public ActionResult DetailsUser(string id)
{
var context = new AppSecurityContext();
var userRepository = new UserRepository(context);
var roleRepository = new RoleRepository(context);
var userPermissionRep = new UserPermissionRepository(context);
var user = userRepository.Find(id);
var roles = roleRepository.GetRolesByUserId(user.Id);
var model = new DetailsAppUserViewModel();
model.Email = user.Email;
model.Id = user.Id;
model.AssignedRoles = new List <AppRoleViewModel>();
foreach (var item in roles)
{
model.AssignedRoles.Add(new AppRoleViewModel {
Id = item.Id, Name = item.Name
});
}
var permissions = userPermissionRep.GetAll()
.Where(x => x.UserId == id);
model.UserPermissions = mapper.Map <IEnumerable <AppUserPermissionViewModel> >(permissions);
return(View(model));
}
public virtual EntityPermission Validate(Type entityType, int userId)
{
UserBase user;
using (var uow = UnitOfWorkFactory.CreateWithoutRoot()) {
user = UserRepository.GetUserById(uow, userId);
//Разрешено изменять документ если пользователь администратор и отключена проверка прав администратора
if (user != null && user.IsAdmin && NoRestrictPermissionsForAdmin)
{
return(EntityPermission.AllAllowed);
}
var permissionAttr = entityType.GetCustomAttribute <EntityPermissionAttribute>();
if (permissionAttr == null)
{
return(EntityPermission.AllDenied);
}
var userPermission = UserPermissionRepository.GetUserEntityPermission(uow, entityType.Name, userId);
if (userPermission == null)
{
return(EntityPermission.Empty);
}
else
{
return(new EntityPermission(
userPermission.CanCreate,
userPermission.CanRead,
userPermission.CanUpdate,
userPermission.CanDelete
));
}
}
}
public ActionResult CreateUserPermission(string id)
{
var model = new NewAppUserPermissionViewModel();
using (var context = new AppSecurityContext())
{
var resourcesRepository = new ResourceRepository(context);
var userPermissionRository = new UserPermissionRepository(context);
var userRepository = new UserRepository(context);
var actionRepository = new ActionRepository(context);
var user = userRepository.Find(id);
if (user == null)
{
RedirectToAction("Users");
}
var actions = actionRepository.GetAll().OrderBy(x => x.Name);
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
model.User = mapper.Map <AppUserViewModel>(user);
model.ResourcesList = PopulateResourceFromNewUserPermission(id);
return(View(model));
}
}
public ActionResult CreateUserPermission(NewAppUserPermissionViewModel model)
{
using (var context = new AppSecurityContext())
{
var actionRepository = new ActionRepository(context);
var permissionRepository = new PermissionRepository(context);
var userPermissionRepository = new UserPermissionRepository(context);
var userRepository = new UserRepository(context);
try
{
var actions = actionRepository.Query(x => model.SelectedActions.Contains(x.Key)).Select(x => x.Key);
var permission = permissionRepository
.GetAll()
.Where(x => x.ResourceKey == model.SelectedResource)
.Where(x => actions.Contains(x.ActionKey));
userPermissionRepository.AddPermissionsByUserId(model.User.Id, permission.Select(x => x.Id).ToArray());
context.SaveChanges();
return(RedirectToAction("UserPermission", new { id = model.User.Id }));
}
catch (Exception ex)
{
ViewBag.Error = ex.Message;
var actions = actionRepository.GetAll().OrderBy(x => x.Name);
var user = userRepository.Find(model.User.Id);
model.User = mapper.Map <AppUserViewModel>(user);
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
model.ResourcesList = PopulateResourceFromNewUserPermission(model.SelectedResource);
return(View(model));
}
}
}
private Dictionary <string, bool> GetUserPermissions(int userId)
{
var fld = UserPermissionRow.Fields;
return(Cache.GetLocalStoreOnly("UserPermissions:" + userId, TimeSpan.Zero, fld.GenerationKey, () =>
{
using (var connection = SqlConnections.NewByKey("Default"))
{
