/// <summary>
/// 实现查询出所有的权限信息
/// </summary>
/// <returns>返回查询出来的权限信息的Json串</returns>
public ActionResult GetAllPermissionInfos()
{
//首先得到传递过来的参数
int pageIndex = Request["page"] == null ? 1 : int.Parse(Request["page"]);
int pageSize = Request["rows"] == null ? 10: int.Parse(Request["rows"]);
int total = 0;
//得到多条件查询的参数
string PerMission = Request["perMission"];
int? RequestHttpType = Request["requestHttpType"] == null ? -1 : int.Parse(Request["requestHttpType"]);
int? ActionType = Request["ActionType"] == null ? -1 : int.Parse(Request["ActionType"]);
int? Enabled = Request["enabled"] == null ? -1 : int.Parse(Request["enabled"]);
int? DeletionStateCode = Request["DeletionStateCode"] == null ? 0 : int.Parse(Request["DeletionStateCode"]);
//封装一个实体层表示查询的类
var permissionInfo = new PermissionQuery()
{
PageIndex = pageIndex,
PageSize = pageSize,
Total = 0,
PerMission = PerMission,
ActionType = ActionType,
Enabled = Enabled,
RequestHttpType = RequestHttpType,
DeletionStateCode = DeletionStateCode
};
var date = _permissionInfoService.LoadSearchDate(permissionInfo);
var result = new { total = permissionInfo.Total, rows = date };
return(JsonDate(result));
}
public void PermissionQuery_GetRelatedItems_AllowedOrDenied()
{
var content = GetContent("RAX");
var perms = new[] { PermissionType.Custom01 };
var result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], perms);
var actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RAXC, RAXCC", actual);
content = GetContent("RAX");
perms = new[] { PermissionType.Custom02 };
result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], perms);
actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RAXB", actual);
content = GetContent("RAX");
perms = new[] { PermissionType.Custom03 };
result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], perms);
actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RAXACA, RAXBBC", actual);
content = GetContent("RAX");
perms = new[] { PermissionType.Custom01, PermissionType.Custom02, PermissionType.Custom03 };
result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], perms);
actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RAXACA, RAXB, RAXBBC, RAXC, RAXCC", actual);
content = GetContent("RAX");
perms = new[] { PermissionType.Custom01, PermissionType.Custom02, PermissionType.Custom03 };
result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U3"], perms);
actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RAXA, RAXAA, RAXC", actual);
}
public void PermissionQuery_GetRelatedItemsOneLevel()
{
var permissionTypes = new[] { PermissionType.Custom01, PermissionType.Custom02, PermissionType.Custom03 };
var content = GetContent("RA");
var group = (Group)_identities["G1"];
var result = PermissionQuery.GetRelatedItemsOneLevel(content, PermissionLevel.AllowedOrDenied, group, permissionTypes);
var actual = String.Join(", ", result.Select(c => String.Concat(c.Key.Path.Substring(28).Replace("/", ""), ":", c.Value)));
Assert.AreEqual("RAX:3", actual);
content = GetContent("RAX");
group = (Group)_identities["G2"];
result = PermissionQuery.GetRelatedItemsOneLevel(content, PermissionLevel.AllowedOrDenied, group, permissionTypes);
actual = String.Join(", ", result.Select(c => String.Concat(c.Key.Path.Substring(28).Replace("/", ""), ":", c.Value)));
Assert.AreEqual("RAXA:3, RAXB:0, RAXC:0", actual);
content = GetContent("RAX");
group = (Group)_identities["G2"];
result = PermissionQuery.GetRelatedItemsOneLevel(content, PermissionLevel.AllowedOrDenied, group, permissionTypes);
actual = String.Join(", ", result.Select(c => String.Concat(c.Key.Path.Substring(28).Replace("/", ""), ":", c.Value)));
Assert.AreEqual("RAXA:3, RAXB:0, RAXC:0", actual);
content = GetContent("RAXA");
group = (Group)_identities["G2"];
result = PermissionQuery.GetRelatedItemsOneLevel(content, PermissionLevel.AllowedOrDenied, group, permissionTypes);
actual = String.Join(", ", result.Select(c => String.Concat(c.Key.Path.Substring(28).Replace("/", ""), ":", c.Value)));
Assert.AreEqual("RAXAA:0, RAXAB:1, RAXAC:0", actual);
}
private static Dictionary <string, object> CreateAce(SnAccessControlEntry entry)
{
var perms = new Dictionary <string, object>();
foreach (var perm in entry.Permissions)
{
if (perm.Allow || perm.Deny)
{
perms.Add(perm.Name, new Dictionary <string, object>
{
{ "value", perm.Allow ? "allow" : "deny" },
{ "from", perm.AllowFrom ?? perm.DenyFrom },
{ "identity", entry.Identity.Path }
});
}
else
{
perms.Add(perm.Name, null);
}
}
var ace = new Dictionary <string, object>
{
{ "identity", PermissionQuery.GetIdentity(entry) },
{ "propagates", entry.Propagates },
{ "permissions", perms }
};
return(ace);
}
/// <summary>
/// Sent by the server when it replies to the query or wants the user to resync all channel permissions.
