public async Task <HasPermissionResponseDTO> HasPermission(HasPermissionRequestDTO request)
{
HasPermissionResponseDTO response = new HasPermissionResponseDTO();
if (string.IsNullOrEmpty(request.ClientCode) || string.IsNullOrEmpty(request.ClientPassword) || string.IsNullOrEmpty(request.ControllerRoute) || request.ApplicationId < 1)
{
throw new BusinessException(ResponseCode.ValidataionError);
}
var app = uow.Application.GetApplicationByClientCode(request.RequestInfo.ApplicationId);
if (app == null)
{
response.HasPermission = false;
return(response);
}
var user = await uow.User.GetAsync(x => x.UserName == request.RequestInfo.ClientCode && x.UserType == UserType.Application);
if (user == null)
{
response.HasPermission = false;
return(response);
}
var userApp = await uow.UserApplication.GetAsync(x => x.UserId == user.Id && x.ApplicationId == app.Id);
if (userApp == null)
{
response.HasPermission = false;
return(response);
}
if (!String.IsNullOrEmpty(request.RequestInfo.ClientPassword) && !String.IsNullOrEmpty(user.PasswordSalt) && HashHelper.GetDecryptedString(user.Password, user.PasswordSalt) != request.RequestInfo.ClientPassword)
{
response.HasPermission = false;
return(response);
}
var userPermission = uow.UserRole.HasPermission(user.Id, request.ControllerRoute);
if (!userPermission)
{
response.HasPermission = false;
return(response);
}
response.HasPermission = true;
return(response);
}
public Task <HasPermissionResponseDTO> HasPermission(HasPermissionRequestDTO request)
{
return(AuthenticationService.HasPermission(request));
}