var result = new Dictionary <string, bool>(StringComparer.OrdinalIgnoreCase);
connection.List <UserPermissionRow>(q => q
.Select(fld.PermissionKey)
.Select(fld.Granted)
.Where(new Criteria(fld.UserId) == userId))
.ForEach(x => result[x.PermissionKey] = x.Granted ?? true);
var implicitPermissions = UserPermissionRepository.GetImplicitPermissions(Cache.Memory, TypeSource);
foreach (var pair in result.ToArray())
{
HashSet <string> list;
if (pair.Value && implicitPermissions.TryGetValue(pair.Key, out list))
{
foreach (var x in list)
{
result[x] = true;
}
}
}
return result;
}
}));
}
public ActionResult UserPermission(string id)
{
try
{
using (var context = new AppSecurityContext())
{
var userPermissionRep = new UserPermissionRepository(context);
var permissionRep = new PermissionRepository(context);
var userRep = new UserRepository(context);
var permissions = userPermissionRep.GetAll()
.Where(x => x.UserId == id);
var user = userRep.Find(id);
var model = new ListAppUserPermissionViewModel();
model.UserId = user.Id;
model.UserName = user.UserName;
model.UserPermissions = mapper.Map <IEnumerable <AppUserPermissionViewModel> >(permissions);
return(View(model));
}
}
catch
{
return(View("Users"));
}
}
private HashSet <string> GetRolePermissions(int roleId)
{
var fld = RolePermissionRow.Fields;
return(Cache.GetLocalStoreOnly("RolePermissions:" + roleId, TimeSpan.Zero, fld.GenerationKey, () =>
{
using (var connection = SqlConnections.NewByKey("Default"))
{
var result = new HashSet <string>(StringComparer.OrdinalIgnoreCase);
connection.List <RolePermissionRow>(q => q
.Select(fld.PermissionKey)
.Where(new Criteria(fld.RoleId) == roleId))
.ForEach(x => result.Add(x.PermissionKey));
var implicitPermissions = UserPermissionRepository.GetImplicitPermissions(Cache.Memory, TypeSource);
foreach (var key in result.ToArray())
{
HashSet <string> list;
if (implicitPermissions.TryGetValue(key, out list))
{
foreach (var x in list)
{
result.Add(x);
}
}
}
return result;
}
}));
}
public static IUserPermissionManagement GetInstance()
{
IDbFactory dbFactory = new DbFactory();
IUserPermissionRepository permRepor = new UserPermissionRepository(dbFactory);
IUnitOfWork uow = new UnitOfWork(dbFactory);
return(new UserPermissionManagement(permRepor, uow));
}
public SaveResponse Update(IUnitOfWork uow, RolePermissionUpdateRequest request)
{
Check.NotNull(request, "request");
Check.NotNull(request.RoleID, "roleID");
Check.NotNull(request.Permissions, "permissions");
var roleID = request.RoleID.Value;
var oldList = new HashSet<string>(
GetExisting(uow.Connection, roleID, request.Module, request.Submodule)
.Select(x => x.PermissionKey), StringComparer.OrdinalIgnoreCase);
var newList = new HashSet<string>(request.Permissions.ToList(),
StringComparer.OrdinalIgnoreCase);
var allowedKeys = new UserPermissionRepository().ListPermissionKeys()
.Entities.ToDictionary(x => x);
if (newList.Any(x => !allowedKeys.ContainsKey(x)))
throw new AccessViolationException();
if (oldList.SetEquals(newList))
return new SaveResponse();
foreach (var k in oldList)
{
if (newList.Contains(k))
continue;
new SqlDelete(fld.TableName)
.Where(
new Criteria(fld.RoleId) == roleID &
new Criteria(fld.PermissionKey) == k)
.Execute(uow.Connection);
}
foreach (var k in newList)
{
if (oldList.Contains(k))
continue;
uow.Connection.Insert(new MyRow
{
RoleId = roleID,
PermissionKey = k
});
}
BatchGenerationUpdater.OnCommit(uow, fld.GenerationKey);
BatchGenerationUpdater.OnCommit(uow, Entities.UserPermissionRow.Fields.GenerationKey);
return new SaveResponse();
}
public SelectList PopulateResourceFromNewUserPermission(string userId, object selectedItem = null)
{
using (var context = new AppSecurityContext())
{
var resourcesRepository = new ResourceRepository(context);
var userPermissionRository = new UserPermissionRepository(context);
