public bool DenyPagePermission(string groupid, string pagename) { bool flag = true; try { PagePermission pagepermission = new PagePermission(); int uid = int.Parse(groupid); var pid = (from pg in PageRepo.All() where pg.PageName == pagename select pg.PageID).FirstOrDefault(); var record = PagePermissionRepo.All().FirstOrDefault(model => (model.PageID == pid && model.GroupID == uid)); if (record == null) { pagepermission.GroupID = uid; pagepermission.PageID = pid; pagepermission.PermissionStatus = true; PagePermissionRepo.Create(pagepermission); } } catch (SqlException e) { throw e; } catch (Exception ex) { throw ex; } return(flag); }
public static void Save(object arr) { int i = 0; IEnumerable <Role> iRoleList = RoleList.Where(r => r.Name != System.Configuration.ConfigurationManager.AppSettings["GroupAdmin"]); foreach (object[] item in (object[])arr) { int j = 0; foreach (bool subItem in item) { if (subItem != AuthenticationList[i][j]) { Role role = iRoleList.ElementAt(i); PagePermission pagePermission = PagePermissionList[j]; if (subItem) { PageAuthenticationManager.AddPermission(pagePermission, role); } else { PageAuthenticationManager.RemovePermission(pagePermission, role); } } j++; } i++; } }
public static PermissionType PageAccessMode(IDbContext db, CmsUser cmsUser, CmsPage page) { PermissionType mode = PermissionType.Default; if (cmsUser != null && cmsUser.RoleId >= RoleType.Super) { //supervisor mode = PermissionType.Admin; } else if (cmsUser != null && page != null) { PagePermission pp = db.Set <PagePermission>().SingleOrDefault( e => e.User.Id == cmsUser.Id && e.Page.Id == page.Id); if (pp != null) { mode = pp.AccessMode; } else { mode = NaviAccessMode(db, cmsUser, page.NaviNode); } } // TODO: Add site specific access checking if (CmsHelper.Site == "fratalk" && page.Type.Title == "PAGE" && mode != PermissionType.Admin) { return(PermissionType.Default); } return(mode); }
public bool HasPermission() { if (!string.IsNullOrEmpty(this.Target)) { // Get the page permission for the navigation item's target page. PagePermission pagePermission = base.PermissionCore.PagePermissions[this.Target.Split('?')[0]]; // Check if there is a restriction for the navigation item's target page. if (pagePermission != null) { // Check if the current's session authenticated // user has the permission for this page. if (!base.UserHasPermission(pagePermission.Permission.Id)) { return(false); } } } else { bool result = false; foreach (NavigationItem subNavigationItem in this.SubNavigationItems) { if (subNavigationItem.HasPermission()) { result = true; } } return(result); } return(true); }
public void CanCreateNavigationWithPermissions() { int permissions = 3; using (TransactionScope ts = new TransactionScope()) { // create a role Role role = new Role(_portal.Tenant, "Test role for navigation permission"); _roleRepository.Save(role); _deletedRoles.Add(role); // create pages with a permission each for (int i = 0; i < permissions; i++) { Page page = new Page(_portal.Tenant, "Test navigation item with permissions", "", "~/"); _pageRepository.Save(page); _deletedItems.Add(page); PagePermission permission = new PagePermission(page, role, true, true, false); _pagePermissionRepository.Save(permission); _deletedPermissions.Add(permission); } ts.Complete(); } }
/// <summary> /// پس از به روز رسانی لیست کاربران شاید نیاز به به روز رسانی وضعیت کاربر جاری باشد /// </summary> /// <param name="usersList">لیست کاربران</param> public bool HasAccess(string typeName, Permission permission) { Permission p = 0; if (typeName != null && PagePermission != null) { PagePermission.TryGetValue(typeName, out p); } return(p.HasFlag(permission)); }
public bool PageAccessAllowed(string role, string pagename) { var roleIdQuery = _dbContext.Roles.Where(p => p.Name == role); Role roleObj = roleIdQuery.Cast <Role>().ToList()[0]; int roleId = roleObj.Id; var PageNameQuery = _dbContext.Pages.Where(p => p.Name.Equals(pagename)); Page pageObj = PageNameQuery.Cast <Page>().ToList()[0]; int pageId = pageObj.Id; var PagePermissionQuery = _dbContext.PagePermissions.Where(p => p.RoleId == roleId && p.PageId == pageId); PagePermission pagePermission = PagePermissionQuery.Cast <PagePermission>().ToList()[0]; return(pagePermission.IsAllowed); }
