public async Task <IActionResult> GetDepartmentByApp([FromBody] UserPerModel model) { List <GroupUserAll> listData = new List <GroupUserAll>(); try { var listUserInGroup = new List <AdUserInGroup>(); if (string.IsNullOrEmpty(model.UserId)) { var listGroup = _context.AdGroupUsers.Where(x => x.IsEnabled).OrderBy(x => x.Title).AsNoTracking().ToList(); listData = GetSubTreeGroupUser(listGroup, listUserInGroup, null, new List <GroupUserAll>(), "", false); } else { var user = await _context.Users.FirstOrDefaultAsync(x => x.Id == model.UserId); if (user != null) { listData = _context.AdUserInGroups.Where(x => x.UserId == user.Id && x.ApplicationCode == model.AppCode) .Select(x => new GroupUserAll { GroupCode = x.GroupUserCode, Title = x.GroupUser.Title, RoleId = x.RoleId, IsMain = x.IsMain, IsChecked = true, HasChild = false }).AsNoTracking().ToList(); } } } catch (Exception e) { } return(Json(listData)); }
public async Task <JsonResult> UpdateUserPermission([FromBody] UserPerModel model) { JMessage msg = new JMessage { Error = true, Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_FAIL"), CommonUtil.ResourceValue("PERMISSION").ToLower()) }; string userName = string.Empty; try { var user = await _context.Users.FirstOrDefaultAsync(x => x.Id == model.UserId); if (user != null) { var app = await _context.AdApplications.FirstOrDefaultAsync(x => x.ApplicationCode == model.AppCode); if (app != null) { // Update user is exceeded permission user.IsExceeded = model.IsExceeded; //// Update Branch Reference //var oldBranchRef = user.OrgReference; //user.OrgReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : ""; user.UpdatedDate = DateTime.Now; user.UpdatedBy = ESEIM.AppContext.UserName; _context.Update(user); //_actionLog.InsertActionLog("ASP_NET_USERS", "Update success branch reference of user: "******"Update", false, user.UserName); // Update Group User and Permission var listOldGroup = _context.AdUserInGroups.Where(x => x.UserId == user.Id && x.ApplicationCode == app.ApplicationCode).ToList(); var listOldPermissionAll = _context.AdPermissions.Where(x => x.ApplicationCode == app.ApplicationCode && x.UserId == user.Id && listOldGroup.Any(y => y.GroupUserCode == x.GroupUserCode)).ToList(); if (model.GroupUsers.Count > 0) { var listOldGroupDel = listOldGroup.Where(x => model.GroupUsers.All(y => y.GroupCode != x.GroupUserCode)).ToList(); _context.RemoveRange(listOldGroupDel); // Remove all old group not selected var listOldPermissionDel = listOldPermissionAll.Where(x => model.GroupUsers.All(y => y.GroupCode != x.GroupUserCode || (y.GroupCode == x.GroupUserCode && y.RoleId != x.RoleId))).ToList(); _context.RemoveRange(listOldPermissionDel); // Remove all old permission var listPermissionAll = _context.AdPermissions.Where(x => x.ApplicationCode == model.AppCode && model.GroupUsers.Any(y => y.GroupCode == x.GroupUserCode && y.RoleId == x.RoleId)).ToList(); var listPermissionDefault = listPermissionAll.Where(x => x.UserId == null).ToList(); var listPermissionUser = listPermissionAll.Where(x => x.UserId == model.UserId).ToList(); foreach (var groupUser in model.GroupUsers) { var oldGroup = listOldGroup.FirstOrDefault(x => x.GroupUserCode == groupUser.GroupCode && x.ApplicationCode == model.AppCode); var listPerDefaultGroup = listPermissionDefault.Where(x => x.GroupUserCode == groupUser.GroupCode && x.ApplicationCode == model.AppCode); if (oldGroup != null) { //if (groupUser.RoleId != oldGroup.RoleId) //{ // Update user in group oldGroup.BranchReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : ""; if (!oldGroup.IsMain) { oldGroup.RoleId = groupUser.RoleId; } oldGroup.GrantAll = true; _context.Update(oldGroup); // Update entity //} } else { // Add user to group var userInGroup = new