private void FillRemovePrivilege(PrivilegeDepthExtended initialValue
, PrivilegeDepthExtended currentValue
, PrivilegeType privilegeType
, HashSet <Guid> privilegesRemove
)
{
if (currentValue == initialValue)
{
return;
}
if (privilegeType == PrivilegeType.None ||
EntityPrivileges == null ||
!EntityPrivileges.Any()
)
{
return;
}
var privilege = EntityPrivileges.FirstOrDefault(p => p.PrivilegeType == privilegeType);
if (privilege == null)
{
return;
}
if (currentValue == PrivilegeDepthExtended.None)
{
privilegesRemove.Add(privilege.PrivilegeId);
}
}
protected static PrivilegeDepthExtended GetPrivilegeLevel(
IEnumerable <SecurityPrivilegeMetadata> privilegesEnum
, IEnumerable <RolePrivileges> rolePrivileges
, Dictionary <PrivilegeType, SecurityPrivilegeMetadata> availablePrivilegesTypes
, PrivilegeType privilegeType
)
{
if (privilegeType != PrivilegeType.None &&
privilegesEnum != null &&
privilegesEnum.Any()
)
{
var privilege = privilegesEnum.FirstOrDefault(p => p.PrivilegeType == privilegeType);
if (privilege != null)
{
availablePrivilegesTypes.Add(privilegeType, privilege);
var rolePrivilege = rolePrivileges.FirstOrDefault(p => p.PrivilegeId == privilege.PrivilegeId);
if (rolePrivilege != null && rolePrivilege.PrivilegeDepthMask.HasValue)
{
var privilegeDepth = RolePrivilegesRepository.ConvertMaskToPrivilegeDepth(rolePrivilege.PrivilegeDepthMask.Value);
if (privilegeDepth.HasValue)
{
return((PrivilegeDepthExtended)privilegeDepth.Value);
}
}
}
}
return(PrivilegeDepthExtended.None);
}
public Boolean revoke(PrivilegeType privilege_type, Table table, String security_profile)
{
//REVOKE privilege_type ON table TO security_profile;
return(false);
}
/// <summary>
/// 设置用户权限字典
/// </summary>
/// <param name="userPrivilege"></param>
/// <param name="privilegeDic"></param>
private static void SetPrivilegeDictionary(PrivilegeType userPrivilege, out Dictionary <string, bool> privilegeDic)
{
privilegeDic = new Dictionary <string, bool>();
foreach (PrivilegeType privilege in Enum.GetValues(typeof(PrivilegeType)))
{
privilegeDic.Add(privilege.ToString(), (userPrivilege & privilege) == privilege);
}
}
public bool HasPermission(PrivilegeType privilegeType, string permission)
{
var isAllow = false;
var a = CheckPermission(privilegeType, permission);
if (a != null && a.Data is bool)
{
isAllow = (bool)a.Data;
}
return(isAllow);
}
/// <summary>
/// Kiểm tra người dùng có quyền thao tác trên một permission hay không?
/// </summary>
/// <param name="userID">User cần kiểm tra</param>
/// <param name="privilegeType">Loại thao tác</param>
/// <param name="permission">Tên quyền cần kiểm tra</param>
/// <returns></returns>
public bool CheckPermission(Guid userID, PrivilegeType privilegeType, string permission)
{
bool result = false;
using (var context = new VnrHrmDataContext())
{
UnitOfWork unitOfWork = new UnitOfWork(context);
result = unitOfWork.CheckPermission(userID, privilegeType, permission);
}
return(result);
}
/// <summary>
/// Kiểm tra người dùng có quyền thao tác trên một permission hay không?