private void ParsePagePermissions(XmlNode xmlNode) { XmlNodeList xmlNodesPages = xmlNode.SelectNodes("Page"); foreach (XmlNode xmlNodePage in xmlNodesPages) { string pageName = xmlNodePage.Attributes["Name"].Value; int idPermission; if (int.TryParse(xmlNodePage.Attributes["Permission"].Value, out idPermission)) { Permission permission = this.Permissions[idPermission]; if (permission != null) { PagePermission pagePermission = new PagePermission(this, pageName, permission); XmlNode xmlNodeButtons = xmlNodePage.SelectSingleNode("Buttons"); if (xmlNodeButtons != null) { foreach (ButtonPermission buttonPermission in ParseButtonPermissions(xmlNodeButtons)) { pagePermission.ButtonPermissions.Add(buttonPermission); } } XmlNode xmlNodeGridColumns = xmlNodePage.SelectSingleNode("GridColumns"); if (xmlNodeGridColumns != null) { pagePermission.GridColumnPermissions = new GridColumnPermissionCollection(this, xmlNodeGridColumns); } XmlNode xmlNodeControls = xmlNodePage.SelectSingleNode("Controls"); if (xmlNodeControls != null) { foreach (ControlPermission buttonPermission in ParseControlPermissions(xmlNodeControls)) { pagePermission.ControlPermissions.Add(buttonPermission); } } this.PagePermissions.Add(pagePermission); } } } }
public PagePermission GetUserPermissions(string userId, string moduleUrl, string moduleCode, int userTypeId) { var pagePermission = new PagePermission(); var encryptModuleUrl = EncryptDecryptHelper.EncryptUrl(moduleUrl); var encryptModuleCode = EncryptDecryptHelper.EncryptUrl(moduleCode); var uri = API.UserPermission.GetUserPermission(_path, userId, encryptModuleUrl, encryptModuleCode, userTypeId); HttpResponseMessage response = _client.GetAsync(uri).Result; if (response.IsSuccessStatusCode) { var jsonDataProviders = response.Content.ReadAsStringAsync().Result; pagePermission = EntityMapper <string, PagePermission> .MapFromJson(jsonDataProviders); } return(pagePermission); }
// extracting the page permission public List <PagePermission> PagePermissionList(XmlNode page) { List <PagePermission> objPagePermissionList = new List <PagePermission>(); XmlNodeList permissionList = page.SelectNodes("PagePermissions/PagePermission"); foreach (XmlNode permission in permissionList) { PagePermission objPagePermission = new PagePermission(); objPagePermission.PageID = int.Parse(Utils.CleanString(permission["PageID"].InnerText)); objPagePermission.PermissionID = int.Parse(Utils.CleanString(permission["PermissionID"].InnerText)); objPagePermission.RoleName = permission["RoleName"].InnerText; objPagePermission.AllowAcess = bool.Parse(Utils.CleanString(permission["Allowacess"].InnerText)); objPagePermission.IsActive = bool.Parse(Utils.CleanString(permission["IsActive"].InnerText)); objPagePermissionList.Add(objPagePermission); } return(objPagePermissionList); }
public virtual IHtmlString Position(string positionID, bool requireMembershipAuthentication, params string[] membershipGroups) { if (PageContext.PageRequestContext.RequestChannel == FrontRequestChannel.Design) { return(new PageDesignHolder(this, positionID)); } else { if (requireMembershipAuthentication) { var permission = new PagePermission() { RequireMember = requireMembershipAuthentication, AllowGroups = membershipGroups }; if (!permission.Authorize(Html.ViewContext.HttpContext.Membership().GetMember())) { return(new HtmlString("")); } } return(Position(positionID)); } }
public bool AllowPagePermission(string groupid, string pagename) { bool flag = true; try { PagePermission pagepermission = new PagePermission(); int uid = int.Parse(groupid); int pid = (from pg in PageRepo.All() where pg.PageName == pagename select pg.PageID).FirstOrDefault(); var record = PagePermissionRepo.All().FirstOrDefault(model => (model.PageID == pid && model.GroupID == uid)); PagePermissionRepo.Delete(record); } catch (SqlException e) { throw e; } catch (Exception ex) { throw ex; } return(flag); }
