コード例 #1
0
        public InspectionResult InspectQuery(EntityQuery2 query)
        {
            if (query.IsForEntity(User.ENTITY))
            {
                if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
                {
                    return(InspectionResult.Allow);
                }
                else if (query.GetRuleByProperty("Id") != null && Convert.ToInt32(query.GetRuleByProperty("Id").Values[0]) == _securityService.CurrentUser.Id)
                {
                    return(InspectionResult.Allow);
                }

                if (query.HasProperty("RecoveryCode"))
                {
                    return(InspectionResult.Deny); //Only users with UserManagement permission can access this property
                }
                bool hasUserActivationPermission = _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation);
                var  isActiveRule = query.Rules.Find(r => r.IsForProperty("IsActive"));
                if (isActiveRule != null &&
                    isActiveRule.Values.Count() == 1 &&
                    Convert.ToBoolean(isActiveRule.Values.Single()) == false &&
                    hasUserActivationPermission)
                {
                    return(InspectionResult.Allow);
                }

                if (hasUserActivationPermission && !query.HasProperty("IsActive"))
                {
                    query.AddProperty("IsActive");
                }
            }
            else if (query.IsForEntity(UserGroup.ENTITY))
            {
                if (_securityService.CurrentUser.UserType == UserTypes.Librarian ||
                    _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement) ||
                    _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
                {
                    return(InspectionResult.Allow);
                }
                else if (query.GetRuleByProperty("UserType") != null &&
                         (UserTypes)Convert.ToInt32(query.GetRuleByProperty("UserType").Values[0]) == _securityService.CurrentUser.UserType &&
                         !query.HasInclude("User", "UserGroup"))
                {
                    return(InspectionResult.Allow);
                }
            }

            return(InspectionResult.None);
        }
コード例 #2
0
        public InspectionResult InspectQuery(EntityQuery2 query)
        {
            if (query.IsForEntity(User.ENTITY))
            {
                if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
                    return InspectionResult.Allow;
                else if (query.GetRuleByProperty("Id") != null && Convert.ToInt32(query.GetRuleByProperty("Id").Values[0]) == _securityService.CurrentUser.Id)
                    return InspectionResult.Allow;

                if (query.HasProperty("RecoveryCode"))
                    return InspectionResult.Deny; //Only users with UserManagement permission can access this property

                bool hasUserActivationPermission = _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation);
                var isActiveRule = query.Rules.Find(r => r.IsForProperty("IsActive"));
                if (isActiveRule != null
                    && isActiveRule.Values.Count() == 1
                    && Convert.ToBoolean(isActiveRule.Values.Single()) == false
                    && hasUserActivationPermission)
                    return InspectionResult.Allow;

                if (hasUserActivationPermission && !query.HasProperty("IsActive"))
                    query.AddProperty("IsActive");
            }
            else if (query.IsForEntity(UserGroup.ENTITY))
            {
                if (_securityService.CurrentUser.UserType == UserTypes.Librarian
                    || _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement)
                    || _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
                    return InspectionResult.Allow;
                else if (query.GetRuleByProperty("UserType") != null
                    && (UserTypes)Convert.ToInt32(query.GetRuleByProperty("UserType").Values[0]) == _securityService.CurrentUser.UserType
                    && !query.HasInclude("User", "UserGroup"))
                    return InspectionResult.Allow;
            }

            return InspectionResult.None;
        }