public void TestAddPermissionThrowsExceptionIfloginIdDuplicate()
{
try
{
#region Arrange
Controller.ControllerContext.HttpContext = new MockHttpContext(1, new[] { "" });
ControllerRecordFakes.FakeApplications(3, ApplicationRepository);
ControllerRecordFakes.FakeRoles(5, RoleRepository);
var users = new List <User> {
CreateValidEntities.User(1), CreateValidEntities.User(1)
};
ControllerRecordFakes.FakeUsers(3, UserRepository, users);
ControllerRecordFakes.FakePermissions(1, PermissionRepository);
RoleService.Expect(a => a.GetVisibleByUser("Name2", "UserName")).Return(RoleRepository.Queryable).Repeat.Any();
UserService.Expect(a => a.CanUserManageGivenLogin("Name2", "UserName", "LoginId1")).Return(true).Repeat.Any();
PermissionRepository.Expect(a => a.EnsurePersistent(Arg <Permission> .Is.Anything)).Repeat.Any();
#endregion Arrange
#region Act
Controller.AddPermission("Name2", "LoginId1", 3);
#endregion Act
}
catch (Exception ex)
{
#region Assert
Assert.IsNotNull(ex);
Assert.AreEqual("Sequence contains more than one element", ex.Message);
UserService.AssertWasCalled(a => a.CanUserManageGivenLogin("Name2", "UserName", "LoginId1"));
RoleService.AssertWasCalled(a => a.GetVisibleByUser("Name2", "UserName"));
PermissionRepository.AssertWasNotCalled(a => a.EnsurePersistent(Arg <Permission> .Is.Anything));
#endregion Assert
throw;
}
}
public IEnumerable <string> GetPermissionCodes(int userId)
{
var repository = new PermissionRepository();
var codes = repository.GetBy(userId);
return(codes);
}
public void CanGetCreatedEvent()
{
var eventRepository = MockRepository.GenerateStub<IEventRepository>();
var expectedEventDto = new EventDto
{
EventId = 1
};
eventRepository
.Expect(et => et.GetItem(1))
.Return(expectedEventDto);
var permissionRepository = new PermissionRepository();
var personRepository = new PersonRepository(permissionRepository, new ChurchRepository());
var usernamePasswordRepository = new UsernamePasswordRepository(permissionRepository);
var groupRepository = new GroupRepository();
var messageRepository = new MessageRepository();
var messageRecepientRepository = new MessageRecepientRepository();
var messageAttachmentRepository = new MessageAttachmentRepository();
var emailSender = new EmailSender(messageRepository, messageRecepientRepository, messageAttachmentRepository, personRepository);
var churchEmailTemplatesRepository = new ChurchEmailTemplatesRepository();
var emailContentRepository = new EmailContentRepository();
var emailContentService = new EmailContentService(emailContentRepository);
var emailService = new EmailService(usernamePasswordRepository, personRepository, groupRepository, emailSender, emailContentService, churchEmailTemplatesRepository, permissionRepository);
IEventService eventService = new EventService(eventRepository, emailService, new BirthdayAndAniversaryRepository());
var eventDto = eventService.GetEvent(1);
Assert.That(eventDto, Is.EqualTo(expectedEventDto));
}
public UnitOfWork(KCTestContext kCTestContext)
{
_kCTestContext = kCTestContext;
PermissionRepository = new PermissionRepository(_kCTestContext.Permissions);
PermissionTypeRepository = new PermissionTypeRepository(_kCTestContext.PermissionTypes);
}
public void CanCreateANewEvent()
{
var eventTypeRepository = MockRepository.GenerateStub<IEventRepository>();
var permissionRepository = new PermissionRepository();
var personRepository = new PersonRepository(permissionRepository, new ChurchRepository());
var usernamePasswordRepository = new UsernamePasswordRepository(permissionRepository);
var groupRepository = new GroupRepository();
var messageRepository = new MessageRepository();
var messageRecepientRepository = new MessageRecepientRepository();
var messageAttachmentRepository = new MessageAttachmentRepository();
var emailSender = new EmailSender(messageRepository, messageRecepientRepository, messageAttachmentRepository, personRepository);
var churchEmailTemplatesRepository = new ChurchEmailTemplatesRepository();
var emailContentRepository = new EmailContentRepository();