//void tutLink_Command(object sender, CommandEventArgs e) //{ // if ((HttpContext.Current.Session != null) && (HttpContext.Current.Session.Mode != System.Web.SessionState.SessionStateMode.Off)) // { // this.Page.Session["showTutorial"] = true; // } //} void hintsPanel_DataBound(object sender, EventArgs e) { CmsManager manager = new CmsManager(); HtmlGenericControl pagesLi = GetLi("pagesLi", this.hintsPanel); HtmlAnchor pagesLink = GetLink("pagesLink", this.hintsPanel); HtmlGenericControl modulesLi = GetLi("modulesLi", this.hintsPanel); HtmlAnchor modulesLink = GetLink("modulesLink", this.hintsPanel); HtmlGenericControl filesLi = GetLi("filesLi", this.hintsPanel); HtmlAnchor filesLink = GetLink("filesLink", this.hintsPanel); HtmlGenericControl administrationLi = GetLi("administrationLi", this.hintsPanel); HtmlAnchor administrationLink = GetLink("administrationLink", this.hintsPanel); bool hasPerm = false; foreach (ICmsPage page in manager.GetPages()) { Telerik.Cms.Security.PagePermission testPerm = new Telerik.Cms.Security.PagePermission(page); if (testPerm.CheckDemand(PageRights.View)) { hasPerm = true; break; } } Telerik.Cms.Security.GlobalPermission perm = new Telerik.Cms.Security.GlobalPermission(GlobalRights.ManageUsers); bool canEditTemplates = perm.CheckDemand(GlobalRights.EditTemplates); PagePermission pagePerm = new PagePermission(manager.GetRootPage(), PageRights.View); bool canViewPages = pagePerm.CheckDemand(); if (!canViewPages) { int totalRows; if (manager.GetPages(0, 1, "", System.ComponentModel.ListSortDirection.Ascending, out totalRows, true).Count > 0) canViewPages = true; } if (canViewPages) pagesLink.HRef = "~/Sitefinity/Admin/Pages.aspx"; else if (canEditTemplates) pagesLink.HRef = "~/Sitefinity/Admin/Templates.aspx"; else if (pagesLi != null && pagesLink != null) { pagesLi.Attributes["class"] += " dis"; pagesLink.Attributes["href"] = "#"; } bool canManageServices = false; foreach (IWebModule module in Telerik.Framework.ServiceHost.GetServiceModules()) { if (Util.CheckMinimalServicePermissions(new ServicesPermissions(module.GetType()))) { canManageServices = true; break; } } perm = new Telerik.Cms.Security.GlobalPermission(Telerik.Cms.Security.GlobalRights.ManageUsers | GlobalRights.ManagePermissions); if (administrationLi != null && administrationLink != null && (!perm.CheckDemand() && !canManageServices)) { administrationLi.Attributes["class"] += " dis"; administrationLink.Attributes["href"] = "#"; } perm = new Telerik.Cms.Security.GlobalPermission(Telerik.Cms.Security.GlobalRights.ManageFiles); if (filesLi != null && filesLink != null && !perm.CheckDemand()) { filesLi.Attributes["class"] += " dis"; filesLink.Attributes["href"] = "#"; } bool showModules = false; List<IWebModule> webModules = new List<IWebModule>(); foreach (IWebModule module in ModuleManager.GetWebModulesValues()) { if (module is IModule) showModules = Util.CheckMinimalPermissions(module as IModule); if (showModules) break; } if (modulesLi != null && modulesLink != null && !showModules) { modulesLi.Attributes["class"] += " dis"; modulesLink.Attributes["href"] = "#"; } }
private void LoadAll(int id) { ddlAction.DataSource = Enum.GetNames(typeof(PermissionAction)); ddlAction.DataBind(); lblTitle.Text = "Creación de Permiso"; if (id != 0) { Permission p = ControllerManager.Permission.GetById(id); txtName.Text = p.Name; txtCode.Text = p.Code; txtDescription.Text = p.Description; txtCode.Enabled = false; ddlAction.SelectedValue = ddlAction.Items.FindByValue(p.PermissionAction.ToString()).Value; if (p is PagePermission) { PagePermission pp = (p as PagePermission); ddlPermission.SelectedValue = "Page"; MakeVisible(ddlPermission.SelectedValue); txtPermission1.Text = pp.PageName; txtPermission2.Text = pp.FolderName; } else if (p is MethodPermission) { MethodPermission mp = (p as MethodPermission); ddlPermission.SelectedValue = "Method"; MakeVisible(ddlPermission.SelectedValue); txtPermission1.Text = mp.MethodName; txtPermission2.Text = mp.ClassName; } else if (p is EntityPermission) { EntityPermission ep = (p as EntityPermission); ddlPermission.SelectedValue = "Entity"; MakeVisible(ddlPermission.SelectedValue); txtPermission1.Text = ep.Identifier; txtPermission2.Text = ep.ClassName; } else if (p is WebControlPermission) { WebControlPermission wp = (p as WebControlPermission); ddlPermission.SelectedValue = "Web"; MakeVisible(ddlPermission.SelectedValue); txtPermission1.Text = wp.RelativePath; txtPermission2.Text = wp.ControlIdentifier; } else if (p is ExecutePermission) { ExecutePermission exp = (p as ExecutePermission); ddlPermission.SelectedValue = "Execute"; MakeVisible(ddlPermission.SelectedValue); txtPermission1.Text = exp.KeyIdentifier; txtPermission2.Text = exp.ClassName; } lblTitle.Text = "Edición " + ddlPermission.SelectedItem; } else { lblPermission.Visible = true; ddlPermission.Visible = true; lblFolderName.Visible = true; lblPageName.Visible = true; } }
void hintsPanel_DataBound(object sender, EventArgs e) { CmsManager manager = new CmsManager(); HtmlGenericControl pagesLi = GetLi("pagesLi", this.hintsPanel); HtmlAnchor pagesLink = GetLink("pagesLink", this.hintsPanel); HtmlGenericControl modulesLi = GetLi("modulesLi", this.hintsPanel); HtmlAnchor modulesLink = GetLink("modulesLink", this.hintsPanel); HtmlGenericControl filesLi = GetLi("filesLi", this.hintsPanel); HtmlAnchor filesLink = GetLink("filesLink", this.hintsPanel); HtmlGenericControl administrationLi = GetLi("administrationLi", this.hintsPanel); HtmlAnchor administrationLink = GetLink("administrationLink", this.hintsPanel); Telerik.Cms.Security.GlobalPermission perm = new Telerik.Cms.Security.GlobalPermission(GlobalRights.ManageUsers); bool canEditTemplates = perm.CheckDemand(GlobalRights.EditTemplates); PagePermission pagePerm = new PagePermission(manager.GetRootPage(), PageRights.View); bool canViewPages = pagePerm.CheckDemand(); if (canViewPages) { pagesLink.HRef = "~/Sitefinity/Admin/Pages.aspx"; } else if (canEditTemplates) { pagesLink.HRef = "~/Sitefinity/Admin/Templates.aspx"; } else if (pagesLi != null && pagesLink != null) { pagesLi.Attributes["class"] += " dis"; pagesLink.Attributes["href"] = "#"; } bool canManageServices = false; foreach (IWebModule module in Telerik.Framework.ServiceHost.GetServiceModules()) { if (Util.CheckMinimalServicePermissions(new ServicesPermissions(module.GetType()))) { canManageServices = true; break; } } perm = new Telerik.Cms.Security.GlobalPermission(Telerik.Cms.Security.GlobalRights.ManageUsers | GlobalRights.ManagePermissions); if (administrationLi != null && administrationLink != null && (!perm.CheckDemand() && !canManageServices)) { administrationLi.Attributes["class"] += " dis"; administrationLink.Attributes["href"] = "#"; } perm = new Telerik.Cms.Security.GlobalPermission(Telerik.Cms.Security.GlobalRights.ManageFiles); if (filesLi != null && filesLink != null && !perm.CheckDemand()) { filesLi.Attributes["class"] += " dis"; filesLink.Attributes["href"] = "#"; } bool showModules = false; List <IWebModule> webModules = new List <IWebModule>(); foreach (IWebModule module in ModuleManager.GetWebModulesValues()) { if (module is IModule) { showModules = Util.CheckMinimalPermissions(module as IModule); } if (showModules) { break; } } if (modulesLi != null && modulesLink != null && !showModules) { modulesLi.Attributes["class"] += " dis"; modulesLink.Attributes["href"] = "#"; } }