AdUserInGroup(); userInGroup.UserId = model.UserId; userInGroup.GroupUserCode = groupUser.GroupCode; userInGroup.ApplicationCode = model.AppCode; userInGroup.RoleId = groupUser.RoleId; userInGroup.GrantAll = true; userInGroup.BranchReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : ""; _context.Add(userInGroup); // Add entity } // Add or Update permission if (groupUser.Resources != null && groupUser.Resources.Count > 0) { groupUser.Resources = groupUser.Resources.Where(x => x.HasPermission && !x.IsFunction).ToList(); // Get all permission need remove var permissionDel = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && !groupUser.Resources.Any(y => y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode)); _context.RemoveRange(permissionDel); // Remove all permission not in selected // Get all permission need update var permissionUpdate = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && groupUser.Resources.Any(y => y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode)).ToList(); if (permissionUpdate.Count > 0) { foreach (var perUpdate in permissionUpdate) { var resUpdate = groupUser.Resources.FirstOrDefault(y => y.FunctionCode == perUpdate.FunctionCode && y.Code == perUpdate.ResourceCode); perUpdate.ExpiredDate = resUpdate?.ExpiredDate; } } // Get all permission need add var permissionAdd = groupUser.Resources.Where(x => !listPermissionUser.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code && y.GroupUserCode == groupUser.GroupCode && y.RoleId == groupUser.RoleId)) .Select(x => new AdPermission { ApplicationCode = model.AppCode, FunctionCode = x.FunctionCode, ResourceCode = x.Code, GroupUserCode = groupUser.GroupCode, UserId = model.UserId, RoleId = groupUser.RoleId, ExpiredDate = x.ExpiredDate, }).ToList(); _context.AddRange(permissionAdd); // Add entity } else { //var permissionDel = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && !listPerDefaultGroup.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.ResourceCode)); //_context.RemoveRange(permissionDel); // Remove all permission not in selected var permissionAdd = listPerDefaultGroup.Where(x => !listPermissionUser.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.ResourceCode && y.GroupUserCode == groupUser.GroupCode && y.RoleId == groupUser.RoleId)) .Select(x => new AdPermission { ApplicationCode = x.ApplicationCode, FunctionCode = x.FunctionCode, ResourceCode = x.ResourceCode, GroupUserCode = x.GroupUserCode, UserId = model.UserId, RoleId = x.RoleId, }).ToList(); _context.AddRange(permissionAdd); // Add entity } } } else { _context.RemoveRange(listOldGroup); // Remove all old group _context.RemoveRange(listOldPermissionAll); // Remove all old permission } //_actionLog.InsertActionLog("VIB_PERMISSION", "Update success permission for user: "******"Update", false, user.UserName); var result = await _context.SaveChangesAsync(); msg.Error = false; msg.Title = "Update user permission successfully"; } else { msg.Title = "Application is not exists in system!"; } } else { msg.Title = "User is not exists in system!"; } } catch (Exception ex) { //_actionLog.InsertActionLog("VIB_PERMISSION", "Update failed permission for user " + userName + " : " + ex.Message, null, null, "Error", true, userName); msg.Object = ex; } return(Json(msg)); }