var permissionSelect = userPermissionRository.GetPermissionByUserId(userId).Select(p => p.ResourceKey).Distinct();
var resourcesQuery = resourcesRepository.GetAll();
var resources = resourcesQuery.Where(x => !permissionSelect.Contains(x.Key)).ToList();
resources.Insert(0, new AppResource {
Key = null, Name = "Seleccione"
});
return(new SelectList(resources, "Key", "Name", selectedItem));
}
}
public ActionResult MyAction()
{
var fileRowResponse = this.InTransaction("Default", (uow) =>
{
//var saveFileResponse = new AisFileResultsRepository().Create(uow, new SaveRequest<AisFileResultsRow>
//{
// Entity = new AisFileResultsRow
// {
// FileId = 1,
// ReqId = 1,
// ReqType = 0
// }
//});
//var res1 = new GroupRepository().Create(uow, new SaveRequest<GroupRow>
//{
// Entity = new GroupRow
// {
// Name = "tanhn",
// Parent = "tanhn",
// Shortname = "tanhn",
// Priority = 1,
// Status = (statusvalue?)1
// }
//});
UserPermissionListRequest request = new UserPermissionListRequest();
request.UserID = 1;
var test = new UserPermissionRepository().List(uow.Connection, request);
var saveFileResponse = new TesttRepository().Create(uow, new SaveRequest <TesttRow>
{
Entity = new TesttRow
{
Name = "tanhn"
}
});
return(saveFileResponse);
});
Result <ActionResult> res;
res = new Result <ActionResult>(fileRowResponse);
return(res);
}
protected override ScriptUserDefinition GetData()
{
var result = new ScriptUserDefinition();
if (!(UserAccessor.User?.GetUserDefinition(UserRetriever) is UserDefinition user))
{
result.Permissions = new Dictionary <string, bool>();
return(result);
}
result.Username = user.Username;
result.DisplayName = user.DisplayName;
result.IsAdmin = user.Username == "admin";
result.Permissions = Cache.GetLocalStoreOnly("ScriptUserPermissions:" + user.Id, TimeSpan.Zero,
UserPermissionRow.Fields.GenerationKey, () =>
{
var permissions = new Dictionary <string, bool>(StringComparer.OrdinalIgnoreCase);
var permissionsUsedFromScript = Cache.GetLocalStoreOnly("PermissionsUsedFromScript",
TimeSpan.Zero, RoleRow.Fields.GenerationKey, () =>
{
return(UserPermissionRepository.ListPermissionKeys(Cache.Memory, TypeSource)
.Where(permissionKey =>
{
// this sends permission information for all permission keys to client side.
// if you don't need all of them to be available from script, filter them here.
// this is recommended for security / performance reasons...
return true;
}).ToArray());
});
foreach (var permissionKey in permissionsUsedFromScript)
{
if (Permissions.HasPermission(permissionKey))
{
permissions[permissionKey] = true;
}
}
return(permissions);
});
return(result);
}
public PresetUserPermissionModel(IUnitOfWork uow, UserBase user)
{
this.user = user;
this.uow = uow;
originalPermissionList = UserPermissionRepository.GetUserAllPresetPermissions(uow, user.Id);
ObservablePermissionsList = new GenericObservableList <PresetUserPermission>(originalPermissionList.ToList());
originalPermissionsSourceList = PermissionsSettings.PresetPermissions.Values.ToList();
//убираем типы уже загруженные в права
foreach (var item in originalPermissionList.Where(x => !x.IsLostPermission))
{
if (originalPermissionsSourceList.Contains(item.PermissionSource))
{
originalPermissionsSourceList.Remove(item.PermissionSource);
}
}
ObservablePermissionsSourceList = new GenericObservableList <PresetUserPermissionSource>(originalPermissionsSourceList);
}
public EntityUserPermissionModel(IUnitOfWork uow, UserBase user, PermissionListViewModel permissionListViewModel)
{
this.user = user;
this.uow = uow;
this.PermissionListViewModel = permissionListViewModel ?? throw new NullReferenceException(nameof(permissionListViewModel));
permissionList = UserPermissionRepository.GetUserAllEntityPermissions(uow, user.Id, permissionListViewModel.PermissionExtensionStore);
PermissionListViewModel.PermissionsList = new GenericObservableList <IPermissionNode>(permissionList.OfType <IPermissionNode>().ToList());