var emailContentService = new EmailContentService(emailContentRepository);
var emailService = new EmailService(usernamePasswordRepository, personRepository, groupRepository, emailSender, emailContentService, churchEmailTemplatesRepository, permissionRepository);
IEventService eventTypeService = new EventService(eventTypeRepository, emailService, new BirthdayAndAniversaryRepository());
var newEvent = new EventDto();
eventTypeRepository
.Expect(e => e.SaveItem(newEvent))
.Return(1);
var result = eventTypeService.CreateEvent(newEvent);
Assert.That(result, Is.EqualTo(1));
}
public void TestAddPermissionWhenPermissionAlreadyExists()
{
#region Arrange
Controller.ControllerContext.HttpContext = new MockHttpContext(1, new[] { "" });
ControllerRecordFakes.FakeRoles(5, RoleRepository);
ControllerRecordFakes.FakeApplications(3, ApplicationRepository);
ControllerRecordFakes.FakeUsers(3, UserRepository);
var permissions = new List <Permission> {
CreateValidEntities.Permission(1)
};
permissions[0].Application = ApplicationRepository.GetNullableById(3);
permissions[0].User = UserRepository.GetNullableById(3);
permissions[0].Role = RoleRepository.GetNullableById(2);
ControllerRecordFakes.FakePermissions(1, PermissionRepository, permissions);
UserService.Expect(a => a.CanUserManageGivenLogin("Name3", "UserName", "LoginId3")).Return(true).Repeat.Any();
RoleService.Expect(a => a.GetVisibleByUser("Name3", "UserName")).Return(RoleRepository.Queryable).Repeat.Any();
PermissionRepository.Expect(a => a.EnsurePersistent(Arg <Permission> .Is.Anything)).Repeat.Any();
#endregion Arrange
#region Act
Controller.AddPermission("Name3", "LoginId3", 2);
#endregion Act
#region Assert
UserService.AssertWasCalled(a => a.CanUserManageGivenLogin("Name3", "UserName", "LoginId3"));
RoleService.AssertWasCalled(a => a.GetVisibleByUser("Name3", "UserName"));
PermissionRepository.AssertWasNotCalled(a => a.EnsurePersistent(Arg <Permission> .Is.Anything));
#endregion Assert
}
private void btn_roles_Click(object sender, EventArgs e)
{
UserLogic userLogic = new UserLogic();
RoleLogic roleLogic = new RoleLogic();
SingleUser singleUser = new SingleUser();
PermissionRepository PermissionRepo = new PermissionRepository(new PermissionContext());
var AllRoles = roleLogic.RetrieveAllRoles();
int pagePermission = 20;
User user;
user = new User(email);
userLogic.GetSingleUser(user);
bool hasPagePermission = PermissionRepo.CheckPermissionsFromRole(user.RetrieveRoleID(), pagePermission);
if (hasPagePermission == true)
{
this.Hide();
var roles = new RoleOverview(email);
roles.Closed += (s, args) => this.Close();
roles.Show();
}
else
{
MessageBox.Show("U heeft hier de rechten niet voor!");
}
}
/// <summary>
/// 初始化
/// </summary>
/// <param name="userRepository"></param>
/// <param name="roleRepository"></param>
/// <param name="userRoleAssRepository"></param>
/// <param name="permissionRepository"></param>
/// <param name="rolePermissionAssRepository"></param>
/// <param name="permissionFunctionOperationAssRepository"></param>
/// <param name="functionOperationRepository"></param>
/// <param name="httpContextAccessor"></param>
/// <param name="config"></param>
public PermissionHandler(UserRepository userRepository,
RoleRepository roleRepository,
UserRoleAssRepository userRoleAssRepository,
PermissionRepository permissionRepository,
RolePermissionAssRepository rolePermissionAssRepository,
PermissionFunctionOperationAssRepository permissionFunctionOperationAssRepository,
FunctionOperationRepository functionOperationRepository,
IHttpContextAccessor httpContextAccessor,
IConfiguration config)
{
if (config is null)
{
throw new ArgumentNullException(nameof(config));
}
_userRepository = userRepository ?? throw new ArgumentNullException(nameof(userRepository));
_roleRepository = roleRepository ?? throw new ArgumentNullException(nameof(roleRepository));
_userRoleAssRepository = userRoleAssRepository ?? throw new ArgumentNullException(nameof(userRoleAssRepository));
