public static bool HasPermission(this WebViewPage wvp, RoleAccessType roleAccessType, PermissionList code)
{
string username = wvp.GetCurrentUsername();
string permissionCode = code.ToString();
return(DependencyResolver.Current.GetService <IUserService>().HasPermission(username, roleAccessType, permissionCode));;
}
public bool HasPermission(string username, RoleAccessType accessType, string permissionCode)
{
#if DEBUG
if (username == "admin")
{
return(true);
}
#endif
if (!this._repoPermission.Query(true).Filter(x => x.code == permissionCode).Get().Any())
{
Guid companyId = this.GetCurrentCompanyId();
this.ExecuteSql("insert into sys_Permission (companyId, code, description, updatedBy) values (" + companyId + ", '" + permissionCode + "', '" + permissionCode + "', " + this.GetCurrentUserId() + ")");
}
var query = this._repoUser.Query().Filter(x => x.username == username)
.Get()
.Join(this._repoUserRole.QueryGet(), u => u.id, ur => ur.userId, (u, ur) => new { u, ur });
switch (accessType)
{
case RoleAccessType.View:
query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.viewAccess && rp.sys_Permission.code == permissionCode));
break;
case RoleAccessType.Create:
query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.createAccess && rp.sys_Permission.code == permissionCode));
break;
case RoleAccessType.Update:
query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.updateAccess && rp.sys_Permission.code == permissionCode));
break;
case RoleAccessType.Delete:
query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.deleteAccess && rp.sys_Permission.code == permissionCode));
break;
case RoleAccessType.Print:
query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.printAccess && rp.sys_Permission.code == permissionCode));
break;
default:
break;
}
return(query.Any(x => x.u.superAdmin) || query.Any());
}
