public async Task <IActionResult> UpdateRolePermissionAsync([FromBody] UpdateRolePermissionViewModel model_)
{
string roleId = (await _roleManager.FindByNameAsync(model_.RoleName)).Id;
Enum.TryParse(model_.PermissionValue, true, out Permission permissionEnumValue);
if (model_.Extension == Constants.SoftinuxBaseSecurity && permissionEnumValue != Permission.Admin)
{
if (await ReadGrants.IsRoleLastAdminPermissionLevelGrantForExtensionAsync(_roleManager, Storage, model_.RoleName, model_.Extension))
{
return(StatusCode((int)HttpStatusCode.BadRequest, "Permission not updated, the role is the last Admin grant to SoftinuxBase.Security extension"));
}
}
IRolePermissionRepository repo = Storage.GetRepository <IRolePermissionRepository>();
repo.Delete(roleId, model_.Extension);
var permissionEntity = Storage.GetRepository <IPermissionRepository>().Find(permissionEnumValue);
repo.Create(new RolePermission {
RoleId = roleId, PermissionId = permissionEntity.Id, Extension = model_.Extension
});
await Storage.SaveAsync();
return(StatusCode((int)HttpStatusCode.OK));
}
/// <summary>
/// Delete all links between a role and extensions.
/// </summary>
/// <param name="storage_">Storage interface provided by services container.</param>
/// <param name="roleManager_">Roles manager instance.</param>
/// <param name="roleName_">Role name.</param>
/// <returns>False if not data to delete found, otherwise true.</returns>
internal static async Task <bool> DeleteRoleExtensionsLinksAsync(IStorage storage_, RoleManager <IdentityRole <string> > roleManager_, string roleName_)
{
string roleId = (await roleManager_.FindByNameAsync(roleName_))?.Id;
if (string.IsNullOrEmpty(roleId))
{
return(false);
}
IRolePermissionRepository repo = storage_.GetRepository <IRolePermissionRepository>();
IEnumerable <RolePermission> records = repo.FilteredByRoleId(roleId).ToList();
if (!records.Any())
{
return(false);
}
foreach (var record in records)
{
repo.Delete(record.RoleId, record.Extension);
}
await storage_.SaveAsync();
return(true);
}
/// <summary>
/// Delete a link between a role and an extension.
/// </summary>
/// <param name="storage_">Storage interface provided by services container.</param>
/// <param name="roleManager_">Roles manager instance.</param>
/// <param name="extensionName_">Extension name.</param>
/// <param name="roleName_">Role name.</param>
/// <returns>Return true on success, false when forbidden, null when not found.</returns>
internal static async Task <bool?> DeleteRoleExtensionLinkAsync(IStorage storage_, RoleManager <IdentityRole <string> > roleManager_, string extensionName_, string roleName_)
{
string roleId = (await roleManager_.FindByNameAsync(roleName_))?.Id;
if (string.IsNullOrEmpty(roleId))
{
return(null);
}
IRolePermissionRepository repo = storage_.GetRepository <IRolePermissionRepository>();
if (repo.FindBy(roleId, extensionName_) == null)
{
return(null);
}
if (extensionName_ == Constants.SoftinuxBaseSecurity)
{
if (await ReadGrants.IsRoleLastAdminPermissionLevelGrantForExtensionAsync(roleManager_, storage_, roleName_, extensionName_))
{
return(false);
}
}
repo.Delete(roleId, extensionName_);
await storage_.SaveAsync();
return(true);
}
private async Task SetPermissions(Guid roleId, params Guid[] permIds)
{
// Add new permissions from list
var existingPermissions = (await _rolePermissionRepository.GetByRole(roleId)).ToList();
var permissionsToAdd = permIds.Where(x => existingPermissions.All(p => p.PermissionId != x)).ToList();
var permissionsToRemove = existingPermissions.Where(p => permIds.All(x => x != p.PermissionId)).ToList();
foreach (var permId in permissionsToAdd)
{
_rolePermissionRepository.Create(new RolePermission
{
RoleId = roleId, PermissionId = permId
});
}
// Remove permissions that no longer apply
foreach (var perm in permissionsToRemove)
{
await _rolePermissionRepository.Delete(perm.RoleId, perm.PermissionId);
}
_rolePermissionsCache.Purge(roleId);
await _rolePermissionRepository.SaveChanges();
}
/// <summary>
/// 级联删除
/// </summary>
/// <param name="roleIds"></param>
public OperationResult DeleteWithRelations(int[] roleIds)
{
OperationResult result = new OperationResult();
if (roleIds == null || roleIds.Length < 1)
{
result.ResultType = OperationResultType.ParamError;
result.Message = string.Format("{0}失败,{1}", Msg_DeleteWithRelations, "角色id不能为空");
return(result);
}
result = OnBeforeDelete(role => roleIds.Contains(role.Id));
if (result.ResultType != OperationResultType.Success)
{
return(result);
}
base.UnitOfWork.AutoCommit = false;
try
{
base.UnitOfWork.BeginTransaction();
_rolePermissionRep.Delete(r => roleIds.Contains(r.RoleId));
_roleRepository.Delete(r => roleIds.Contains(r.Id));
base.UnitOfWork.Commit();
result.ResultType = OperationResultType.Success;
result.Message = Msg_DeleteWithRelations + "成功";