_permissionRepository = permissionRepository ?? throw new ArgumentNullException(nameof(permissionRepository));
_rolePermissionAssRepository = rolePermissionAssRepository ?? throw new ArgumentNullException(nameof(rolePermissionAssRepository));
_permissionFunctionOperationAssRepository = permissionFunctionOperationAssRepository ?? throw new ArgumentNullException(nameof(permissionFunctionOperationAssRepository));
_functionOperationRepository = functionOperationRepository ?? throw new ArgumentNullException(nameof(functionOperationRepository));
_httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
_tokenParameter = config.GetSection("TokenParameter").Get <PermissionRequirement>();
}
public void User4OnlyHasBothApplicationAndFieldLevelPermissionsForApp1()
{
var permissionRepository = new PermissionRepository(_aumentumSecurityQueryContext);
var permissions = permissionRepository.GetByUserProfileLoginId(TestDataBuilder.User4Id).ToList();
permissions.Count.ShouldBe(2);
var applicationLevelPermission = permissions.Single(x => x.Type == "application");
applicationLevelPermission.Name.ShouldBe("api.app1");
applicationLevelPermission.ApplicationName.ShouldBe("api.app1");
applicationLevelPermission.Type.ShouldBe("application");
applicationLevelPermission.CanCreate.ShouldBe(true);
applicationLevelPermission.CanView.ShouldBe(true);
applicationLevelPermission.CanModify.ShouldBe(true);
applicationLevelPermission.CanDelete.ShouldBe(true);
applicationLevelPermission.AppFunctionId.ShouldBe(TestDataBuilder.App1Id);
applicationLevelPermission.AppFunctionParentId.ShouldBe(0);
var fieldLevelPermission = permissions.Single(x => x.Type == "field");
fieldLevelPermission.Name.ShouldBe("res1");
fieldLevelPermission.ApplicationName.ShouldBe("api.app1");
fieldLevelPermission.Type.ShouldBe("field");
fieldLevelPermission.CanCreate.ShouldBe(true);
fieldLevelPermission.CanView.ShouldBe(true);
fieldLevelPermission.CanModify.ShouldBe(true);
fieldLevelPermission.CanDelete.ShouldBe(true);
fieldLevelPermission.AppFunctionId.ShouldBe(TestDataBuilder.App2Id);
fieldLevelPermission.AppFunctionParentId.ShouldBe(TestDataBuilder.App1Id);
}
public async Task <User> CheckPermission()
{
if (!_initialized)
{
throw new Exception("base controller not initialized");
}
var user = await GetCurrentUser();
var permissions = user.Role?.Permissions ?? 0;
var actionName = ControllerContext.RouteData.Values["action"].ToString();
var controllerName = ControllerContext.RouteData.Values["controller"].ToString();
var pr = new PermissionRepository();
var needPermissionBits = pr.GetPermissionBits(controllerName, actionName);
var res = permissions & needPermissionBits;
pr.Dispose();
if (res == needPermissionBits)
{
return(user);
}
//TODO вернуть после расстановки прав в БД
//throw new Exception("no permission to access");
return(user);
}
public ActionResult UserPermission(string id)
{
try
{
using (var context = new AppSecurityContext())
{
var userPermissionRep = new UserPermissionRepository(context);
var permissionRep = new PermissionRepository(context);
var userRep = new UserRepository(context);
var permissions = userPermissionRep.GetAll()
.Where(x => x.UserId == id);
var user = userRep.Find(id);
var model = new ListAppUserPermissionViewModel();
model.UserId = user.Id;
model.UserName = user.UserName;
model.UserPermissions = mapper.Map <IEnumerable <AppUserPermissionViewModel> >(permissions);
return(View(model));
}
}
catch
{
return(View("Users"));
}
}
public override bool IsValid(object value)
{
bool result = true;
try
{
if (value != null && value != "")
{
result = false;
int roleId = Convert.ToInt32(value);
DataLayerContext dlContext = new DataLayerContext();
PermissionRepository permissionRepository = new PermissionRepository(dlContext);
var permissionData = permissionRepository.Find(roleId);
if (permissionData != null && permissionData.PermissionId > 0)
{
result = true;
}
}
}
catch (Exception ex)
{
result = false;
}
return(result);
}
public ActionResult EditPermission(string id)
{ //Clave del resource
