public async Task <ActionResult> Execute(string tabId, int parentId, [FromBody] CustomActionQuery query) { CustomActionPrepareResult customActionToExecute = null; try { customActionToExecute = _service.PrepareForExecuting(tabId, parentId, query); Logger.Debug() .Message("Executing custom action url: {url}", customActionToExecute.CustomAction.FullUrl) .Write(); if (!customActionToExecute.IsActionAccessable) { throw new SecurityException(customActionToExecute.SecurityErrorMesage); } if (customActionToExecute.CustomAction.Action.IsInterface) { var model = ExecuteCustomActionViewModel.Create(tabId, parentId, query.Ids, customActionToExecute.CustomAction); return(await JsonHtml("ExecuteAction", model)); } return(Json(new { Url = customActionToExecute.CustomAction.FullUrl, PreActionUrl = customActionToExecute.CustomAction.PreActionFullUrl })); } catch (Exception ex) { if (customActionToExecute?.CustomAction?.Action == null) { throw; } if (customActionToExecute.CustomAction.Action.IsInterface) { return(Json(new { success = false, message = ex.Message })); } return(Json(MessageResult.Error(ex.Message))); } }
private static CustomActionPrepareResult SecurityCheck(CustomActionPrepareResult result, CustomAction action, IEnumerable <int> ids) { result.IsActionAccessable = true; result.SecurityErrorMesage = null; if (!SecurityRepository.IsActionAccessible(action.Action.Code)) { result.IsActionAccessable = false; result.SecurityErrorMesage = string.Format(GlobalStrings.ActionIsNotAccessible, action.Name); } else { var notAccessedIDs = EntityPermissionCheck(action, ids).ToList(); if (notAccessedIDs.Any()) { result.IsActionAccessable = false; result.SecurityErrorMesage = string.Format(GlobalStrings.EntityIsNotAccessible, action.Action.ActionType.Name, action.Action.EntityType.Name, string.Join(",", notAccessedIDs)); } } return(result); }
public ActionResult Execute(string tabId, int parentId, int[] ids, string actionCode) { CustomActionPrepareResult customActionToExecute = null; try { customActionToExecute = _service.PrepareForExecuting(actionCode, tabId, ids, parentId); Logger.Log.Debug($"Executing custom action url: {customActionToExecute.CustomAction.FullUrl}"); if (!customActionToExecute.IsActionAccessable) { throw new SecurityException(customActionToExecute.SecurityErrorMesage); } if (customActionToExecute.CustomAction.Action.IsInterface) { var model = ExecuteCustomActionViewModel.Create(tabId, parentId, ids, customActionToExecute.CustomAction); return(JsonHtml("ExecuteAction", model)); } return(Json(new { Url = customActionToExecute.CustomAction.FullUrl, PreActionUrl = customActionToExecute.CustomAction.PreActionFullUrl })); } catch (Exception ex) { if (customActionToExecute?.CustomAction?.Action == null) { throw; } if (customActionToExecute.CustomAction.Action.IsInterface) { return(new JsonNetResult <object>(new { success = false, message = ex.Message })); } return(new JsonResult { Data = MessageResult.Error(ex.Message), JsonRequestBehavior = JsonRequestBehavior.AllowGet }); } }