/// <summary> /// Checks if current user has privilegies to access the given resource /// </summary> /// <param name="resource">Resource name</param> /// <param name="acl">ACL</param> /// <param name="assign">Assig roles and resources to ACL</param> public void checkACL(string resource, CMS_Acl acl, bool assign) { CMS_Login login = new CMS_Login(); if (assign) { using (ACLDataContext DataContext = new ACLDataContext()) { var roles = DataContext.roles .OrderBy(x=>x.parentid) .Select(x=>new{RoleName = x.name, RoleID = x.id,RoleParentId = x.parentid, RoleParentName = x.role1.name}).ToList(); ////var roles = from r in DataContext.roles //// join r2 in DataContext.roles on r.parentid equals r2.id into joined //// from a in joined.DefaultIfEmpty() //// orderby r.parentid //// select new { RoleName = r.name, RoleID = r.id, RoleParentId = r.parentid, RoleParentName = a.role1.name }; Dictionary<long?, CMS_Role> parentals = new Dictionary<long?, CMS_Role>(); foreach (var a in roles) { if (a.RoleParentId != null && parentals.ContainsKey(a.RoleParentId)) { CMS_Role r = new CMS_Role(a.RoleName, parentals[a.RoleParentId]); acl.addRole(r); parentals.Add(a.RoleID, r); } else { CMS_Role r = new CMS_Role(a.RoleName); acl.addRole(r); parentals.Add(a.RoleID, r); } } var resources = from res in DataContext.resources select new { ResourceName = res.name, Action = res.action, Controller = res.controller }; foreach (var a in resources) { acl.addResource(new CMS_Resource(a.Controller + ":" + a.Action)); } var rules = from r in DataContext.roles join cr in DataContext.role_resources on r.id equals cr.rolesid join res in DataContext.resources on cr.resourcesid equals res.id orderby r.id select new { Role = r.name, Controller = res.controller, Action = res.action }; if (rules.Count() > 0) { foreach (var a in rules) { acl.allow(a.Role, a.Controller + ":" + a.Action); } } } } user user; string role; if (login.hasIdentity()) { user = login.getIdentity(); role = this.roles().getById(user.rolesid).name; } else { user = null; role = "guest"; } if (!acl.isAllowed(role, resource)) { if (!login.hasIdentity()) { throw new Exception("You are not logged in! Log in and try again."); } else { //trigger error throw new Exception("You are not allowed to view this datasource!"); //TODO } } }
public bool CreateOrUpdate(CMS_RoleModels model, ref string Id, ref string msg) { NSLog.Logger.Info("RoleCreateOrUpdate", model); var Result = true; using (var cxt = new CMS_Context()) { try { model.Name = model.Name.Trim(); if (string.IsNullOrEmpty(model.Id)) /* insert */ { Id = Guid.NewGuid().ToString(); model.Id = Id; var checkDup = cxt.CMS_Role.Where(o => o.Name.Trim() == model.Name.Trim()).FirstOrDefault(); if (checkDup == null) { var e = new CMS_Role { ID = Id, StoreID = model.StoreID, Name = model.Name, IsActive = model.IsActive, Status = (byte)Commons.EStatus.Actived, CreatedDate = DateTime.Now, CreatedUser = model.CreatedBy, ModifiedUser = model.CreatedBy, LastModified = DateTime.Now, }; cxt.CMS_Role.Add(e); } else { msg = "Duplicate Name"; Result = false; } } else /* updated */ { var checkDupCode = cxt.CMS_Role.Where(o => o.Name.Trim() == model.Name.Trim() && o.ID != model.Id).FirstOrDefault(); if (checkDupCode == null) { var e = cxt.CMS_Role.Find(model.Id); if (e != null) { e.Name = model.Name; e.IsActive = model.IsActive; e.Status = (byte)Commons.EStatus.Actived; e.ModifiedUser = model.CreatedBy; e.LastModified = DateTime.Now; } else { Result = false; msg = "Unable to find role."; } } else { msg = "Duplicate name"; Result = false; } } if (cxt.SaveChanges() > 0 && Result == true) { /* insert list module permission */ CreateOrUpdatePermission(model); } NSLog.Logger.Info("ResponseRoleCreateOrUpdate", new { Result, msg }); } catch (Exception ex) { Result = false; msg = "System Error."; NSLog.Logger.Error("ErrorRoleCreateOrUpdate", ex); } } return(Result); }