var model = new EditAppPermissionViewModel();
using (var context = new AppSecurityContext())
{
var actionRepository = new ActionRepository(context);
var resourceRepository = new ResourceRepository(context);
var permissionRepository = new PermissionRepository(context);
try
{
var actions = actionRepository.GetAll();
var resource = resourceRepository.Find(id);
var permissions = permissionRepository.GetAll().Where(x => x.ResourceKey == resource.Key);
var actionKeys = permissions.Select(x => x.ActionKey).ToArray();
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
model.SelectedActions = actionKeys;
model.ResourceKey = resource.Key;
model.ResourceName = resource.Name;
return(View(model));
}
catch (Exception ex)
{
ViewBag.Error = ex.Message;
return(View(model));
}
}
}
public PermissionsController(
IRepositoryAsync <Permission> repository,
ILogger <PermissionsController> logger)
{
_permissionsRepository = repository as PermissionRepository;
_logger = logger;
}
public override bool IsValid(object value)
{
long permissionId = Convert.ToInt64(value.ToString());
PermissionRepository permissionRepository = this.permissionApplication.DetailById(permissionId);
return(permissionRepository.Id > 0);
}
public PermissionBLL()
{
UserRepository = new UserRepository();
RoleRepository = new RoleRepository();
PermissionRepository = new PermissionRepository();
SpecialPermissionRepository = new SpecialPermissionRepository();
}
public bool UserCheckPermission(int userId, int permissionId)
{
var user = UserRepository.UserGetById(userId);
var permission = PermissionRepository.PermissionGetById(permissionId);
SpecialPermission specialPermission = null;
if (permission != null)
{
specialPermission = SpecialPermissionRepository.SpecialPermissionGetByUserIdAndPermissionName(user.Id, permission.Name);
}
if (user != null && UserCheckRole(user.Id, (int)Roles.Administrator))
{
return(true);
}
if (user == null || permission == null)
{
return(false);
}
if (specialPermission != null)
{
return(true);
}
return(false);
}
public AddGroupForm(GroupRepository groupRepository,
PermissionRepository permissionRepository)
{
this.groupRepository = groupRepository;
this.permissionRepository = permissionRepository;
InitializeComponent();
Translator.Translate(this);
if (this is AddAdminGroupForm)
{
gb_Permissions.Visible = false;
MinimumSize = new Size(816, 221);
Size = new Size(816, 221);
}
else
{
int i = 0;
var permissions = permissionRepository.GetAll();
foreach (var permission in permissions)
{
var backColor = i++ % 2 == 0 ? lvAvailablePermissions.BackColor : Color.LightBlue;
var item = permission.ToListViewItem(backColor);
lvAvailablePermissions.Items.Add(item);
}
}
}
public void TestAddPermission()
{
#region Arrange
Controller.ControllerContext.HttpContext = new MockHttpContext(1, new[] { "" });
ControllerRecordFakes.FakeRoles(5, RoleRepository);
ControllerRecordFakes.FakeApplications(3, ApplicationRepository);
ControllerRecordFakes.FakeUsers(3, UserRepository);
ControllerRecordFakes.FakePermissions(1, PermissionRepository);
UserService.Expect(a => a.CanUserManageGivenLogin("Name3", "UserName", "LoginId3")).Return(true).Repeat.Any();
RoleService.Expect(a => a.GetVisibleByUser("Name3", "UserName")).Return(RoleRepository.Queryable).Repeat.Any();
PermissionRepository.Expect(a => a.EnsurePersistent(Arg <Permission> .Is.Anything)).Repeat.Any();
#endregion Arrange
#region Act
Controller.AddPermission("Name3", "LoginId3", 2);
#endregion Act
#region Assert
UserService.AssertWasCalled(a => a.CanUserManageGivenLogin("Name3", "UserName", "LoginId3"));
RoleService.AssertWasCalled(a => a.GetVisibleByUser("Name3", "UserName"));
PermissionRepository.AssertWasCalled(a => a.EnsurePersistent(Arg <Permission> .Is.Anything));
var args = (Permission)PermissionRepository.GetArgumentsForCallsMadeOn(a => a.EnsurePersistent(Arg <Permission> .Is.Anything))[0][0];
Assert.IsNotNull(args);
Assert.AreEqual("Name2", args.Role.Name);
Assert.AreEqual("LoginId3", args.User.LoginId);
