コード例 #1
0
ファイル: RoleUpdater.cs プロジェクト: jchenga/Orchard2
        public async Task AddDefaultRolesForFeatureAsync(Feature feature)
        {
            var featureName = feature.Descriptor.Id;

            // when another module is being enabled, locate matching permission providers
            var providersForEnabledModule = _permissionProviders.Where(x => _typeFeatureProvider.GetFeatureForDependency(x.GetType())?.Descriptor?.Id == featureName);

            if (Logger.IsEnabled(LogLevel.Debug))
            {
                if (providersForEnabledModule.Any())
                {
                    Logger.LogDebug($"Configuring default roles for module {featureName}");
                }
                else
                {
                    Logger.LogDebug($"No default roles for module {featureName}");
                }
            }

            foreach (var permissionProvider in providersForEnabledModule)
            {
                // get and iterate stereotypical groups of permissions
                var stereotypes = permissionProvider.GetDefaultStereotypes();
                foreach (var stereotype in stereotypes)
                {

                    // turn those stereotypes into roles
                    var role = await _roleManager.FindByNameAsync(stereotype.Name);
                    if (role == null)
                    {
                        if (Logger.IsEnabled(LogLevel.Information))
                        {
                            Logger.LogInformation($"Defining new role {stereotype.Name} for permission stereotype");
                        }

                        role = new Role { RoleName = stereotype.Name };
                        await _roleManager.CreateAsync(role);
                    }

                    // and merge the stereotypical permissions into that role
                    var stereotypePermissionNames = (stereotype.Permissions ?? Enumerable.Empty<Permission>()).Select(x => x.Name);
                    var currentPermissionNames = role.RoleClaims.Where(x => x.ClaimType == Permission.ClaimType).Select(x => x.ClaimValue);

                    var distinctPermissionNames = currentPermissionNames
                        .Union(stereotypePermissionNames)
                        .Distinct();

                    // update role if set of permissions has increased
                    var additionalPermissionNames = distinctPermissionNames.Except(currentPermissionNames);

                    if (additionalPermissionNames.Any())
                    {
                        foreach (var permissionName in additionalPermissionNames)
                        {
                            if (Logger.IsEnabled(LogLevel.Debug))
                            {
                                Logger.LogInformation("Default role {0} granted permission {1}", stereotype.Name, permissionName);
                            }

                            await _roleManager.AddClaimAsync(role, new Claim(Permission.ClaimType, permissionName));
                        }
                    }
                }
            }
        }
コード例 #2
0
ファイル: AdminController.cs プロジェクト: jchenga/Orchard2
        private async Task<IEnumerable<string>> GetEffectivePermissions(Role role, IEnumerable<Permission> allPermissions)
        {
            // Create a fake user to check the actual permissions. If the role is anonymous
            // IsAuthenticated needs to be false.
            var fakeUser = new ClaimsPrincipal(
                new ClaimsIdentity(new[] { new Claim(ClaimTypes.Role, role.RoleName)},
                role.RoleName != "Anonymous" ? "FakeAuthenticationType" : null)
            );

            var result = new List<string>();

            foreach(var permission in allPermissions)
            {
                if (await _authorizationService.AuthorizeAsync(fakeUser, permission))
                {
                    result.Add(permission.Name);
                }
            }

            return result;
        }
コード例 #3
0
ファイル: AdminController.cs プロジェクト: jchenga/Orchard2
        public async Task<IActionResult> Create(CreateRoleViewModel model)
        {
            if (ModelState.IsValid)
            {
                model.RoleName = model.RoleName.Trim();

                if (await _roleManager.FindByNameAsync(model.RoleName) != null)
                {
                    ModelState.AddModelError(string.Empty, T["The role is already used."]);
                }
            }

            if (ModelState.IsValid)
            {
                var role = new Role { RoleName = model.RoleName };
                var result = await _roleManager.CreateAsync(role);
                if (result.Succeeded)
                {
                    _notifier.Success(TH["Role created successfully"]);
                    return RedirectToAction(nameof(Index));
                }

                _session.Cancel();

                foreach (var error in result.Errors)
                {
                    ModelState.AddModelError(string.Empty, error.Description);
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }
コード例 #4
0
ファイル: AdminController.cs プロジェクト: thiennn/Orchard2
 private RoleEntry BuildRoleEntry(Role role)
 {
     return new RoleEntry
     {
         Name = role.RoleName,
         Selected = false
     };
 }