public ViewResult Change(string sectionId, string pageId, string userName, PermissionType permission, bool overwrite = false) { CmsUser currentUser = SecurityHelper.CurrentCmsUser(db); if (currentUser.RoleId < RoleType.Super) { throw new Exception("Access Denided."); } //user if (string.IsNullOrEmpty(userName)) { ViewBag.Message = "User Name is Required"; return(View("error")); } userName = userName.ToLower(); CmsUser user = db.Set <CmsUser>().SingleOrDefault(e => e.AdName == userName); if (user == null && permission != PermissionType.Denied) { //new user user = new CmsUser(); user.AdName = userName; user.UserName = HtmlHelpers.FormatName(null, userName).ToString(); user.RoleId = RoleType.Normal; db.Set <CmsUser>().Add(user); db.SaveChanges(); } else if (user != null) { if (permission == PermissionType.Denied) { //remove users ClearPermissions(user); db.Set <CmsUser>().Remove(user); db.SaveChanges(); } else { if (string.IsNullOrEmpty(pageId)) { //navi int sid = Convert.ToInt32(sectionId); //handle overwrite NaviNode currentNode = db.Set <NaviNode>().Single(e => e.Id == sid); if (overwrite == true) { ClearPermissions(user); } NaviPermission np = db.Set <NaviPermission>().SingleOrDefault(e => e.Section.Id == sid && e.User.Id == user.Id); //new navi permission if (np == null) { np = new NaviPermission(); np.User = user; np.AccessMode = permission; np.Section = db.Set <NaviNode>().Single(e => e.Id == sid); db.Set <NaviPermission>().Add(np); } //modify else if (np != null) { if (permission != np.AccessMode) { np.AccessMode = permission; ((DbContext)db).Entry(np).State = EntityState.Modified; } } db.SaveChanges(); } else { //page int pid = Convert.ToInt32(pageId); PagePermission pp = db.Set <PagePermission>().SingleOrDefault(e => e.Page.Id == pid && e.User.Id == user.Id); //new page permission if (pp == null) { pp = new PagePermission(); pp.User = user; pp.AccessMode = permission; pp.Page = db.Set <CmsPage>().Single(e => e.Id == pid); db.Set <PagePermission>().Add(pp); } //modify else if (pp != null) { if (permission != pp.AccessMode) { pp.AccessMode = permission; ((DbContext)db).Entry(pp).State = EntityState.Modified; } } db.SaveChanges(); } } } ViewBag.RoleId = SecurityHelper.CurrentCmsUserRole(db); return(View("PermissionGranted")); }
public ActionResult Save(PageModel model) { Page page = null; Role adminRole, memberRole, guestRole; bool isNew = model.Id == Guid.Empty; if (isNew) // if page is new create it { page = new Page(new Tenant(Portal.Tenant.Id)); if (model.ParentId.HasValue) { page.Parent = new Page(model.ParentId.Value); } } using (TransactionScope ts = new TransactionScope()) { // check if slug is unique var anotherPageWithSameSlug = _pageRepository.FindBy(p => p.Tenant.Id == Portal.Tenant.Id && p.Slug == model.Slug && p.Id != model.Id) != null; if (anotherPageWithSameSlug == true) { Alert(AlertType.warning, "Slug not unique", "Another page with this slug already exists."); return(View("Page", model)); } // if page exists, retrieve page and permissions if (!isNew) { page = (from p in _pageRepository.All() where p.Id == model.Id select p).FetchMany(p => p.Permissions).Single(); } // retrieve system roles adminRole = _roleRepository.FindBy(r => r.Tenant.Id == Portal.Tenant.Id && r.Name == "Administrator"); memberRole = _roleRepository.FindBy(r => r.Tenant.Id == Portal.Tenant.Id && r.Name == "Member"); guestRole = _roleRepository.FindBy(r => r.Tenant.Id == Portal.Tenant.Id && r.Name == "Guest"); ts.Complete(); } // update page model with new data Mapper.Map <PageModel, Page>(model, page); try { /* add / update page permissions */ var permissions = page.Permissions; // add / update admin permission PagePermission adminPermission = permissions.SingleOrDefault(p => p.Role.Name == adminRole.Name); if (adminPermission == null) { permissions.Add(new PagePermission(page, adminRole, true, true, true)); } else { adminPermission.SetPermissionRights(true, true, true); } // add / update member permission PagePermission memberPermission = permissions.SingleOrDefault(p => p.Role.Name == memberRole.Name); if (memberPermission == null && model.MembersVisible) { permissions.Add(new PagePermission(page, memberRole, true, false, false)); } else if (memberPermission != null) { memberPermission.SetPermissionRights(model.MembersVisible, false, false); } // add / update guest permission PagePermission guestPermission = permissions.SingleOrDefault(p => p.Role.Name == guestRole.Name); if (guestPermission == null && model.GuestsVisible) { permissions.Add(new PagePermission(page, guestRole, true, false, false)); } else