public async Task <IActionResult> GetResourceOfGroup([FromBody] UserPerModel model) { List <AdResourcePermission> result = new List <AdResourcePermission>(); try { var listPermissionAll = await _context.AdPermissions.Include(i => i.Function).ThenInclude(i => i.Parent).Where(x => x.ApplicationCode == model.AppCode && x.GroupUserCode == model.GroupCode && x.RoleId == model.RoleId).ToListAsync(); var listPermissionDefault = listPermissionAll.Where(x => x.UserId == null).ToList(); var listPermissionUser = listPermissionAll.Where(x => x.UserId == model.UserId).ToList(); var countPermissionUser = listPermissionUser.Count; if (listPermissionDefault.Count > 0) { var groupFunction = listPermissionDefault.GroupBy(g => g.Function).OrderBy(o => o.Key.ParentCode).ThenBy(t => t.Key.FunctionCode).ToList(); var groupFunctionParent = listPermissionDefault.GroupBy(g => g.Function.ParentCode).OrderBy(o => o.Key).ToList(); if (groupFunctionParent.Count > 0) { var listFunctionAll = await _context.AdFunctions.Where(x => groupFunctionParent.Any(y => y.Key == x.FunctionCode || y.Key == x.ParentCode)).ToListAsync(); var listPrivilege = await _context.AdPrivileges.Include(x => x.Function).Include(x => x.Resource).Where(x => x.Resource.Status && groupFunctionParent.Any(y => y.Key == x.FunctionCode || y.Key == x.Function.ParentCode)).ToListAsync(); foreach (var funcParent in groupFunctionParent) { var function = listFunctionAll.First(x => (funcParent.Key == null && funcParent.Any(y => y.FunctionCode == x.FunctionCode)) || x.FunctionCode == funcParent.Key);//funcParent.Key; // Get all resource of function var listPrivilegeOfFunction = listPrivilege.Where(x => x.FunctionCode == function.FunctionCode).ToList(); if (listPrivilegeOfFunction.Count > 0) { var defaultFunction = new AdResourcePermission(); defaultFunction.Id = function.FunctionId; defaultFunction.Code = function.FunctionCode; defaultFunction.Title = function.Title; defaultFunction.Description = function.Description; defaultFunction.Api = string.Empty; defaultFunction.Path = string.Empty; defaultFunction.Ord = function.Ord; defaultFunction.ParentCode = function.ParentCode; defaultFunction.FunctionCode = function.FunctionCode; defaultFunction.FunctionName = function.Title; defaultFunction.HasPermission = true; defaultFunction.IsFunction = true; result.Add(defaultFunction); // Add first function var query = from pr in listPrivilegeOfFunction join gfr in funcParent on pr.ResourceCode equals gfr.ResourceCode into grpFunc from fr in grpFunc.DefaultIfEmpty() let perUser = listPermissionUser.FirstOrDefault(x => x.FunctionCode == pr.FunctionCode && x.ResourceCode == pr.ResourceCode) select new AdResourcePermission { Id = pr.PrivilegeId, Code = pr.Resource.ResourceCode, Title = pr.Resource.Title, Description = pr.Resource.Description, Api = pr.Resource.Api, Path = pr.Resource.Path, Ord = pr.Resource.Ord, Style = pr.Resource.Style, Scope = pr.Resource.Scope, ParentCode = pr.Resource.ParentCode, FunctionCode = pr.FunctionCode, FunctionName = pr.Function.Title, ExpiredDate = perUser?.ExpiredDate, IsFunction = false, HasPermission = (countPermissionUser == 0 && fr != null) || perUser != null }; result.AddRange(query); } // Get all function child and resource var groupFunctionChild = listFunctionAll.Where(x => x.ParentCode == function.FunctionCode).ToList(); if (groupFunctionChild.Count > 0) { foreach (var funcChild in groupFunctionChild) { function = funcChild; // Get all resource of function listPrivilegeOfFunction = listPrivilege.Where(x => x.FunctionCode == function.FunctionCode).ToList(); if (listPrivilegeOfFunction.Count > 0) { var defaultFunction = new AdResourcePermission(); defaultFunction.Id = function.FunctionId; defaultFunction.Code = function.FunctionCode; defaultFunction.Title = function.Title; defaultFunction.Description = function.Description; defaultFunction.Api = string.Empty; defaultFunction.Path = string.Empty; defaultFunction.Ord = function.Ord; defaultFunction.ParentCode = function.ParentCode; defaultFunction.FunctionCode = function.FunctionCode; defaultFunction.FunctionName = function.Title; defaultFunction.HasPermission = true; defaultFunction.IsFunction = true; result.Add(defaultFunction); // Add