コード例 #1
0
        protected virtual void CreateRoleAndPermissions(AppUserRole roleType)
        {
            var roleFromDatabase = _context.Roles
                                   .IgnoreQueryFilters()
                                   .FirstOrDefault(r => r.TenantId == null &&
                                                   r.Name == roleType.GetDescriptionFromValue());

            if (roleFromDatabase == null)
            {
                roleFromDatabase = new Role(null,
                                            roleType.GetDescriptionFromValue(),
                                            roleType.GetDescriptionFromValue())
                {
                    IsStatic  = true,
                    IsDefault = false
                };
                _context.Roles.Add(roleFromDatabase);
                _context.SaveChanges();
            }

            var activeRolePermissions = _context.RolePermissions
                                        .Where(p => p.RoleId == roleFromDatabase.Id && p.IsGranted).ToList();

            // Grant all permissions
            var permissionNames = StaticRolePermissions.RolePermissions.ContainsKey(roleType) ?
                                  StaticRolePermissions.RolePermissions[roleType] :
                                  new List <string>();

            foreach (var permission in permissionNames)
            {
                if (activeRolePermissions.Any(p => p.Name == permission))
                {
                    continue;
                }

                _context.Permissions.Add(
                    new RolePermissionSetting
                {
                    TenantId  = null,
                    Name      = permission,
                    IsGranted = true,
                    RoleId    = roleFromDatabase.Id
                });
            }

            // remove not applyable permissions

            foreach (var activePermission in activeRolePermissions)
            {
                if (!permissionNames.Contains(activePermission.Name))
                {
                    activePermission.IsGranted = false;
                }
            }

            _context.SaveChanges();
        }