Assert.AreEqual("Name3", args.Application.ToString());
Assert.IsFalse(args.Inactive);
#endregion Assert
}
public CategoryProcessor(CategoryRepository categoryRepository, PermissionRepository permissionRepository,
XsltTransformationManager xsltTransformationManager, IKernel container)
: base(xsltTransformationManager, container)
{
m_categoryRepository = categoryRepository;
m_permissionRepository = permissionRepository;
}
public async Task DeleteAsync_EntityNotExist_ReturnFalse()
{
// Arrange
var authenticateUser = new AuthenticateUser <int>()
{
Name = "codedesignplus",
IdUser = new Random().Next(0, int.MaxValue),
IsAuthenticated = true,
IsApplication = false,
};
var builder = new DbContextOptionsBuilder <CodeDesignPlusContextInMemory>();
var options = builder.UseInMemoryDatabase(nameof(OperationBaseTest)).Options;
var context = new CodeDesignPlusContextInMemory(options);
var repository = new PermissionRepository(authenticateUser, context);
// Act
var success = await repository.DeleteAsync(new Random().Next(1, int.MaxValue));
// Assert
Assert.False(success);
}
public void Deveria_Buscar_Todas_Permissoes()
{
var list = PermissionRepository.GetAll();
Assert.IsNotNull(list);
Assert.AreEqual(8, list.Count);
}
public UnitOfWork(DbEntities context)
{
_context = context;
Persons = new PersonRepository(_context);
Permissions = new PermissionRepository(_context);
PersonPermissions = new PersonPermissionRepository(_context);
}
public CreateRoleWork(PermissionRepository permissionRepository, CommunicationProvider communicationProvider, string roleName, string description) : base(permissionRepository)
{
m_permissionRepository = permissionRepository;
m_communicationProvider = communicationProvider;
m_roleName = roleName;
m_description = description;
}
public ActionResult CreateUserPermission(NewAppUserPermissionViewModel model)
{
using (var context = new AppSecurityContext())
{
var actionRepository = new ActionRepository(context);
var permissionRepository = new PermissionRepository(context);
var userPermissionRepository = new UserPermissionRepository(context);
var userRepository = new UserRepository(context);
try
{
var actions = actionRepository.Query(x => model.SelectedActions.Contains(x.Key)).Select(x => x.Key);
var permission = permissionRepository
.GetAll()
.Where(x => x.ResourceKey == model.SelectedResource)
.Where(x => actions.Contains(x.ActionKey));
userPermissionRepository.AddPermissionsByUserId(model.User.Id, permission.Select(x => x.Id).ToArray());
context.SaveChanges();
return(RedirectToAction("UserPermission", new { id = model.User.Id }));
}
catch (Exception ex)
{
ViewBag.Error = ex.Message;
var actions = actionRepository.GetAll().OrderBy(x => x.Name);
var user = userRepository.Find(model.User.Id);
model.User = mapper.Map <AppUserViewModel>(user);
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
model.ResourcesList = PopulateResourceFromNewUserPermission(model.SelectedResource);
return(View(model));
}
}
}
public bool IsEnabledFor(int userId, string permissionCode)
{
var repository = new PermissionRepository();
var isGranted = repository.IsGrantedTo(userId, permissionCode);
return(isGranted);
}
public ActionResult CreateRole(NewAppRoleViewModel model)
{
var context = new AppSecurityContext();
var rolRepository = new RoleRepository(context);
var permissionRepository = new PermissionRepository(context);
var rolePermissionRepository = new RolePermissionRepository(context);
if (ModelState.IsValid)
{
var role = mapper.Map <AppRole>(model);
role.Id = Guid.NewGuid().ToString();
rolRepository.Add(role);
if (model.SelectedPermissions == null)
{
model.SelectedPermissions = new int[0];
}
foreach (var permissionId in model.SelectedPermissions)
{
rolePermissionRepository.Add(new AppRolePermission {
PermissionId = permissionId, RoleId = role.Id
});
}
context.SaveChanges();
return(RedirectToAction("Roles", "SecuritySettings"));
}
var permissions = permissionRepository.GetAll();
model.AvailablePermissions = mapper.Map <ICollection <AppPermissionViewModel> >(permissions);