PermissionListViewModel.PermissionsList.ElementRemoved += (aList, aIdx, aObject) => DeletePermission(aObject as UserPermissionNode);
originalTypeOfEntityList = TypeOfEntityRepository.GetAllSavedTypeOfEntity(uow).ToList();
//убираем типы уже загруженные в права
foreach (var item in permissionList)
{
if (originalTypeOfEntityList.Contains(item.TypeOfEntity))
{
originalTypeOfEntityList.Remove(item.TypeOfEntity);
}
}
SortTypeOfEntityList();
ObservableTypeOfEntitiesList = new GenericObservableList <TypeOfEntity>(originalTypeOfEntityList);
}
public ActionResult EditUserPermission(int?id)
{
if (id == null)
{
return(RedirectToAction("DetailsUserPermission"));
}
var model = new EditAppUserPermissionViewModel();
using (var context = new AppSecurityContext())
{
var actionRepository = new ActionRepository(context);
var resourceRepository = new ResourceRepository(context);
var userPermissionRository = new UserPermissionRepository(context);
var userRepository = new UserRepository(context);
var userPermision = userPermissionRository.GetAll().Where(x => x.Id == id).FirstOrDefault();
var resource = resourceRepository.Find(userPermision.Permission.ResourceKey);
var userPermissions = userPermissionRository.GetAll()
.Where(x => x.UserId == userPermision.UserId)
.Where(x => x.Permission.ResourceKey == resource.Key)
.ToList();
var actionKeys = userPermissions.Select(x => x.Permission.ActionKey).ToArray();
var actions = actionRepository.GetAll();
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
model.SelectedActions = actionKeys;
model.ResourceKey = resource.Key;
model.ResourceName = resource.Name;
model.User = mapper.Map <AppUserViewModel>(userRepository.Find(userPermision.UserId));
return(View(model));
}
}
protected override IDictionary <string, HashSet <string> > GetData()
{
return(UserPermissionRepository.GetImplicitPermissions(cache, typeSource));
}
protected override IEnumerable <string> GetData()
{
return(UserPermissionRepository.ListPermissionKeys(cache, typeSource));
}
public ActionResult EditUserPermission(int id, EditAppUserPermissionViewModel model)
{ //Clave del resource
using (var context = new AppSecurityContext())
{
var actionRepository = new ActionRepository(context);
var resourceRepository = new ResourceRepository(context);
var permissionRepository = new PermissionRepository(context);
var userPermissionRository = new UserPermissionRepository(context);
try
{
var userPermision = userPermissionRository.GetAll().Where(x => x.Id == id).FirstOrDefault();
var actions = actionRepository.GetAll();
var resource = resourceRepository.Find(userPermision.Permission.ResourceKey);
var permissions = userPermissionRository.GetAll()
.Where(x => x.Permission.ResourceKey == resource.Key)
.Where(x => x.UserId == userPermision.UserId);
var actionKeys = permissions.Select(x => x.Permission.ActionKey).ToArray();
model.AvailableActions = mapper.Map <ICollection <AppActionViewModel> >(actions);
//Se eliminan los permisos anteriores
foreach (var perm in permissions)
{
userPermissionRository.Delete(perm);
}
if (model.SelectedActions != null)
{
//Se agregan los nuevos
var permissionForInsert = permissionRepository
.GetAll()
.Where(x => x.ResourceKey == resource.Key)
.Where(x => model.SelectedActions.Contains(x.ActionKey));
foreach (var p in permissionForInsert)
{
var permission = new AppUserPermission();
permission.UserId = userPermision.UserId;
permission.PermissionId = p.Id;
userPermissionRository.Insert(permission);
}
model.SelectedActions = actionKeys;
model.ResourceKey = resource.Key;
model.ResourceName = resource.Name;
}
context.SaveChanges();
return(RedirectToAction("UserPermission", new { id = model.User.Id }));
}
catch (Exception ex)
{
ViewBag.Error = ex.Message;
if (ex.InnerException != null)
{
ViewBag.Error += ex.InnerException.Message;
}
return(View(model));
}
}
}