first function var grpFunctionChild = groupFunction.FirstOrDefault(x => x.Key.FunctionCode == function.FunctionCode); if (grpFunctionChild == null) { var query = from pr in listPrivilegeOfFunction let perUser = listPermissionUser.FirstOrDefault(x => x.FunctionCode == pr.FunctionCode && x.ResourceCode == pr.ResourceCode) select new AdResourcePermission { Id = pr.PrivilegeId, Code = pr.Resource.ResourceCode, Title = pr.Resource.Title, Description = pr.Resource.Description, Api = pr.Resource.Api, Path = pr.Resource.Path, Ord = pr.Resource.Ord, Style = pr.Resource.Style, Scope = pr.Resource.Scope, ParentCode = pr.Resource.ParentCode, FunctionCode = pr.FunctionCode, FunctionName = pr.Function.Title, ExpiredDate = perUser?.ExpiredDate, IsFunction = false, HasPermission = perUser != null }; result.AddRange(query); } else { var query = from pr in listPrivilegeOfFunction join gfr in grpFunctionChild on pr.ResourceCode equals gfr.ResourceCode into grpFunc from fr in grpFunc.DefaultIfEmpty() let perUser = listPermissionUser.FirstOrDefault(x => x.FunctionCode == pr.FunctionCode && x.ResourceCode == pr.ResourceCode) select new AdResourcePermission { Id = pr.PrivilegeId, Code = pr.Resource.ResourceCode, Title = pr.Resource.Title, Description = pr.Resource.Description, Api = pr.Resource.Api, Path = pr.Resource.Path, Ord = pr.Resource.Ord, Style = pr.Resource.Style, Scope = pr.Resource.Scope, ParentCode = pr.Resource.ParentCode, FunctionCode = pr.FunctionCode, FunctionName = pr.Function.Title, ExpiredDate = perUser?.ExpiredDate, IsFunction = false, HasPermission = (countPermissionUser == 0 && fr != null) || perUser != null }; result.AddRange(query); } } } } } } else { //var groupFunction = listPermissionDefault.GroupBy(g => g.Function).OrderBy(o => o.Key.ParentCode).ThenBy(t => t.Key.FunctionCode).ToList(); if (groupFunction.Count > 0) { var listPrivilege = await _context.AdPrivileges.Include(x => x.Function).Include(x => x.Resource).Where(x => x.Resource.Status && groupFunction.Any(y => y.Key.FunctionCode == x.FunctionCode)).ToListAsync(); foreach (var groupfunc in groupFunction) { var function = groupfunc.Key; // Get all resource of function var listPrivilegeOfFunction = listPrivilege.Where(x => x.FunctionCode == function.FunctionCode).ToList(); if (listPrivilegeOfFunction.Count > 0) { var defaultFunction = new AdResourcePermission(); defaultFunction.Id = function.FunctionId; defaultFunction.Code = function.FunctionCode; defaultFunction.Title = function.Title; defaultFunction.Description = function.Description; defaultFunction.Ord = function.Ord; defaultFunction.ParentCode = function.ParentCode; defaultFunction.FunctionCode = function.FunctionCode; defaultFunction.FunctionName = function.Title; defaultFunction.HasPermission = true; defaultFunction.IsFunction = true; result.Add(defaultFunction); // Add first function var query = from pr in listPrivilegeOfFunction join gfr in groupfunc on pr.ResourceCode equals gfr.ResourceCode into grpFunc from fr in grpFunc.DefaultIfEmpty() let perUser = listPermissionUser.FirstOrDefault(x => x.FunctionCode == pr.FunctionCode && x.ResourceCode == pr.ResourceCode) select new AdResourcePermission { Id = pr.PrivilegeId, Code = pr.Resource.ResourceCode, Title = pr.Resource.Title, Description = pr.Resource.Description, Api = pr.Resource.Api, Path = pr.Resource.Path, Ord = pr.Resource.Ord, Style = pr.Resource.Style, Scope = pr.Resource.Scope, ParentCode = pr.Resource.ParentCode, FunctionCode = pr.FunctionCode, FunctionName = pr.Function.Title, ExpiredDate = perUser?.ExpiredDate, IsFunction = false, HasPermission = (countPermissionUser == 0 && fr != null) || perUser != null }; result.AddRange(query); } } } } } } catch (Exception e) { } return(Json(result)); }