return(View(model));
}
public void GetFirstPermissionTest()
{
var repo = new PermissionRepository();
var user1 = repo.ReadPermission(1);
Assert.True(user1.Id == 1);
}
public void Dispose()
{
if (UserRepository != null)
{
UserRepository.Dispose();
UserRepository = null;
}
if (RoleRepository != null)
{
RoleRepository.Dispose();
RoleRepository = null;
}
if (PermissionRepository != null)
{
PermissionRepository.Dispose();
PermissionRepository = null;
}
if (SpecialPermissionRepository != null)
{
SpecialPermissionRepository.Dispose();
SpecialPermissionRepository = null;
}
}
public void TestAddPermissionThrowsExceptionIfCurrentUserDoesNotHaveRights1()
{
try
{
#region Arrange
Controller.ControllerContext.HttpContext = new MockHttpContext(1, new[] { "" });
ControllerRecordFakes.FakeApplications(3, ApplicationRepository);
ControllerRecordFakes.FakeRoles(5, RoleRepository);
ControllerRecordFakes.FakeUsers(3, UserRepository);
ControllerRecordFakes.FakePermissions(1, PermissionRepository);
UserService.Expect(a => a.CanUserManageGivenLogin("Name3", "UserName", "LoginId3")).Return(false).Repeat.Any();
PermissionRepository.Expect(a => a.EnsurePersistent(Arg <Permission> .Is.Anything)).Repeat.Any();
#endregion Arrange
#region Act
Controller.AddPermission("Name3", "LoginId3", 3);
#endregion Act
}
catch (Exception ex)
{
#region Assert
Assert.IsNotNull(ex);
Assert.AreEqual("UserName does not have access to manage LoginId3 within the Name3 application", ex.Message);
UserService.AssertWasCalled(a => a.CanUserManageGivenLogin("Name3", "UserName", "LoginId3"));
PermissionRepository.AssertWasNotCalled(a => a.EnsurePersistent(Arg <Permission> .Is.Anything));
#endregion Assert
throw;
}
}
public void CanSavePersonToSampleChurch()
{
var noPeopleInSampleChurch = _context.PersonChurches.Count(pc => pc.ChurchId == 6);
var permissionRepository = new PermissionRepository();
var churchRepository = new ChurchRepository();
var personRepository = new PersonRepository(permissionRepository, churchRepository);
var emailSender = new EmailSender(new MessageRepository(), new MessageRecepientRepository(), new MessageAttachmentRepository(), personRepository);
var churchEmailTemplateRepository = new ChurchEmailTemplatesRepository();
var emailService = new EmailService(new UsernamePasswordRepository(permissionRepository), personRepository, new GroupRepository(), emailSender, new EmailContentService(new EmailContentRepository()), churchEmailTemplateRepository, permissionRepository);
var uploadPhotoRepository = new PhotoRepository();
var personService = new PersonService(
personRepository,
new PersonGroupRepository(personRepository),
permissionRepository,
new PersonRoleRepository(),
new PersonOptionalFieldRepository(),
new RelationshipRepository(personRepository),
new ChurchMatcherRepository(),
new GroupRepository(),
new FamilyRepository(uploadPhotoRepository),
emailService,
new AddressRepository(),
uploadPhotoRepository
);
personService.SavePersonToSampleChurch("test1", "test1", "liveId1", "", "", 47);
var updatedNoPeopleInSampleChurch = _context.PersonChurches.Count(pc => pc.ChurchId == 6);
Assert.That(updatedNoPeopleInSampleChurch, Is.EqualTo(noPeopleInSampleChurch + 1));
}
public void GetAllPermissions()
{
var permissionRepository = new PermissionRepository(_aumentumSecurityQueryContext);
var permissions = permissionRepository.GetAll().ToList();
permissions.Count.ShouldBe(5);
}
public ActionResult CreatePermission(NewAppPermissionViewModel model)
{
using (var context = new AppSecurityContext())
{
var actionRepository = new ActionRepository(context);
var resourceRepository = new ResourceRepository(context);
var permissionRepository = new PermissionRepository(context);
try
{
var resource = resourceRepository.Find(model.SelectedResource);
var actions = actionRepository.Query(x => model.SelectedActions.Contains(x.Key));
foreach (var action in actions)
{
var permission = new AppPermission();
permission.Action = action;
permission.Resource = resource;
permissionRepository.Add(permission);
