public bool CreateObjectPermission(string powerBiObjectId, int permissionId, bool allowAccess, int portalId, int?roleId, int?userId)
{
Requires.NotNullOrEmpty("PowerBiObjectId", powerBiObjectId);
var permission = new ObjectPermission
{
ID = Guid.NewGuid(),
PowerBiObjectID = powerBiObjectId,
PermissionID = permissionId,
AllowAccess = allowAccess,
PortalID = portalId,
RoleID = roleId,
UserID = userId,
CreatedByUserID = Components.Common.CurrentUser.UserID,
CreatedOnDate = DateTime.Now,
LastModifiedByUserID = Components.Common.CurrentUser.UserID,
LastModifiedOnDate = DateTime.Now
};
using (IDataContext ctx = DataContext.Instance())
{
var rep = ctx.GetRepository <ObjectPermission>();
rep.Insert(permission);
}
return(true);
}
public ActionResult GetPermissions(ODataActionParameters parameters)
{
ActionResult result = NoContent();
if (parameters.ContainsKey("keys") && parameters.ContainsKey("typeName"))
{
IEnumerable <Guid> keys = ((IEnumerable <string>)parameters["keys"]).Select(k => Guid.Parse(k));
string typeName = parameters["typeName"].ToString();
using (IObjectSpace objectSpace = securityProvider.ObjectSpaceProvider.CreateObjectSpace()) {
ITypeInfo typeInfo = objectSpace.TypesInfo.PersistentTypes.FirstOrDefault(t => t.Name == typeName);
if (typeInfo != null)
{
IList entityList = objectSpace.GetObjects(typeInfo.Type, new InOperator(typeInfo.KeyMember.Name, keys));
List <ObjectPermission> objectPermissions = new List <ObjectPermission>();
foreach (object entity in entityList)
{
ObjectPermission objectPermission = CreateObjectPermission(typeInfo, entity);
objectPermissions.Add(objectPermission);
}
result = Ok(objectPermissions);
}
}
}
return(result);
}
public ActionResult GetPermissions(List <Guid> keys, string typeName)
{
try
{
ActionResult result = NoContent();
using (IObjectSpace objectSpace = securityProvider.ObjectSpaceProvider.CreateObjectSpace())
{
PermissionHelper permissionHelper = new PermissionHelper(securityProvider.Security);
ITypeInfo typeInfo = objectSpace.TypesInfo.PersistentTypes.FirstOrDefault(t => t.Name == typeName);
if (typeInfo != null)
{
IList entityList = objectSpace.GetObjects(typeInfo.Type, new InOperator(typeInfo.KeyMember.Name, keys));
List <ObjectPermission> objectPermissions = new List <ObjectPermission>();
foreach (object entity in entityList)
{
ObjectPermission objectPermission = permissionHelper.CreateObjectPermission(typeInfo, entity);
objectPermissions.Add(objectPermission);
}
result = Ok(objectPermissions);
}
}
return(result);
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
/// <summary>
/// Disables the "add document" permission for a list of group IDs for a particular workspace.