/// </summary>
/// <param name="permissionQuery"></param>
public virtual void PermissionQuery(PermissionQuery permissionQuery)
{
if (permissionQuery.Flush)
{
foreach (var channel in ChannelDictionary.Values)
{
channel.Permissions = 0; // Permissions.DEFAULT_PERMISSIONS;
}
}
else if (permissionQuery.ShouldSerializeChannelId())
{
Channel channel;
if (!ChannelDictionary.TryGetValue(permissionQuery.ChannelId, out channel))
{
throw new InvalidOperationException($"{nameof(PermissionQuery)} provided an unknown {permissionQuery.ChannelId}.");
}
if (permissionQuery.ShouldSerializePermissions())
{
channel.Permissions = (Permission)permissionQuery.Permissions;
}
}
else
{
throw new InvalidOperationException($"{nameof(PermissionQuery)} must provide either {nameof(permissionQuery.Flush)} or {nameof(permissionQuery.ChannelId)}.");
}
}
public void PermissionQuery_GetRelatedIdentities()
{
var identities = new[] { "UU1", "UU2", "UU3", "GG1", "GG2" };
var content = GetContent("RAX");
var result = PermissionQuery.GetRelatedIdentities(content, PermissionLevel.AllowedOrDenied, IdentityKind.All);
var names = result.Where(c => c.Name.StartsWith("UU") || c.Name.StartsWith("GG")).Select(c => c.Name);
Assert.IsTrue(0 == names.Except(identities).Count(), String.Concat("Names are ", String.Join(", ", names)));
Assert.IsTrue(0 == identities.Except(names).Count(), String.Concat("Names are ", String.Join(", ", names)));
identities = new[] { "UU1", "UU3", "GG1", "GG2" };
content = GetContent("RAXA");
result = PermissionQuery.GetRelatedIdentities(content, PermissionLevel.AllowedOrDenied, IdentityKind.All);
names = result.Where(c => c.Name.StartsWith("UU") || c.Name.StartsWith("GG")).Select(c => c.Name);
Assert.AreEqual(0, names.Except(identities).Count());
Assert.AreEqual(0, identities.Except(names).Count());
Assert.IsTrue(0 == names.Except(identities).Count(), String.Concat("Names are ", String.Join(", ", names)));
Assert.IsTrue(0 == identities.Except(names).Count(), String.Concat("Names are ", String.Join(", ", names)));
identities = new[] { "UU1", "UU2", "UU3", "GG1" };
content = GetContent("RAXC");
result = PermissionQuery.GetRelatedIdentities(content, PermissionLevel.AllowedOrDenied, IdentityKind.All);
names = result.Where(c => c.Name.StartsWith("UU") || c.Name.StartsWith("GG")).Select(c => c.Name);
Assert.IsTrue(0 == names.Except(identities).Count(), String.Concat("Names are ", String.Join(", ", names)));
Assert.IsTrue(0 == identities.Except(names).Count(), String.Concat("Names are ", String.Join(", ", names)));
}
/// <summary>
/// 实现对权限的查询
/// </summary>
/// <param name="permission">传递的是权限查询的实体类</param>
/// <returns>返回结果</returns>
public IQueryable <BasePermission> LoadSearchDate(PermissionQuery permissionInfo)
{
var temp = _DbSession.BasePermissionRepository.LoadEntities(c => true);
if (!string.IsNullOrEmpty(permissionInfo.PerMission))
{
temp = temp.Where <BasePermission>(c => c.PerMission.Contains(permissionInfo.PerMission));
}
if (permissionInfo.RequestHttpType != -1)
{
temp = temp.Where <BasePermission>(c => c.RequestHttpType == permissionInfo.RequestHttpType);
}
if (permissionInfo.ActionType != -1)
{
temp = temp.Where <BasePermission>(c => c.ActionType == permissionInfo.ActionType);
}
if (permissionInfo.Enabled != -1)
{
temp = temp.Where <BasePermission>(c => c.Enabled == permissionInfo.Enabled);
}
if (permissionInfo.DeletionStateCode == 1)
{
temp = temp.Where <BasePermission>(c => c.DeletionStateCode == permissionInfo.DeletionStateCode);
