public Permission Post([FromBody] Permission Permission) { if (ModelState.IsValid) { Permission = Permissions.AddPermission(Permission); } return(Permission); }
public Permission Post([FromBody] Permission Permission) { if (ModelState.IsValid) { Permission = Permissions.AddPermission(Permission); logger.Log(LogLevel.Information, this, LogFunction.Create, "Permission Added {Permission}", Permission); } return(Permission); }
public dynamic AddPermission(string action, string actiondescription, string controllername, string predicate) { try { var result = _permissionRepository.AddPermission(action, actiondescription, controllername, predicate); return(new { result = result > 0 ? true : false }); } catch (Exception exc) { return(new { result = false, message = exc.Message }); } }
public dynamic AddPermission(string action, string actiondescription, string controllername, string predicate) { try { _permissionRepository.AddPermission(action, actiondescription, controllername, predicate, 1); // _permissionRepository.AddPermission(action, actiondescription, controllername, predicate, CompanyID); return(new JsonResult(new { result = 1, message = "添加权限成功" })); } catch (Exception exc) { _log.Log(NLog.LogLevel.Error, $"添加权限:{exc.Message}"); return(new JsonResult(new { result = 0, message = $"添加权限:{exc.Message}" })); } }
public IActionResult AddPermission(Permission permission) { try { var result = _permissionRepository.AddPermission(permission); return(ToJson(result ? HttpResult.Success : HttpResult.Fail, message: result ? "添加成功" : "添加失败")); } catch (Exception exc) { return(new JsonResult(new { result = 0, message = exc.Message }, new Newtonsoft.Json.JsonSerializerSettings() { ContractResolver = new LowercaseContractResolver() })); } }
public Page Put(int id, [FromBody] Page page) { if (ModelState.IsValid && page.SiteId == _alias.SiteId && _pages.GetPage(page.PageId, false) != null && _userPermissions.IsAuthorized(User, EntityNames.Page, page.PageId, PermissionNames.Edit)) { // preserve page permissions var oldPermissions = _permissionRepository.GetPermissions(EntityNames.Page, page.PageId).ToList(); page = _pages.UpdatePage(page); // get differences between old and new page permissions var newPermissions = _permissionRepository.DecodePermissions(page.Permissions, page.SiteId, EntityNames.Page, page.PageId).ToList(); var added = GetPermissionsDifferences(newPermissions, oldPermissions); var removed = GetPermissionsDifferences(oldPermissions, newPermissions); // synchronize module permissions if (added.Count > 0 || removed.Count > 0) { foreach (PageModule pageModule in _pageModules.GetPageModules(page.PageId, "").ToList()) { var modulePermissions = _permissionRepository.GetPermissions(EntityNames.Module, pageModule.Module.ModuleId).ToList(); //var modulePermissions = _permissionRepository.DecodePermissions(pageModule.Module.Permissions, page.SiteId, EntityNames.Module, pageModule.ModuleId).ToList(); // permissions added foreach (Permission permission in added) { if (!modulePermissions.Any(item => item.PermissionName == permission.PermissionName && item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized)) { _permissionRepository.AddPermission(new Permission { SiteId = page.SiteId, EntityName = EntityNames.Module, EntityId = pageModule.ModuleId, PermissionName = permission.PermissionName, RoleId = permission.RoleId, UserId = permission.UserId, IsAuthorized = permission.IsAuthorized }); } } // permissions removed foreach (Permission permission in removed) { var modulePermission = modulePermissions.FirstOrDefault(item => item.PermissionName == permission.PermissionName && item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized); if (modulePermission != null) { _permissionRepository.DeletePermission(modulePermission.PermissionId); } } } } _syncManager.AddSyncEvent(_alias.TenantId, EntityNames.Site, page.SiteId); _logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Updated {Page}", page); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Page Put Attempt {Page}", page); HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; page = null; } return(page); }
public Page Put(int id, [FromBody] Page page) { // get current page var currentPage = _pages.GetPage(page.PageId, false); if (ModelState.IsValid && page.SiteId == _alias.SiteId && currentPage != null && _userPermissions.IsAuthorized(User, EntityNames.Page, page.PageId, PermissionNames.Edit)) { // get current page permissions var currentPermissions = _permissionRepository.GetPermissions(EntityNames.Page, page.PageId).ToList(); page = _pages.UpdatePage(page); // save url mapping if page path changed if (currentPage.Path != page.Path) { var url = HttpContext.Request.Scheme + "://" + _alias.Name + "/"; var urlMapping = new UrlMapping(); urlMapping.SiteId = page.SiteId; urlMapping.Url = url + currentPage.Path; urlMapping.MappedUrl = url + page.Path; urlMapping.Requests = 0; urlMapping.CreatedOn = System.DateTime.UtcNow; urlMapping.RequestedOn = System.DateTime.UtcNow; _urlMappings.AddUrlMapping(urlMapping); } // get differences between current and new page permissions var newPermissions = _permissionRepository.DecodePermissions(page.Permissions, page.SiteId, EntityNames.Page, page.PageId).ToList(); var added = GetPermissionsDifferences(newPermissions, currentPermissions); var removed = GetPermissionsDifferences(currentPermissions, newPermissions); // synchronize module permissions if (added.Count > 0 || removed.Count > 0) { foreach (PageModule pageModule in _pageModules.GetPageModules(page.PageId, "").ToList()) { var modulePermissions = _permissionRepository.GetPermissions(EntityNames.Module, pageModule.Module.ModuleId).ToList(); // permissions added foreach (Permission permission in added) { if (!modulePermissions.Any(item => item.PermissionName == permission.PermissionName && item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized)) { _permissionRepository.AddPermission(new Permission { SiteId = page.SiteId, EntityName = EntityNames.Module, EntityId = pageModule.ModuleId, PermissionName = permission.PermissionName, RoleId = permission.RoleId, UserId = permission.UserId, IsAuthorized = permission.IsAuthorized }); } } // permissions removed foreach (Permission permission in removed) { var modulePermission = modulePermissions.FirstOrDefault(item => item.PermissionName == permission.PermissionName && item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized); if (modulePermission != null) { _permissionRepository.DeletePermission(modulePermission.PermissionId); } } } } _syncManager.AddSyncEvent(_alias.TenantId, EntityNames.Site, page.SiteId); _logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Updated {Page}", page); } else { _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Page Put Attempt {Page}", page); HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; page = null; } return(page); }