public ActionResult UserBasedSecurity(string key) { if (!((CustomPrincipal)User).CanViewAdminFeature("UserBasedSecurity")) { return(RedirectToAction("Index", "Home")); } string setEntity = key; var Db = new UserBasedSecurityContext(); var Datalist = Db.UserBasedSecurities.ToList(); var EntList = GeneratorBase.MVC.ModelReflector.Entities.Where(p => !p.IsAdminEntity && p.Associations.Where(q => q.Target == "IdentityUser").Count() > 0).ToList(); // var EntList = GeneratorBase.MVC.ModelReflector.Entities.ToList(); if (key == null && EntList.Count > 0) { if (Datalist != null && Datalist.Where(p => p.IsMainEntity).Count() > 0) { setEntity = Datalist.FirstOrDefault(p => p.IsMainEntity).EntityName; var Entity = ModelReflector.Entities.FirstOrDefault(p => p.Name == setEntity); if (Entity != null) { ViewData["AlreadySet"] = Entity.DisplayName; } else { ViewData["AlreadySet"] = setEntity; } } else { setEntity = EntList[0].Name; } } List <UserBasedSecurity> Data = new List <Models.UserBasedSecurity>(); if (Datalist != null && Datalist.Where(p => p.EntityName == setEntity && p.IsMainEntity).Count() > 0) { Data = Datalist; } else { List <string> entitiesAdded = new List <string>(); entitiesAdded.Add(setEntity); Data = GetGridData(Data, setEntity, setEntity, entitiesAdded); } ViewBag.EntityList = new SelectList(EntList, "Name", "DisplayName", setEntity); var RoleList = (new GeneratorBase.MVC.Models.CustomRoleProvider()).GetAllRoles().ToList(); RoleList.Add("All"); var adminString = System.Configuration.ConfigurationManager.AppSettings["AdministratorRoles"]; //CommonFunction.Instance.AdministratorRoles(); RoleList.Remove(adminString); ViewBag.Roles = new SelectList(RoleList, "", ""); USB DataUSB = new USB(Data); return(View(DataUSB)); }
public ActionResult ClearUBS() { if (!((CustomPrincipal)User).CanAddAdminFeature("UserBasedSecurity")) { return(RedirectToAction("Index", "Home")); } var Db = new UserBasedSecurityContext(); Db.UserBasedSecurities.RemoveRange(Db.UserBasedSecurities); Db.SaveChanges(); return(RedirectToAction("Index", "Admin")); }
public ActionResult SaveUBS(USB model) { if (!((CustomPrincipal)User).CanAddAdminFeature("UserBasedSecurity")) { return(RedirectToAction("Index", "Home")); } if (ModelState.IsValid) { var Db = new UserBasedSecurityContext(); Db.UserBasedSecurities.RemoveRange(Db.UserBasedSecurities); Db.SaveChanges(); foreach (var _model in model.security) { Db.UserBasedSecurities.Add(_model); } Db.SaveChanges(); } return(RedirectToAction("Index", "Admin")); }
protected void Application_AuthorizeRequest(Object sender, EventArgs e) { if (User.Identity.IsAuthenticated) { var roles = ((CustomPrincipal)User).GetRoles(); var isAdmin = ((CustomPrincipal)User).IsAdminUser(); List <Permission> permissions = new List <Permission>(); ((CustomPrincipal)User).IsAdmin = isAdmin; List <PermissionAdminPrivilege> adminprivilegeslist = new List <PermissionAdminPrivilege>(); ((CustomPrincipal)User).userroles = roles.ToList(); using (var pc = new PermissionContext()) { // so we only make one database call instead of one per entity? var rolePermissions = pc.Permissions.Where(p => roles.Contains(p.RoleName)).ToList(); var adminprivileges = pc.AdminPrivileges.Where(p => roles.Contains(p.RoleName)).ToList(); foreach (var item in (new AdminFeaturesDictionary()).getDictionary()) { var adminprivilege = new PermissionAdminPrivilege(); var raw = adminprivileges.Where(p => p.AdminFeature == item.Key); adminprivilege.AdminFeature = item.Key; adminprivilege.IsAllow = isAdmin || raw.Any(p => p.IsAllow); adminprivilege.IsAdd = isAdmin || raw.Any(p => p.IsAdd); adminprivilege.IsEdit = isAdmin || raw.Any(p => p.IsEdit); adminprivilege.IsDelete = isAdmin || raw.Any(p => p.IsDelete); adminprivilegeslist.Add(adminprivilege); } ((CustomPrincipal)User).adminprivileges = adminprivilegeslist; foreach (var entity in GeneratorBase.MVC.ModelReflector.Entities) { var calculated = new Permission(); var raw = rolePermissions.Where(p => p.EntityName == entity.Name); calculated.EntityName = entity.Name; calculated.CanEdit = isAdmin || raw.Any(p => p.CanEdit); calculated.CanDelete = isAdmin || raw.Any(p => p.CanDelete); calculated.CanAdd = isAdmin || raw.Any(p => p.CanAdd); calculated.CanView = isAdmin || raw.Any(p => p.CanView); calculated.IsOwner = raw.Any(p => p.IsOwner != null && p.IsOwner.Value); if (!isAdmin) { calculated.SelfRegistration = raw.Any(p => p.SelfRegistration != null && p.SelfRegistration.Value); } else { calculated.SelfRegistration = false; } if (calculated.IsOwner != null && calculated.IsOwner.Value) { calculated.UserAssociation = raw.FirstOrDefault(p => p.IsOwner != null && p.IsOwner.Value).UserAssociation; } else { calculated.UserAssociation = string.Empty; } //code for verb action security var verblist = raw.Select(x => x.Verbs).ToList(); var verbrolecount = verblist.Count(); List <string> allverbs = new List <string>(); foreach (var verb in verblist) { if (verb != null) { allverbs.AddRange(verb.Split(",".ToCharArray()).ToList()); } } var blockedverbs = allverbs.GroupByMany(p => p); if (blockedverbs.Count() > 0) { calculated.Verbs = string.Join(",", blockedverbs.Select(b => b.Key).ToList()); } else { calculated.Verbs = string.Empty; } // //FLS if (!isAdmin) { var listEdit = raw.Where(p => p.CanEdit).Select(p => p.NoEdit == null ? "" : p.NoEdit).ToList(); var listView = raw.Where(p => p.CanView).Select(p => p.NoView == null ? "" : p.NoView).ToList(); var resultEdit = ""; var resultView = ""; if (listView.Count > 0) { HashSet <string> set = new HashSet <string>(listView[0].Split(',')); foreach (var item in listView.Skip(1)) { set.IntersectWith(item.Split(',')); } resultView = string.Join(",", set); } if (listEdit.Count > 0) { HashSet <string> set = new HashSet <string>(listEdit[0].Split(',')); foreach (var item in listEdit.Skip(1)) { set.IntersectWith(item.Split(',')); } resultEdit = string.Join(",", set); } calculated.NoEdit = resultEdit; calculated.NoView = resultView; } // permissions.Add(calculated); } } ((CustomPrincipal)User).permissions = permissions; List <BusinessRule> businessrules = new List <BusinessRule>(); using (var br = new BusinessRuleContext()) { var rolebr = br.BusinessRules.Where(p => p.Roles != null && p.Roles.Length > 0 && !p.Disable && p.AssociatedBusinessRuleTypeID != 5).ToList(); foreach (var rules in rolebr) { //if ((((CustomPrincipal)User).IsInRole(rules.Roles.Split(",".ToCharArray())))) if (((CustomPrincipal)User).IsInRole(rules.Roles.Split(",".ToCharArray()), roles)) { businessrules.Add(rules); } } } ((CustomPrincipal)User).businessrules = businessrules.ToList(); using (var UBS = new UserBasedSecurityContext()) { ((CustomPrincipal)User).userbasedsecurity = UBS.UserBasedSecurities.ToList(); } List <MultiTenantLoginSelected> appsecurityaccess = new List <MultiTenantLoginSelected>(); using (var appsecurity = new ApplicationDbContext(true)) { var app = appsecurity.MultiTenantLoginSelected.Where(p => p.T_User == ((CustomPrincipal)User).Name); foreach (var rules in app) { appsecurityaccess.Add(rules); } //((CustomPrincipal)User).extraMultitenantPriviledges = appsecurity.MultiTenantExtraAccess.Where(p => p.T_User == ((CustomPrincipal)User).Name && p.T_MainEntityID.HasValue).Select(p => p.T_MainEntityID.Value).ToList(); } ((CustomPrincipal)User).MultiTenantLoginSelected = appsecurityaccess.ToList(); } }