protected virtual PermissionCheckResult IsAllowedByPermission(PermissionCheckRequest request, List <string> permissionList) { PermissionCheckResult checkResult = new PermissionCheckResult(); checkResult.RequestedPermission = request.Permission; checkResult.PermissionResolveMode = PermissionResolveMode.Default; PermissionSearchObject permissionSearch = new PermissionSearchObject(); permissionSearch.NameWithHierarchy = request.Permission; permissionSearch.RetrieveAll = true; var permissionResult = PermissionService.Value.GetPage(permissionSearch); foreach (var currentPermission in permissionList.OrderByDescending(x => x.Length)) { var permissionSelect = permissionResult.ResultList.Where(y => y.Name.Equals(currentPermission, StringComparison.InvariantCultureIgnoreCase)).ToList(); //first check is this permission disabled in any role if (permissionSelect.Any(x => x.IsAllowed == false)) { checkResult.IsAllowed = false; checkResult.ResolvedByPermission = currentPermission; break; } //is this method allowed in any role else if (permissionSelect.Any(x => x.IsAllowed == true)) { checkResult.IsAllowed = true; checkResult.ResolvedByPermission = currentPermission; break; } } return(checkResult); }
protected override void AddFilter(PermissionSearchObject search, ref IQueryable <Permission> query) { if (!string.IsNullOrWhiteSpace(search.NameWithHierarchy)) { List <string> permissionList = new List <string>(); search.NameList.Add(search.NameWithHierarchy); string[] permissionParts = search.NameWithHierarchy.Split('.'); StringBuilder previousPermissionPart = new StringBuilder(); for (int i = 0; i < permissionParts.Length - 1; i++) { string permissionPart = permissionParts[i]; previousPermissionPart.Append(permissionPart + "."); string permission = previousPermissionPart.ToString() + "*"; search.NameList.Add(permission); } //add root permission to list search.NameList.Add("*"); } base.AddFilter(search, ref query); }