}
context.SaveChanges();
return(RedirectToAction("Permissions"));
}
catch (Exception ex)
{
ViewBag.Error = ex.Message;
var actions = actionRepository.GetAll().OrderBy(x => x.Name);
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
model.ResourcesList = PopulateResourcesForNewPermission(model.SelectedResource);
return(View(model));
}
}
}
public PermissionAssigment(Int32 roleId, Int32 permissionId)
{
this.roleId = roleId;
this.permissionId = permissionId;
this.roleRepository = new RoleRepository();
this.permissionRepository = new PermissionRepository();
}
public IHttpActionResult PostPermissions([FromBody]List<Permission> permissions)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
PermissionRepository permissionRepo = new PermissionRepository(new MyRoomDbContext());
permissionRepo.InsertPermissions(permissions);
return Ok("Permission Saved");
}
protected void Application_Start()
{
Database.SetInitializer<DataContext>(new DataContextInitializer());
_permissionRepository = new PermissionRepository();
_typeOfRegistrationRepository = new TypeOfRegistrationRepository();
_permissionRepository.Creates();
_typeOfPaymentRepository = new TypeOfPaymentRepository();
_typeOfPaymentRepository.Creates();
_typeOfRegistrationRepository.Creates();
AreaRegistration.RegisterAllAreas();
BundleConfig.RegisterBundles(BundleTable.Bundles);
WebApiConfig.Register(GlobalConfiguration.Configuration);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin");
if (allowedOrigin == null) allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var IsAdmins = false;
List<IdentityUserRole> userRoles;
var rolName = "";
var idUser = "";
using (AccountRepository _repo = new AccountRepository(new MyRoomDbContext()))
{
IdentityUser user = await _repo.FindUser(context.UserName, context.Password);
idUser = user.Id;
userRoles = user.Roles.ToList();
var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new MyRoomDbContext()));
foreach (var userRole in userRoles)
{
var role = roleManager.FindById(userRole.RoleId);
rolName = role.Name;
if (role.Name == "Admins") IsAdmins = true;
}
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
//Buscar las respectivas opciones del usuario para setear las 7 variables de los acceso y enviarlo por el Claim
PermissionRepository prRepository = new PermissionRepository(new MyRoomDbContext());
var permisions = prRepository.GetById(idUser).ToList();
string opcion1 = "",
opcion2 = "",
opcion3 = "",
opcion4 = "",
opcion5 = "",
opcion6 = "";
foreach (var um in permisions)
{
if (um.IdPermission.ToString() == "1")
{
opcion1 = "1";
}
if (um.IdPermission.ToString() == "2")
{
opcion2 = "2";
}
if (um.IdPermission.ToString() == "3")
{
opcion3 = "3";
}
if (um.IdPermission.ToString() == "4")
{
opcion4 = "4";
}
if (um.IdPermission.ToString() == "5")
{
opcion5 = "5";
}
if (um.IdPermission.ToString() == "6")
{
opcion6 = "6";
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Role, rolName));
identity.AddClaim(new Claim("role", "user"));
identity.AddClaim(new Claim("sub", context.UserName));
var props = new AuthenticationProperties(new Dictionary<string, string>
{
{
"as:client_id", (context.ClientId == null) ? string.Empty : context.ClientId
},
{
"userName", context.UserName
},
{
"rol", IsAdmins.ToString()
},
{
"opcion1", opcion1
},
{
"opcion2", opcion2
},
{
"opcion3", opcion3
},
{
"opcion4", opcion4
},
{
"opcion5", opcion5
},
{
"opcion6", opcion6
}
});
var ticket = new AuthenticationTicket(identity, props);
context.Validated(ticket);
}
public IHttpActionResult GetUserPermissions(string userId)
{
PermissionRepository permissionRepository = new PermissionRepository(new MyRoomDbContext());
return Ok( permissionRepository.GetById(userId));
}
private static SelectList GetPermissionLoaded(PermissionRepository permissionRepository, int permissionID = 0)
{
return new SelectList(permissionRepository.GetAlls(), dataTextField: nameof(PermissionViewModel.Name), dataValueField: nameof(PermissionViewModel.PermissionID), selectedValue: permissionID);
}