if (guestPermission != null) { guestPermission.SetPermissionRights(model.GuestsVisible, false, false); } // save the page with permissions using (TransactionScope ts = new TransactionScope()) { _pageRepository.Save(page); //save the page foreach (var permission in permissions) { _pagePermissionRepository.Save(permission); } ts.Complete(); } model = Mapper.Map <PageModel>(page); //todo: reads permissions without transaction } catch { Alert(AlertType.danger, "Error", "Failed to create/update page."); return(View("Page", model)); } Alert(AlertType.success, "Success", "Page successfully created/updated."); return(RedirectToAction("edit", "page", new { slug = model.Slug })); }
partial void InsertPagePermission(PagePermission instance) { int rc; string errorinfo = null; rc = this.P_PagePermission_I( m_UserContext, (int?)instance.PageID, (int?)instance.PermissionID, ref errorinfo); if (rc != 0) { throw new Exception(errorinfo != String.Empty ? errorinfo : string.Format(UnknownError, rc)); } }
public void CanReadNavigationForRole() { int rolesNo = 3; int pagesNo = 3; int permissionsNo = rolesNo * pagesNo; List <Role> roles = new List <Role>(); List <Page> pages = new List <Page>(); // create the roles for (int r = 0; r < rolesNo; r++) { string rolename = string.Format("TNP Role {0}", r); using (TransactionScope ts = new TransactionScope()) { // create a role Role role = new Role(_portal.Tenant, rolename); _roleRepository.Save(role); roles.Add(role); _deletedRoles.Add(role); ts.Complete(); } } // create the pages for (int p = 0; p < pagesNo; p++) { string pagename = string.Format("TNP Page {0}", p); using (TransactionScope ts = new TransactionScope()) { Page page = new Page(_portal.Tenant, pagename, pagename, ""); _pageRepository.Save(page); pages.Add(page); _deletedItems.Add(page); ts.Complete(); } } // create permissions foreach (var role in roles) { foreach (var page in pages) { using (TransactionScope ts = new TransactionScope()) { PagePermission permission = new PagePermission(page, role, true, true, true); _pagePermissionRepository.Save(permission); _deletedPermissions.Add(permission); ts.Complete(); } } } // get the navigation with permissions for each role foreach (var role in roles) { using (TransactionScope ts = new TransactionScope()) { List <Page> navigation = _navigationProvider.GetRoleNavigation(role.Name); Console.Write("{0}", role.Name); Console.WriteLine("{0} pages", navigation.Count); foreach (var page in navigation) { Console.WriteLine("{0} permissions for page {1}", page.Permissions.Count, page.Title); } ts.Complete(); } } } // todo: check why it does not return correct permissions for page (seems to work if they have been already created before)
public PagePermission GetUserPermissions(string userId, string moduleUrl, string moduleCode, int userTypeId) { PagePermission permission = new PagePermission(); //permission.UserId = userId; using (var conn = GetOpenConnection()) { if (/*userTypeId == (int)UserTypes.StoreAdmin ||*/ userTypeId == (int)UserTypes.SuperAdmin)//Admin { //Get ModuleId string query = "SELECT top 1 ModuleId FROM Admin.ActivePowerPackModuleStructure"; DynamicParameters parameter = new DynamicParameters(); if (!string.IsNullOrEmpty(moduleUrl)) { query += " WHERE lower(dbo.FormatModuleUrl(ModuleUrl)) = lower(dbo.FormatModuleUrl(@ModuleUrl))"; parameter.Add("@ModuleUrl", moduleUrl, DbType.String); } else { query += " WHERE lower(ModuleCode) = lower(@ModuleCode)"; parameter.Add("@ModuleCode", moduleCode, DbType.String); } permission.ModuleId = conn.QueryFirstOrDefault <int>(query, parameter, commandType: CommandType.Text); permission.CanView = permission.CanAdd = permission.CanEdit = permission.CanDelete = true; } else { var parameters = new DynamicParameters(); parameters.Add("@UserId", userId, DbType.String); parameters.Add("@ModuleUrl", moduleUrl, DbType.String); if (!string.IsNullOrEmpty(moduleCode)) { parameters.Add("@ModuleCode", moduleCode, DbType.String); } var modulePermission = conn.QueryFirstOrDefault <ModulePermission>("[Admin].