/// </summary>
/// <param name="mgr">Permission manager service</param>
/// <param name="rsapi">RSAPI client</param>
/// <param name="workspaceId">the ID of the workspace whose permissions we are modifying</param>
/// <param name="groupIds">the groups whose permissions we are modifying</param>
/// <returns></returns>
public static async Task <bool> DisableAddDocInWorkspaceForGroups(
IPermissionManager mgr,
IRSAPIClient rsapi,
int workspaceId,
List <int> groupIds)
{
// get group selector for workspace
GroupSelector sel;
try
{
sel = await mgr.GetWorkspaceGroupSelectorAsync(workspaceId);
}
catch (Exception)
{
return(false);
}
// get group names
HashSet <string> groupNames = GetGroupNames(rsapi, groupIds);
foreach (GroupRef group in sel.EnabledGroups)
{
// see if the group is one whose permissions
// we would like to disable
if (groupNames.Contains(group.Name))
{
GroupPermissions permissions = await mgr.GetWorkspaceGroupPermissionsAsync(workspaceId, group);
// get object permissions
List <ObjectPermission> objPermissions = permissions.ObjectPermissions;
// get the document permission
ObjectPermission docPerm = objPermissions.FirstOrDefault(x => x.Name == "Document");
if (docPerm != null)
{
if (docPerm.AddSelected)
{
// disable Add permission
docPerm.AddSelected = false;
}
}
// make changes
try
{
await mgr.SetWorkspaceGroupPermissionsAsync(workspaceId, permissions);
}
catch (Exception)
{
return(false);
}
}
}
return(true);
}
private List <ObjectPermission> GetAllPms()
{
List <TYPE_PERMISSION> _lstType_Pms = new List <TYPE_PERMISSION>();
_lstType_Pms = _ITYPE_PERMISSIONService.GetAll();
List <Type_PmsMulti> _lstPmsMulti = new List <Type_PmsMulti>();
foreach (var item in _lstType_Pms)
{
Type_PmsMulti _typeRecord = new Type_PmsMulti();
_typeRecord.PERMISSIONID = item.PERMISSIONID;
_typeRecord.TYPE_PERMISSIONMULTIID = item.TYPE_PERMISSIONMULTI;
_typeRecord.TYPE_PERMISSIONMULTINAME = GetPmsMultiTypeName(item.TYPE_PERMISSIONMULTI);
_typeRecord.Loai_Permission = item.LOAI_PERMISSION;
_lstPmsMulti.Add(_typeRecord);
}
List <permission> _lstAllPms = new List <permission>();
//ThaiPV : chỉnh sửa ngày 10/12/2016, loại bỏ permission tra cứu giám định, permission này dành riêng cho hỗ trợ, ko hiển thị cho người dùng.
_lstAllPms = _iPMSService.GetAll().Where(x => x.name != "TRA_CUU_GD").ToList();
var _lstPmsFull = (from p in _lstPmsMulti
join q in _lstAllPms on p.PERMISSIONID equals q.permissionid
select new
{
permissionid = p.PERMISSIONID,
name = q.name,
Description = q.Description,
MultiPmsTypeID = p.TYPE_PERMISSIONMULTIID,
TYPE_PERMISSIONMULTINAME = p.TYPE_PERMISSIONMULTINAME,
objid = q.ObjectRBAC.objectid,
objname = q.ObjectRBAC.name,
loaiPermission = p.Loai_Permission
});
List <ObjectPermission> lstObjPmsResults = new List <ObjectPermission>();
foreach (var item in _lstPmsFull)
{
ObjectPermission objP = new ObjectPermission();
objP.AppID = 1;
objP.PermissionId = item.permissionid;
objP.PmsName = item.name;
objP.ObjName = item.objname;
objP.ObjectId = item.objid;
objP.DesPms = item.Description;
objP.MultiTypeID = item.MultiPmsTypeID;
objP.MultiTypeName = item.TYPE_PERMISSIONMULTINAME;
objP.LoaiPermission = item.loaiPermission;
lstObjPmsResults.Add(objP);
}
return(lstObjPmsResults.OrderBy(m => m.PermissionId).ToList());
}
public void UpdateDataRow(T t)
{
