public Permission Post([FromBody] Permission Permission)
{
if (ModelState.IsValid)
{
Permission = Permissions.AddPermission(Permission);
}
return(Permission);
}
public Permission Post([FromBody] Permission Permission)
{
if (ModelState.IsValid)
{
Permission = Permissions.AddPermission(Permission);
logger.Log(LogLevel.Information, this, LogFunction.Create, "Permission Added {Permission}", Permission);
}
return(Permission);
}
public dynamic AddPermission(string action, string actiondescription, string controllername, string predicate)
{
try
{
var result = _permissionRepository.AddPermission(action, actiondescription, controllername, predicate);
return(new { result = result > 0 ? true : false });
}
catch (Exception exc)
{
return(new { result = false, message = exc.Message });
}
}
public dynamic AddPermission(string action, string actiondescription, string controllername, string predicate)
{
try
{
_permissionRepository.AddPermission(action, actiondescription, controllername, predicate, 1);
// _permissionRepository.AddPermission(action, actiondescription, controllername, predicate, CompanyID);
return(new JsonResult(new { result = 1, message = "添加权限成功" }));
}
catch (Exception exc)
{
_log.Log(NLog.LogLevel.Error, $"添加权限:{exc.Message}");
return(new JsonResult(new { result = 0, message = $"添加权限:{exc.Message}" }));
}
}
public IActionResult AddPermission(Permission permission)
{
try
{
var result = _permissionRepository.AddPermission(permission);
return(ToJson(result ? HttpResult.Success : HttpResult.Fail, message: result ? "添加成功" : "添加失败"));
}
catch (Exception exc)
{
return(new JsonResult(new { result = 0, message = exc.Message }, new Newtonsoft.Json.JsonSerializerSettings()
{
ContractResolver = new LowercaseContractResolver()
}));
}
}
public Page Put(int id, [FromBody] Page page)
{
if (ModelState.IsValid && page.SiteId == _alias.SiteId && _pages.GetPage(page.PageId, false) != null && _userPermissions.IsAuthorized(User, EntityNames.Page, page.PageId, PermissionNames.Edit))
{
// preserve page permissions
var oldPermissions = _permissionRepository.GetPermissions(EntityNames.Page, page.PageId).ToList();
page = _pages.UpdatePage(page);
// get differences between old and new page permissions
var newPermissions = _permissionRepository.DecodePermissions(page.Permissions, page.SiteId, EntityNames.Page, page.PageId).ToList();
var added = GetPermissionsDifferences(newPermissions, oldPermissions);
var removed = GetPermissionsDifferences(oldPermissions, newPermissions);
// synchronize module permissions
if (added.Count > 0 || removed.Count > 0)
{
foreach (PageModule pageModule in _pageModules.GetPageModules(page.PageId, "").ToList())
{
var modulePermissions = _permissionRepository.GetPermissions(EntityNames.Module, pageModule.Module.ModuleId).ToList();
//var modulePermissions = _permissionRepository.DecodePermissions(pageModule.Module.Permissions, page.SiteId, EntityNames.Module, pageModule.ModuleId).ToList();
// permissions added
foreach (Permission permission in added)
{
if (!modulePermissions.Any(item => item.PermissionName == permission.PermissionName &&
item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized))
{
_permissionRepository.AddPermission(new Permission
{
SiteId = page.SiteId,
EntityName = EntityNames.Module,
EntityId = pageModule.ModuleId,
PermissionName = permission.PermissionName,
RoleId = permission.RoleId,
UserId = permission.UserId,
IsAuthorized = permission.IsAuthorized
});
}
}
// permissions removed
foreach (Permission permission in removed)
{
var modulePermission = modulePermissions.FirstOrDefault(item => item.PermissionName == permission.PermissionName &&
item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized);
if (modulePermission != null)
{
_permissionRepository.DeletePermission(modulePermission.PermissionId);
}
}
}
}
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.Site, page.SiteId);
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Updated {Page}", page);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Page Put Attempt {Page}", page);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
page = null;
}
return(page);
}
public Page Put(int id, [FromBody] Page page)
{
// get current page
var currentPage = _pages.GetPage(page.PageId, false);
if (ModelState.IsValid && page.SiteId == _alias.SiteId && currentPage != null && _userPermissions.IsAuthorized(User, EntityNames.Page, page.PageId, PermissionNames.Edit))
{
// get current page permissions
var currentPermissions = _permissionRepository.GetPermissions(EntityNames.Page, page.PageId).ToList();
page = _pages.UpdatePage(page);
// save url mapping if page path changed
if (currentPage.Path != page.Path)
{
var url = HttpContext.Request.Scheme + "://" + _alias.Name + "/";
var urlMapping = new UrlMapping();
urlMapping.SiteId = page.SiteId;
urlMapping.Url = url + currentPage.Path;
urlMapping.MappedUrl = url + page.Path;
urlMapping.Requests = 0;
urlMapping.CreatedOn = System.DateTime.UtcNow;
urlMapping.RequestedOn = System.DateTime.UtcNow;
_urlMappings.AddUrlMapping(urlMapping);
}
// get differences between current and new page permissions
var newPermissions = _permissionRepository.DecodePermissions(page.Permissions, page.SiteId, EntityNames.Page, page.PageId).ToList();
var added = GetPermissionsDifferences(newPermissions, currentPermissions);
var removed = GetPermissionsDifferences(currentPermissions, newPermissions);
// synchronize module permissions
if (added.Count > 0 || removed.Count > 0)
{
foreach (PageModule pageModule in _pageModules.GetPageModules(page.PageId, "").ToList())
{
var modulePermissions = _permissionRepository.GetPermissions(EntityNames.Module, pageModule.Module.ModuleId).ToList();
// permissions added
foreach (Permission permission in added)
{
if (!modulePermissions.Any(item => item.PermissionName == permission.PermissionName &&
item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized))
{
_permissionRepository.AddPermission(new Permission
{
SiteId = page.SiteId,
EntityName = EntityNames.Module,
EntityId = pageModule.ModuleId,
PermissionName = permission.PermissionName,
RoleId = permission.RoleId,
UserId = permission.UserId,
IsAuthorized = permission.IsAuthorized
});
}
}
// permissions removed
foreach (Permission permission in removed)
{
var modulePermission = modulePermissions.FirstOrDefault(item => item.PermissionName == permission.PermissionName &&
item.RoleId == permission.RoleId && item.UserId == permission.UserId && item.IsAuthorized == permission.IsAuthorized);
if (modulePermission != null)
{
_permissionRepository.DeletePermission(modulePermission.PermissionId);
}
}
}
}
_syncManager.AddSyncEvent(_alias.TenantId, EntityNames.Site, page.SiteId);
_logger.Log(LogLevel.Information, this, LogFunction.Update, "Page Updated {Page}", page);
}
else
{
_logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Page Put Attempt {Page}", page);
HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
page = null;
}
return(page);
}
