public static bool HasPermission(this WebViewPage wvp, RoleAccessType roleAccessType, PermissionList code) { string username = wvp.GetCurrentUsername(); string permissionCode = code.ToString(); return(DependencyResolver.Current.GetService <IUserService>().HasPermission(username, roleAccessType, permissionCode));; }
public bool HasPermission(string username, RoleAccessType accessType, string permissionCode) { #if DEBUG if (username == "admin") { return(true); } #endif if (!this._repoPermission.Query(true).Filter(x => x.code == permissionCode).Get().Any()) { Guid companyId = this.GetCurrentCompanyId(); this.ExecuteSql("insert into sys_Permission (companyId, code, description, updatedBy) values (" + companyId + ", '" + permissionCode + "', '" + permissionCode + "', " + this.GetCurrentUserId() + ")"); } var query = this._repoUser.Query().Filter(x => x.username == username) .Get() .Join(this._repoUserRole.QueryGet(), u => u.id, ur => ur.userId, (u, ur) => new { u, ur }); switch (accessType) { case RoleAccessType.View: query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.viewAccess && rp.sys_Permission.code == permissionCode)); break; case RoleAccessType.Create: query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.createAccess && rp.sys_Permission.code == permissionCode)); break; case RoleAccessType.Update: query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.updateAccess && rp.sys_Permission.code == permissionCode)); break; case RoleAccessType.Delete: query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.deleteAccess && rp.sys_Permission.code == permissionCode)); break; case RoleAccessType.Print: query = query.Where(x => x.ur.sys_Role.sys_RolePermissions.Any(rp => rp.printAccess && rp.sys_Permission.code == permissionCode)); break; default: break; } return(query.Any(x => x.u.superAdmin) || query.Any()); }