objectPermission = ObjectPermission.DenyUpdateObject;
DataRow dataRow = mapping[t];
t.UpdateRow(dataRow);
OnEvent(sender, t, dataRow);
objectPermission = ObjectPermission.AllowUpdateObject;
}
public bool InsertAt(T t, int pos)
{
objectPermission = ObjectPermission.DenyUpdateObject;
t.SetCollection(this);
DataRow newRow = dataTable.NewRow();
t.UpdateRow(newRow);
dataTable.Rows.InsertAt(newRow, pos);
mapping.Add(t, newRow);
OnEvent(sender, t, newRow);
objectPermission = ObjectPermission.AllowUpdateObject;
return(true);
}
public void Swap(T t1, T t2)
{
objectPermission = ObjectPermission.DenyUpdateObject;
DataRow dataRow1 = mapping[t1];
DataRow dataRow2 = mapping[t2];
t1.UpdateRow(dataRow2);
t2.UpdateRow(dataRow1);
mapping[t1] = dataRow2;
mapping[t2] = dataRow1;
OnEvent(sender, t1, dataRow2, t2, dataRow1);
objectPermission = ObjectPermission.AllowUpdateObject;
}
private ObjectPermission CreateObjectPermission(ITypeInfo typeInfo, object entity)
{
Type type = typeInfo.Type;
ObjectPermission objectPermission = new ObjectPermission();
objectPermission.Key = typeInfo.KeyMember.GetValue(entity).ToString();
objectPermission.Write = Security.IsGranted(new PermissionRequest(ObjectSpace, type, SecurityOperations.Write, entity));
objectPermission.Delete = Security.IsGranted(new PermissionRequest(ObjectSpace, type, SecurityOperations.Delete, entity));
IEnumerable <IMemberInfo> members = GetPersistentMembers(typeInfo);
foreach (IMemberInfo member in members)
{
MemberPermission memberPermission = CreateMemberPermission(entity, type, member);
objectPermission.Data.Add(member.Name, memberPermission);
}
return(objectPermission);
}
private ObjectPermission CreateObjectPermission(ITypeInfo typeInfo, object entity)
{
Type type = typeInfo.Type;
ObjectPermission objectPermission = new ObjectPermission();
objectPermission.Key = typeInfo.KeyMember.GetValue(entity).ToString();
objectPermission.Write = securityProvider.Security.CanWrite(entity);
objectPermission.Delete = securityProvider.Security.CanDelete(entity);
IEnumerable <IMemberInfo> members = GetPersistentMembers(typeInfo);
foreach (IMemberInfo member in members)
{
MemberPermission memberPermission = CreateMemberPermission(entity, type, member);
objectPermission.Data.Add(member.Name, memberPermission);
}
return(objectPermission);
}
public bool InsertAfter(T t1, T t2)
{
if (t2 == null)
{
return(Add(t1));
}
objectPermission = ObjectPermission.DenyUpdateObject;
t1.SetCollection(this);
DataRow dataRow2 = mapping[t2];
int pos = dataTable.Rows.IndexOf(dataRow2);
InsertAt(t1, pos + 1);
objectPermission = ObjectPermission.AllowUpdateObject;
return(true);
}
public ActionResult DeletePms(ObjectPermission obpms)
{
if (CheckForDeletePms(obpms.PermissionId))
{
permission model = _iPMSService.Getbykey(obpms.PermissionId);
var Type_pms = _ITYPE_PERMISSIONService.Getbykey(obpms.PermissionId);
_iPMSService.BeginTran();
_iPMSService.Delete(model);
_ITYPE_PERMISSIONService.Delete(Type_pms);
_iPMSService.CommitTran();
_iLogSystemService.CreateNew(HttpContext.User.Identity.Name, "Xóa tác vụ ", "Thực hiện chức năng Xóa tác vụ", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser);
}
else
{
_iPMSService.RolbackTran();
ViewData["EditErrorDelete"] = "Không thể xóa vì có phân quyền chứa tác vụ này!";
}
return(PartialView("PERMISSIONPartial", GetAllPms()));
}
private bool remove(T t, bool fired)