[GetUserPermissions]", parameters, commandType: CommandType.StoredProcedure); permission = new PagePermission(); if (modulePermission != null) { permission.ModuleId = modulePermission.ModuleId; if (!string.IsNullOrEmpty(modulePermission.PermissionCategoryIds)) { string[] permissionCategories = modulePermission.PermissionCategoryIds.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); if (permissionCategories.Count() > 0) { if (permissionCategories.Contains(((int)PermissionCategory.View).ToString())) { permission.CanView = true; if (permissionCategories.Contains(((int)PermissionCategory.AddEditDelete).ToString())) { permission.CanAdd = true; permission.CanEdit = true; permission.CanDelete = true; } else { if (permissionCategories.Contains(((int)PermissionCategory.Add).ToString())) { permission.CanAdd = true; } if (permissionCategories.Contains(((int)PermissionCategory.Update).ToString())) { permission.CanEdit = true; } if (permissionCategories.Contains(((int)PermissionCategory.Delete).ToString())) { permission.CanDelete = true; } } } } } } } } return(permission); }
/// <summary> /// Gets the list permission by user. /// </summary> /// <param name="username">The username.</param> /// <returns>Get List permission By User</returns> public List <PagePermission> GetListPermissionByUser(string username) { List <PagePermission> lstPagePermission = new List <PagePermission>(); List <PagePermission> lstData = new List <PagePermission>(); using (var data = new Entities()) { var query = from u in data.C_UserPermission join p in data.C_UserPage on u.page_id equals p.id where u.user == username select new { u.user, u.page_id, u.del, u.add, u.edit, u.view, p.Title, p.ParentId, p.OrderDisplay }; if (query.Any()) { foreach (var obj in query) { PagePermission page = new PagePermission(); page.Page_ID = (int)obj.page_id; page.User_Name = obj.user; page.Title = obj.Title; page.Add = (bool)obj.add; page.Edit = (bool)obj.edit; page.Delete = (bool)obj.del; page.View = (bool)obj.view; page.Parent_ID = (int)obj.ParentId; page.OrderDisplay = (int)obj.OrderDisplay; lstPagePermission.Add(page); } List <C_UserPermission> lstUserPermission = data.C_UserPermission.Where(u => u.user == username).ToList(); var dataID = from c in data.C_UserPermission where c.user == username select new { c.page_id }; List <int> lstPageID = new List <int>(); if (dataID.Any()) { foreach (var obj in dataID) { lstPageID.Add((int)obj.page_id); } } List <C_UserPage> lstUserPage = data.C_UserPage.Where(c => !lstPageID.Contains(c.id) && c.ParentId > 0).ToList(); if (lstUserPage.Any()) { foreach (var obj in lstUserPage) { PagePermission page = new PagePermission(); page.Page_ID = obj.id; page.User_Name = username; page.Title = obj.Title; page.Add = false; page.Edit = false; page.Delete = false; page.View = false; page.Parent_ID = (int)obj.ParentId; page.OrderDisplay = (int)obj.OrderDisplay; lstPagePermission.Add(page); } } } else { List <C_UserPage> lstUserPage = data.C_UserPage.Where(p => p.ParentId > 0).ToList(); if (lstUserPage.Any()) { foreach (var obj in lstUserPage) { PagePermission page = new PagePermission(); page.Page_ID = obj.id; page.User_Name = username; page.Title = obj.Title; page.Add = false; page.Edit = false; page.Delete = false; page.View = false; page.Parent_ID = (int)obj.ParentId; page.OrderDisplay = (int)obj.OrderDisplay; lstPagePermission.Add(page); } } } List <C_UserPage> lstUserPageParent = data.C_UserPage.Where(p => p.ParentId == 0).OrderBy(p => p.OrderDisplay).ToList(); foreach (var parent in lstUserPageParent) { PagePermission page = new PagePermission(); page.Page_ID = parent.id; page.User_Name = username; page.Title = parent.Title; page.Add = false; page.Edit = false; page.Delete = false; page.View = false; page.Parent_ID = (int)parent.ParentId; page.OrderDisplay = (int)parent.OrderDisplay; lstData.Add(page); lstData.AddRange(lstPagePermission.Where(p => p.Parent_ID == parent.id).OrderBy(p => p.OrderDisplay)); } } return(lstData); }