}
else
{
temp = temp.Where <BasePermission>(c => c.DeletionStateCode == 0);
}
permissionInfo.Total = temp.Count();
return(temp.OrderBy(c => c.SortCode).Skip(permissionInfo.PageSize * (permissionInfo.PageIndex - 1)).Take(permissionInfo.PageSize));
}
public void PermissionQuery_GetRelatedItems_Denied()
{
var content = GetContent("RAX");
var perms = new[] { PermissionType.Custom01 };
var result = PermissionQuery.GetRelatedItems(content, PermissionLevel.Denied, true, _identities["U3"], perms);
var actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RAXA", actual);
}
private static Dictionary <string, object> GetEmptyEntry(string identityPath)
{
var perms = PermissionType.PermissionTypes.ToDictionary <PermissionType, string, object>(pt => pt.Name, pt => null);
return(new Dictionary <string, object>
{
{ "identity", PermissionQuery.GetIdentity(Node.LoadNode(identityPath)) },
{ "propagates", true },
{ "permissions", perms }
});
}
public void PermissionQuery_GetRelatedGroups()
{
var permissionTypes = new[] { PermissionType.Custom01, PermissionType.Custom02, PermissionType.Custom03 };
var identities = new[] { "GG1", "GG2", "Administrators", "Everyone" };
var content = GetContent("RAX");
var result = PermissionQuery.GetRelatedIdentities(content, PermissionLevel.AllowedOrDenied, IdentityKind.GroupsAndOrganizationalUnits, permissionTypes);
var names = result.Select(c => c.Name);
Assert.AreEqual(0, names.Except(identities).Count());
Assert.AreEqual(0, identities.Except(names).Count());
}
public void PermissionQuery_GetRelatedPermissions_WithTypeFilter()
{
var content = GetContent("RAX");
var result = PermissionQuery.GetRelatedPermissions(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], new[] { "Folder" });
var resultString = String.Join(", ", result.Where(i => i.Value > 0).Select(i => String.Concat(i.Key.Name, ":", i.Value)));
Assert.AreEqual("Custom01:2, Custom02:1, Custom03:1", resultString);
content = GetContent("RAX");
result = PermissionQuery.GetRelatedPermissions(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], new[] { "Car" });
resultString = String.Join(", ", result.Where(i => i.Value > 0).Select(i => String.Concat(i.Key.Name, ":", i.Value)));
Assert.AreEqual("Custom03:1", resultString);
}
public void PermissionQuery_GetRelatedPermissions()
{
var content = GetContent("RAX");
var result = PermissionQuery.GetRelatedPermissions(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], null);
var resultString = String.Join(", ", result.Where(i => i.Value > 0).Select(i => String.Concat(i.Key.Name, ":", i.Value)));
Assert.AreEqual("Custom01:2, Custom02:1, Custom03:2", resultString);
content = GetContent("RAX");
result = PermissionQuery.GetRelatedPermissions(content, PermissionLevel.AllowedOrDenied, true, Group.Administrators, null);
resultString = String.Join(", ", result.Where(i => i.Value > 0).Select(i => String.Concat(i.Key.Name, ":", i.Value)));
Assert.AreEqual("See:1, Preview:1, PreviewWithoutWatermark:1, PreviewWithoutRedaction:1, Open:1, OpenMinor:1, Save:1, Publish:1, ForceCheckin:1, AddNew:1, Approve:1, Delete:1, RecallOldVersion:1, DeleteOldVersion:1, SeePermissions:1, SetPermissions:1, RunApplication:1, ManageListsAndWorkspaces:1", resultString);
}
public void PermissionQuery_GetRelatedItems_AboveBreakedNoExplicit()
{
var content = GetContent("RBA");
var perms = new[] { _permissions["P1"] };
var result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U1"], perms);
var actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RBAA, RBAB, RBAC, RBAD", actual);
result = PermissionQuery.GetRelatedItems(content, PermissionLevel.AllowedOrDenied, true, _identities["U2"], perms);
actual = String.Join(", ", result.Select(c => c.Path.Substring(28).Replace("/", "")));
Assert.AreEqual("RBAA, RBAB", actual);
}
private static Dictionary <string, object> CreateAce(SnAccessControlEntry entry)
{
string ancestor = null;
var isInherited = true;
var perms = new Dictionary <string, object>();
foreach (var perm in entry.Permissions)
{
if (perm.Allow || perm.Deny)
{
var from = GetSafeAncestorPath(perm.AllowFrom ?? perm.DenyFrom);
if (from != null && from.Length > (ancestor?.Length ?? 0))
{
ancestor = from;
}
if (from == null)
{
isInherited = false;
}
perms.Add(perm.Name, new Dictionary <string, object>
{
{ "value", perm.Allow ? "allow" : "deny" },
{ "from", from },
});
}
else
{
perms.Add(perm.Name, null);
}
}
var ace = new Dictionary <string, object>
{
{ "identity", PermissionQuery.GetIdentity(entry) },
{ "ancestor", ancestor },
{ "inherited", isInherited },
{ "propagates", entry.Propagates },
{ "permissions", perms }
};
return(ace);
}
public async Task <QueryResult <Permission> > GetPermissions(PermissionQuery queryObj)
{
var result = new QueryResult <Permission>();
var query = context.Permissions.AsQueryable();
if (queryObj.Nome != "" && queryObj.Nome != null)
{
query = query.Where(c => c.Nome.Contains(queryObj.Nome));
}
if (queryObj.Description != "" && queryObj.Description != null)
{
query = query.Where(c => c.Description.Contains(queryObj.Description));
}
if (queryObj.Path != "" && queryObj.Path != null)
{
query = query.Where(c => c.Path.Contains(queryObj.Path));
}
if (queryObj.Active.HasValue)
{
query = query.Where(c => c.Active == Convert.ToBoolean(queryObj.Active));
}
if (queryObj.ParentId.HasValue)
{
query = query.Where(c => c.ParentId == queryObj.ParentId);
}
var columnsMap = new Dictionary <string, Expression <Func <Permission, object> > >()
{
["nome"] = p => p.Nome,
["description"] = p => p.Description,
["path"] = p => p.Path,
["active"] = p => p.Active
};
query = query.ApplyOrdering(queryObj, columnsMap);
result.TotalItems = await query.CountAsync();
query = query.ApplyPaging(queryObj);
result.Items = await query.ToListAsync();
return(result);
}
/// <summary>
/// 获取资源标识列表
/// </summary>
/// <param name="query">查询参数</param>
public async Task <List <Guid> > GetResourceIdsAsync(PermissionQuery query) =>
await PermissionRepository.GetResourceIdsAsync(query.ApplicationId.SafeValue(),
query.RoleId.SafeValue(), query.IsDeny.SafeValue());
public Permission GetPermission(Guid id)
{
var query = new PermissionQuery(dbContext.Permissions);
return query.Execute(id);
}
/// <summary>
/// Sent by the client when it wants permissions for a certain channel.
/// </summary>
/// <param name="permissionQuery"></param>
public void SendPermissionQuery(PermissionQuery permissionQuery)
{
Connection.SendControl(PacketType.PermissionQuery, permissionQuery);
}
public virtual async Task <IActionResult> GetResourceIdsAsync(PermissionQuery query)
{
var result = await PermissionService.GetResourceIdsAsync(query);
return(Success(result));
}
public virtual void PermissionQuery(PermissionQuery permissionQuery)
{
}
public virtual void PermissionQuery(PermissionQuery permissionQuery)
{
}
public Permission GetPermission(Guid id)
{
var query = new PermissionQuery(dbContext.Permissions);
return(query.Execute(id));
}
