verb in verblist)
{
if (verb != null)
{
allverbs.AddRange(verb.Split(",".ToCharArray()).ToList());
}
}
var blockedverbs = allverbs.GroupByMany(p => p);
if (blockedverbs.Count() > 0)
{
calculated.Verbs = string.Join(",", blockedverbs.Select(b => b.Key).ToList());
}
else
{
calculated.Verbs = string.Empty;
}
//
//FLS
if (!isAdmin)
{
var listEdit = raw.Where(p => p.CanEdit).Select(p => p.NoEdit == null ? "" : p.NoEdit).ToList();
var listView = raw.Where(p => p.CanView).Select(p => p.NoView == null ? "" : p.NoView).ToList();
var resultEdit = "";
var resultView = "";
if (listView.Count > 0)
{
HashSet <string> set = new HashSet <string>(listView[0].Split(','));
foreach (var item in listView.Skip(1))
{
set.IntersectWith(item.Split(','));
}
resultView = string.Join(",", set);
}
if (listEdit.Count > 0)
{
HashSet <string> set = new HashSet <string>(listEdit[0].Split(','));
foreach (var item in listEdit.Skip(1))
{
set.IntersectWith(item.Split(','));
}
resultEdit = string.Join(",", set);
}
calculated.NoEdit = resultEdit;
calculated.NoView = resultView;
}
//
permissions.Add(calculated);
}
}
((CustomPrincipal)User).permissions = permissions;
List <BusinessRule> businessrules = new List <BusinessRule>();
using (var br = new BusinessRuleContext())
{
var rolebr = br.BusinessRules.Where(p => p.Roles != null && p.Roles.Length > 0 && !p.Disable && p.AssociatedBusinessRuleTypeID != 5).ToList();
foreach (var rules in rolebr)
{
//if ((((CustomPrincipal)User).IsInRole(rules.Roles.Split(",".ToCharArray()))))
if (((CustomPrincipal)User).IsInRole(rules.Roles.Split(",".ToCharArray()), roles))
{
businessrules.Add(rules);
}
}
}
((CustomPrincipal)User).businessrules = businessrules.ToList();
using (var UBS = new UserBasedSecurityContext())
{
((CustomPrincipal)User).userbasedsecurity = UBS.UserBasedSecurities.ToList();
}
List <MultiTenantLoginSelected> appsecurityaccess = new List <MultiTenantLoginSelected>();
using (var appsecurity = new ApplicationDbContext(true))
{
var app = appsecurity.MultiTenantLoginSelected.Where(p => p.T_User == ((CustomPrincipal)User).Name);
foreach (var rules in app)
{
appsecurityaccess.Add(rules);
}
//((CustomPrincipal)User).extraMultitenantPriviledges = appsecurity.MultiTenantExtraAccess.Where(p => p.T_User == ((CustomPrincipal)User).Name && p.T_MainEntityID.HasValue).Select(p => p.T_MainEntityID.Value).ToList();
}
((CustomPrincipal)User).MultiTenantLoginSelected = appsecurityaccess.ToList();
}
}