}
catch (Exception ex)
{
base.UnitOfWork.Rollback();
base.ProcessException(ref result, Msg_DeleteWithRelations + "失败", ex);
}
return(result);
}
public Task <IActionResult> Delete(int id)
{
return(Task.Factory.StartNew <IActionResult>(() =>
{
RolePermissionRepository.Delete(id, false);
return Json(ExcutedResult.SuccessResult("成功删除一条数据。"));
}));
}
public async Task <IActionResult> DeleteRoleExtensionLink(string roleName_, string scope_)
{
string roleId = (await _roleManager.FindByNameAsync(roleName_)).Id;
IRolePermissionRepository repo = Storage.GetRepository <IRolePermissionRepository>();
if (repo.FindBy(roleId, scope_) != null)
{
repo.Delete(roleId, scope_);
Storage.Save();
return(new JsonResult(true));
}
return(new JsonResult(false));
}
[HttpGet] // TODO change to POST
public async Task <IActionResult> UpdateRolePermission(string roleName_, string permissionId_, string scope_)
{
string roleId = (await _roleManager.FindByNameAsync(roleName_)).Id;
IRolePermissionRepository repo = Storage.GetRepository <IRolePermissionRepository>();
repo.Delete(roleId, scope_);
if (!string.IsNullOrEmpty(permissionId_.ToLowerInvariant()))
{
repo.Create(new RolePermission {
RoleId = roleId, PermissionId = permissionId_.UppercaseFirst(), Scope = scope_
});
}
Storage.Save();
return(new JsonResult(true));
}
public ActionResult Edit(EditRoleViewModel vm)
{
if (ModelState.IsValid)
{
var role = _roleRepository.Get(vm.Id);
role.Name = vm.Name;
role.Description = vm.Description;
// Clean up all Permissions
var permissions = _rolePermissionRepository.GetAllBy(r => r.RoleId == role.Id).ToList();
foreach (var permission in permissions)
{
_rolePermissionRepository.Delete(permission);
}
_unitOfWork.Commit();
foreach (var permission in vm.PermissionIds)
{
var rolePermission = new RolePermission()
{
RoleId = vm.Id,
PermissionId = permission
};
_rolePermissionRepository.Create(rolePermission);
}
_unitOfWork.Commit();
_roleRepository.Update(role);
_unitOfWork.Commit();
return(RedirectToAction("Index"));
}
ViewBag.RolePermissions = new MultiSelectList(_permissionRepository.GetAll(), "Id", "Title");
return(View(vm));
}
public UpdateResult UpdateRole(RoleDto roleDto)
{
var result = GetDefault <UpdateResult>();
var role = _roleRepository.FindSingle(r => r.Id == roleDto.Id);
if (role == null)
{
result.Message = "ROLE_NOT_EXIST";
return(result);
}
if (roleDto.Permissions != null && roleDto.Permissions.Any())
{
var list = role.RolePermissions.ToList();
foreach (var item in list)
{
if (!roleDto.Permissions.Exists((x => x.Id == item.PermissionId)))
{
_rolePermissionRepository.Delete(item);
}
}
foreach (var item in roleDto.Permissions)
{
if (!list.Exists(x => x.PermissionId == item.Id))
{
role.RolePermissions.Add(new RolePermission()
{
PermissionId = item.Id, RoleId = role.Id
});
}
}
}
role.RoleName = roleDto.Name;
_roleRepository.Update(role);
_roleRepository.Commit();
result.IsSaved = true;
return(result);
}
public bool Delete(Guid id)
{
return(_rolePermissionRepository.Delete(id));
}
public void UpdateRole(AggregateRole aggregateRole)
{
_roleRepository.Update(aggregateRole.Role);
_rolePermissionRepository.Delete(x => x.RoleId == aggregateRole.Role.Id);
_rolePermissionRepository.InsertRange(aggregateRole.Permissions);
}
public ActionResult Update(RoleModel vm)
{
ApiResult <Role> apiResult;
if (ModelState.IsValid)
{
if (vm.Id > 0)
{
apiResult = TryExecute(() =>
{
var selectedRole = _roleRepository.Get(vm.Id);
selectedRole.Name = vm.Name;
selectedRole.Description = vm.Description;
// Clean up all Permissions
var permissions = _rolePermissionRepository.GetAllBy(r => r.RoleId == vm.Id).ToList();
foreach (var permission in permissions)
{
_rolePermissionRepository.Delete(permission);
}
_unitOfWork.Commit();
foreach (var permission in vm.PermissionIds)
{
var rolePermission = new RolePermission
{
RoleId = vm.Id,
PermissionId = permission
};
_rolePermissionRepository.Create(rolePermission);
}
_roleRepository.Update(selectedRole);
_unitOfWork.Commit();
return(selectedRole);
}, "Role updated sucessfully");
}
else
{
apiResult = TryExecute(() =>
{
var newRole = new Role
{
Name = vm.Name,
Description = vm.Description
};
_roleRepository.Create(newRole);
_unitOfWork.Commit();
foreach (var permission in vm.PermissionIds)
{
var rolePermission = new RolePermission
{
RoleId = newRole.Id,
PermissionId = permission
};
_rolePermissionRepository.Create(rolePermission);
}
_unitOfWork.Commit();
return(newRole);
}, "Role created sucessfully");
}
}
else
{
apiResult = ApiResultFromModelErrors <Role>();
}
return(Json(apiResult, JsonRequestBehavior.AllowGet));
}
/// <summary>
///
/// </summary>
/// <param name="objRolePermission"></param>
public void DeleteRolePermission(RolePermission objRolePermission)
{
_rolePermissionRepository.Delete(objRolePermission);
_unitOfWork.Commit();
}