//List<Features>
public bool AuthorizeUser(string userName, string userRole, string token, Features[] dataEntity, OperationType ops)// Abhijeet - 30-10-2018 -Added role id
{
try
{
LGSELogger.Information("AuthorizeUser method has veen called");
//if (isUserExist)
//{
if (CheckPermission(userName, userRole, dataEntity, ops)) // Abhijeet - 30-10-2018 -Added role id
{
return(true);
}
//}
//else
//{
// throw new UnauthorizedAccessException(ErrorCodes.USER_DOES_NOT_EXISTS.ToString());
//}
return(false);
}
catch (UnauthorizedAccessException ex)
{
LGSELogger.Error(ex);
throw ex;
}
catch (Exception ex)
{
LGSELogger.Error(ex);
throw ex;
}
}
/// <summary>
/// Checks the permissions of the roles
/// </summary>
/// <param name="user"></param>
/// <param name="dataEntity"></param>
/// <param name="op"></param>
/// <returns></returns>
private bool CheckPermission(string userName, string userRole, Features[] dataEntity, OperationType op)// Abhijeet - 30-10-2018 -Added role id
{
LGSELogger.Information("CheckPermission for UserName" + userName);
// DbUtilities.dbContext = dbContext;
// Role preferredRole =GetUserPreferredRole(userName);
char roleChar = 'N';
foreach (var item in dataEntity)
{
var rolePermission = (from rp in dbContext.RolePermissions
.Where(
i => i.Feature.FeatureName == item.ToString() &&
i.RoleId == userRole &&
!i.Deleted)
select rp).FirstOrDefault();
if (rolePermission != null)
{
roleChar = GetPermissionCharByOperation(op, rolePermission);
LGSELogger.Information("Permission char for data entity {0},Operation {1}", dataEntity.ToString(),
op.ToString());
if (roleChar.Equals('A'))
{
return(true);
}
}
else
{
roleChar = 'N';
}
//var OperPerm = rolePermOnOPer.FirstOrDefault(item => item.Value != 'N');
}
if (roleChar.Equals('N'))
{
throw new UnauthorizedAccessException(ErrorCodes.USER_DOES_NOT_PERM_ON_OPERATION.ToString());
}
return(true);
}