{
if (mapping.ContainsKey(t))
{
objectPermission = ObjectPermission.DenyUpdateObject;
mapping[t].AcceptChanges();
mapping[t].Delete();
if (fired)
{
OnEvent(sender, t, mapping[t]);
}
mapping.Remove(t);
objectPermission = ObjectPermission.AllowUpdateObject;
return(true);
}
return(false);
}
public ActionResult GetPermissions(ODataActionParameters parameters)
{
ActionResult result = NoContent();
if (parameters.ContainsKey("keys") && parameters.ContainsKey("typeName"))
{
List <string> keys = new List <string>(parameters["keys"] as IEnumerable <string>);
string typeName = parameters["typeName"].ToString();
ITypeInfo typeInfo = ObjectSpace.TypesInfo.PersistentTypes.FirstOrDefault(t => t.Name == typeName);
if (typeInfo != null)
{
IList entityList = ObjectSpace.GetObjects(typeInfo.Type, new InOperator(typeInfo.KeyMember.Name, keys));
List <ObjectPermission> objectPermissions = new List <ObjectPermission>();
foreach (object entity in entityList)
{
ObjectPermission objectPermission = CreateObjectPermission(typeInfo, entity);
objectPermissions.Add(objectPermission);
}
result = Ok(objectPermissions);
}
}
return(result);
}
public void EndRowChanged()
{
this.objectPermission = ObjectPermission.AllowUpdateObject;
}
public ActionResult AddNewPms(ObjectPermission obpms)
{
if (ModelState.IsValid && Session["MultiType"] != null)
{
var checkPermissionInObject =
_iPMSService.Query.Where(m => m.ObjectRBAC.objectid == obpms.ObjectId)
.Select(n => n.permissionid)
.ToList();
int count = checkPermissionInObject.Count;
if (count < 8)
{
var checkname = _iPMSService.Query.FirstOrDefault(x => x.name.ToUpper() == obpms.PmsName.ToUpper());
if (checkname == null)
{
try
{
objectRbac objRb = new objectRbac();
objRb.objectid = obpms.ObjectId;
permission p = new permission();
p.AppID = 1;
p.name = obpms.PmsName.Trim();
p.Description = obpms.DesPms.Trim();
p.ObjectRBAC = objRb;
var Type_pms = new TYPE_PERMISSION();
string TYPE_PERMISSIONMULTI = Session["MultiType"].ToString();
_iPMSService.BeginTran();
_iPMSService.CreateNew(p);
Type_pms.PERMISSIONID = p.permissionid;
Type_pms.TYPE_PERMISSIONMULTI = TYPE_PERMISSIONMULTI;
Type_pms.LOAI_PERMISSION = obpms.LoaiPermission;
_ITYPE_PERMISSIONService.CreateNew(Type_pms);
_iPMSService.CommitTran();
_iLogSystemService.CreateNew(HttpContext.User.Identity.Name, "Thêm mới tác vụ ", "Thực hiện chức năng thêm mới tác vụ", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser);
}
catch (Exception e)
{
_iPMSService.RolbackTran();
ViewData["EditError"] = e.Message;
}
}
else
{
ViewData["EditError"] = "Tên đã tồn tại, xin chọn tên khác!";
}
}
else
{
ViewData["EditError"] = "Một chức năng chỉ chứa tối đa 8 tác vụ, nhóm hiện đã có 8 tác vụ, vui lòng chọn chức năng khác!";
}
}
else
{
ViewData["EditError"] = "Bạn phải nhập đầy đủ thông tin";
}
Session["MultiType"] = null;
Session["MultiTypeCheckEdit"] = null;
return(PartialView("PERMISSIONPartial", GetAllPms()));
}
public ActionResult UpdatePms(ObjectPermission obpms)
{
if ((ModelState.IsValid && Session["MultiTypeCheckEdit"] == null) || (ModelState.IsValid && Session["MultiType"] != null))
{
var checkPermissionInObject =
_iPMSService.Query.Where(m => m.ObjectRBAC.objectid == obpms.ObjectId)
.Select(n => n.permissionid)
.ToList();
int count = checkPermissionInObject.Count;
if (count <= 8)
{
