public IList<CategoryPermissionForRole> GetCategoryRow(Role role, Category cat)
{
return this._context.CategoryPermissionForRole
.Where(x => x.Category.Id == cat.Id &&
x.Role.Id == role.Id)
.ToList();
}
private CategotyViewModels SanitizeCategory(IEnumerable<Category> categories,Category model)
{
var catModel = new CategotyViewModels();
catModel.Category = model;
catModel.SubCategories = new List<CategotyViewModels>();
if (categories.Where(a => a.ParentCategory == model).Any())
{
foreach (var cat in categories.Where(a => a.ParentCategory==model))
{
catModel.SubCategories.Add(SanitizeCategory(categories, cat));
}
}
return catModel;
}
public void Save(Category category)
{
// Sanitize
category = SanitizeCategory(category);
this._categoryRepository.Update(category);
}
public Category SanitizeCategory(Category category)
{
// Sanitize any strings in a category
category.Description = StringUtils.GetSafeHtml(category.Description);
category.Name = StringUtils.SafePlainText(category.Name);
return category;
}
public void Delete(Category category)
{
}
public void Add(Category category)
{
category = SanitizeCategory(category);
category.Slug = ServiceHelpers.GenerateSlug(category.Name, x => this._categoryRepository.GetBySlugLike(ServiceHelpers.CreateUrl(category.Name)));
this._categoryRepository.Add(category);
}
public void UpdateSlugFromName(Category category)
{
// Sanitize
category = SanitizeCategory(category);
category.Slug = ServiceHelpers.GenerateSlug(category.Name, x => this._categoryRepository.GetBySlugLike(category.Slug));
}
public void Delete(Category category)
{
this._context.Category.Remove(category);
}
public Category Add(Category category)
{
this._context.Category.Add(category);
return category;
}
public void Update(Category item)
{
// Check there's not an object with same identifier already in context
if (this._context.Category.Local.Select(x => x.Id == item.Id).Any())
{
throw new ApplicationException("Object already exists in context - you do not need to call Update. Save occurs on Commit");
}
this._context.Entry(item).State = EntityState.Modified;
}
/// <summary>
/// Returns permission set based on category and role
/// </summary>
/// <param name="category"></param>
/// <param name="role"></param>
/// <returns></returns>
public PermissionSet GetPermissions(Category category, Role role)
{
// Pass the role in to see select which permissions to apply
// Going to cache this per request, just to help with performance
var objectContextKey = string.Concat(HttpContext.Current.GetHashCode().ToString("x"), "-", category.Id, "-", role.Id);
if (!HttpContext.Current.Items.Contains(objectContextKey))
{
switch (role.RoleName)
{
case AppConstants.AdminRoleName:
this._permissions = GetAdminPermissions(category, role);
break;
case AppConstants.GuestRoleName:
this._permissions = GetGuestPermissions(category, role);
break;
default:
this._permissions = GetOtherPermissions(category, role);
break;
}
HttpContext.Current.Items.Add(objectContextKey, this._permissions);
}
return HttpContext.Current.Items[objectContextKey] as PermissionSet;
}
/// <summary>
/// Get permissions for roles other than those specially treated in this class
/// </summary>
/// <param name="category"></param>
/// <param name="role"></param>
/// <returns></returns>
private PermissionSet GetOtherPermissions(Category category, Role role)
{
// Get all permissions
var permissionList = this._permissionRepository.GetAll();
// Get the known permissions for this role and category
var categoryRow = this._categoryPermissionForRoleRepository.GetCategoryRow(role, category);
var categoryRowPermissions = categoryRow.ToDictionary(catRow => catRow.Permission);
// Load up the results with the permisions for this role / cartegory. A null entry for a permissions results in a new
// record with a false value
var permissions = new List<CategoryPermissionForRole>();
foreach (var permission in permissionList)
{
permissions.Add(categoryRowPermissions.ContainsKey(permission)
? categoryRowPermissions[permission]
: new CategoryPermissionForRole { Category = category, Role = role, IsTicked = false, Permission = permission });
}
var permissionSet = new PermissionSet(permissions);
return permissionSet;
}
/// <summary>
/// Guest = Not logged in, so only need to check the access permission
/// </summary>
/// <param name="category"></param>
/// <param name="role"></param>
private PermissionSet GetGuestPermissions(Category category, Role role)
{
// Get all the permissions
var permissionList = this._permissionRepository.GetAll();
// Make a CategoryPermissionForRole for each permission that exists,
// but only set the read-only permission to true for this role / category. All others false
var permissions = permissionList.Select(permission => new CategoryPermissionForRole
{
Category = category,
IsTicked = permission.Slug == AppConstants.PermissionReadOnly,
Role = role,
Permission = permission
}).ToList();
// Deny Access may have been set (or left null) for guest for the category, so need to read for it
var denyAccessPermission = role.CategoryPermissionForRole
.FirstOrDefault(x => x.Category == category &&
x.Permission.Slug == AppConstants.PermissionDenyAccess &&
x.Role == role);
// Set the Deny Access value in the results. If it's null for this role/category, record it as false in the results
var categoryPermissionForRole = permissions.FirstOrDefault(x => x.Permission.Slug == AppConstants.PermissionDenyAccess);
if (categoryPermissionForRole != null)
{
categoryPermissionForRole.IsTicked = denyAccessPermission != null && denyAccessPermission.IsTicked;
}
var permissionSet = new PermissionSet(permissions);
return permissionSet;
}
/// <summary>
/// Admin: so no need to check db, admin is all powerful
/// </summary>
private PermissionSet GetAdminPermissions(Category category, Role role)
{
// Get all permissions
var permissionList = this._permissionRepository.GetAll();
// Make a new entry in the results against each permission. All true (this is admin) except "Deny Access"
// and "Read Only" which should be false
var permissionSet = new PermissionSet(
permissionList.Select(permission => new CategoryPermissionForRole
{
Category = category,
IsTicked = (permission.Slug != AppConstants.PermissionDenyAccess && permission.Slug != AppConstants.PermissionReadOnly),
Role = role,
Permission = permission
}).ToList());
return permissionSet;
}
/// <summary>
/// Returns a row with the permission and CPFR
/// </summary>
/// <param name="role"></param>
/// <param name="cat"></param>
/// <returns></returns>
public Dictionary<Permission, CategoryPermissionForRole> GetCategoryRow(Role role, Category cat)
{
var catRowList = this._categoryPermissionForRoleService.GetCategoryRow(role, cat);
return catRowList.ToDictionary(catRow => catRow.Permission);
}