var checkname = _iPMSService.Query.FirstOrDefault(x => x.name.ToUpper() == obpms.PmsName.ToUpper());
if (checkname == null || checkname.permissionid == obpms.PermissionId)
{
try
{
objectRbac objRecord = new objectRbac();
objRecord.objectid = obpms.ObjectId;
permission p = new permission();
p = _iPMSService.Getbykey(obpms.PermissionId);
p.name = obpms.PmsName.Trim();
p.Description = obpms.DesPms.Trim();
p.ObjectRBAC = objRecord;
_iPMSService.BeginTran();
if (Session["MultiType"] != null)
{
var Type_pms = _ITYPE_PERMISSIONService.Getbykey(obpms.PermissionId);
string TYPE_PERMISSIONMULTI = Session["MultiType"].ToString();
Type_pms.TYPE_PERMISSIONMULTI = TYPE_PERMISSIONMULTI;
var listrole = _iroleService.Query.Where(m => m.Permissions.Any(n => n.permissionid == obpms.PermissionId));
foreach (var item in listrole)
{
var typerole = _iTypeRoleService.Query.FirstOrDefault(m => m.ROLE_ID == item.roleid) != null?_iTypeRoleService.Query.FirstOrDefault(m => m.ROLE_ID == item.roleid).TYPE : -1;
if (!(TYPE_PERMISSIONMULTI.Contains(typerole + "")))
{
IList <permission> listtam = item.Permissions;
var bientam_PMS = listtam.FirstOrDefault(m => m.permissionid == obpms.PermissionId);
listtam.Remove(bientam_PMS);
item.Permissions = listtam;
_iroleService.Update(item);
}
}
_ITYPE_PERMISSIONService.Update(Type_pms);
}
_iPMSService.Update(p);
_iPMSService.CommitTran();
_iLogSystemService.CreateNew(HttpContext.User.Identity.Name, "Cập nhật tác vụ ", "Thực hiện chức năng cập nhật tác vụ", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser);
}
catch (Exception e)
{
_iPMSService.RolbackTran();
ViewData["EditError"] = e.Message;
}
}
else
{
ViewData["EditError"] = "Tên đã tồn tại, xin chọn tên khác!";
}
}
else
{
ViewData["EditError"] = "Một chức năng chỉ chứa tối đa 8 tác vụ, nhóm hiện đã có 8 tác vụ, vui lòng chọn chức năng khác!";
}
}
else
{
ViewData["EditError"] = "Bạn phải nhập đầy đủ thông tin";
}
Session["MultiType"] = null;
Session["MultiTypeCheckEdit"] = null;
return(PartialView("PERMISSIONPartial", GetAllPms()));
}
public void BeginRowChanged()
{
this.objectPermission = ObjectPermission.DenyUpdateObject;
}
public virtual bool Save(Selector columnNames, RowChangedHandler rowHandler, ValueChangedHandler columnHandler)
{
if (dataTable == null || dataTable.Rows.Count == 0)
{
return(false);
}
//update this.dataTable
// this.AcceptChanges();
objectPermission = ObjectPermission.DenyUpdateObject;
RowAdapter d = this.NewSqlRow(columnNames);
d.RowChanged += RowChanged;
if (rowHandler != null)
{
d.RowChanged += rowHandler;
}
if (columnHandler != null)
{
d.ValueChangedHandler = columnHandler;
}
else
{
d.ValueChangedHandler = ValueChanged;
}
int count = 0;
foreach (DataRow dataRow in dataTable.Rows)
{
BeforeSave(dataRow);
if (dataRow.RowState != DataRowState.Deleted)
{
if (dataRow.RowState != DataRowState.Unchanged)
{
d.CopyFrom(dataRow);
d.Fill();
d.Save();
if (dataRow.RowState == DataRowState.Added) //in case of existing identity columns
{
d.CopyTo(dataRow);
UpdateObject(dataRow);
}
//slow version
//T t = this[dataRow];
//t.Save(d);
count++;
}
}
else
{
dataRow.RejectChanges();
d.CopyFrom(dataRow);
d.Fill();
d.Delete();
//slow version
//T t = this[dataRow];
//t.Delete();
dataRow.Delete();
}
AfterSave(dataRow);
}
dataTable.AcceptChanges();
objectPermission = ObjectPermission.AllowUpdateObject;
return(true);
}