/// </summary>
/// <param name="userID">User cần kiểm tra</param>
/// <param name="privilegeType">Loại thao tác</param>
/// <param name="permission">Tên quyền cần kiểm tra</param>
/// <returns></returns>
public bool CheckPermission(Guid userID, PrivilegeType privilegeType, string permission)
{
bool result = false;
using (var context = new VnrHrmDataContext())
{
UnitOfWork unitOfWork = new UnitOfWork(context);
result = unitOfWork.CheckPermission(userID, privilegeType, permission);
}
return result;
}
internal List <BPrivilege> GetPrivilegeByCode(string code, PrivilegeType privilegeType)
{
string sql = ORMapping.GetSelectSql <BPrivilege>(TSqlBuilder.Instance);
WhereSqlClauseBuilder where = new WhereSqlClauseBuilder();
where.AppendItem("isdeleted", 0);
where.AppendItem("PrivilegeType", privilegeType.ToString());
where.AppendItem("Code", SqlTextHelper.SafeQuote(code), "startwith");
sql += " where " + where.ToSqlString(TSqlBuilder.Instance);
return(ExecuteQuery(sql));
}
protected static PrivilegeDepthExtended[] ReturnOptions(PrivilegeType privilegeType, IEnumerable <SecurityPrivilegeMetadata> privilegesEnum)
{
if (privilegeType != PrivilegeType.None && privilegesEnum != null)
{
var privilege = privilegesEnum.FirstOrDefault(p => p.PrivilegeType == privilegeType);
if (privilege != null)
{
return(GetPrivilegeDepthsByAvailability(privilege.CanBeBasic, privilege.CanBeLocal, privilege.CanBeDeep, privilege.CanBeGlobal));
}
}
return(_optionsDefault);
}
public List <string> GetPermission(Guid userID, PrivilegeType privilegeType)
{
if (userID != Guid.Empty)
{
var listDataPermission = GetPermission(userID);
if (listDataPermission != null && listDataPermission.Count() > 0)
{
var listGroupPermission = listDataPermission.Where(d => d.ListGroupPermission != null && d.ListGroupPermission.Any(p =>
SecurityHelper.CheckPrivilege(privilegeType, p.PrivilegeNumber.GetInteger()))).SelectMany(d => d.ListGroupPermission);
return(listGroupPermission.Where(m => m.PrivilegeNumber != 0).Select(d => d.ResourceName).Distinct().ToList());
}
}
return(new List <string>());
}
public List <string> GetPermission(Guid userID, PrivilegeType privilegeType)
{
using (var context = new VnrHrmDataContext())
{
UnitOfWork unitOfWork = new UnitOfWork(context);
var listDataPermission = unitOfWork.GetUserPermission(userID);
if (listDataPermission != null && listDataPermission.Count() > 0)
{
return(listDataPermission.Where(d => privilegeType.CheckPrivilege(d.PrivilegeNumber.GetInteger())).Select(d => d.ResourceName).Distinct().ToList());
}
}
return(new List <string>());
}
public List<string> GetPermission(Guid userID, PrivilegeType privilegeType)
{
using (var context = new VnrHrmDataContext())
{
UnitOfWork unitOfWork = new UnitOfWork(context);
var listDataPermission = unitOfWork.GetUserPermission(userID);
if (listDataPermission != null && listDataPermission.Count() > 0)
{
return listDataPermission.Where(d => privilegeType.CheckPrivilege(d.PrivilegeNumber.GetInteger())).Select(d => d.ResourceName).Distinct().ToList();
}
}
return new List<string>();
}
public bool CheckPermission(PrivilegeType privilegeType, string permission)
{
// return Json(true, JsonRequestBehavior.AllowGet);
var isSuccess = true;
Guid userId = Guid.Empty;
if (Request[SessionObjects.UserId] != null)
{
Guid.TryParse(Request[SessionObjects.UserId].ToString(), out userId);
if (userId != Guid.Empty)
{
Session[SessionObjects.UserId] = userId;
}
}
else
{
if (Session[SessionObjects.UserId] != null)
{
Guid.TryParse(Session[SessionObjects.UserId].ToString(), out userId);
}
}
if (permission == "#" || permission == "Home")
{
//dấu # : khi click vào phân trang (|< < > >|) thì permission sẽ trả về '#'
return(true);
}
if (permission.Contains("_GetData"))
{
//khi click len lưới thì không phân quyền
return(true);
}
var permissionModel = new PermissionModel
{
UserID = userId,
PrivilegeType = privilegeType,
Permission = permission
};
var service = new RestServiceClient <PermissionModel>(UserLogin);
service.SetCookies(this.Request.Cookies, _hrm_Sys_Service);
PermissionModel result = service.Post(_hrm_Sys_Service, "api/SysPermission/", permissionModel);
bool isAccess = result == null ? false : result.IsAllowAccess;
return(isAccess);
}
/// <summary> Kiểm tra quyền cho user </summary>
/// <param name="userId"></param>
/// <param name="privilegeType"></param>
/// <param name="permission"></param>
/// <returns></returns>
public bool CheckPermission(Guid userId, PrivilegeType privilegeType, string permission)
{
return(true);
var permissionModel = new PermissionModel
{
UserID = userId,
PrivilegeType = privilegeType,
Permission = permission
};
var service = new RestServiceClient <PermissionModel>();
service.SetCookies(this.Request.Cookies, _hrm_Sys_Service);
PermissionModel result = service.Post(_hrm_Sys_Service, "api/SysPermission/", permissionModel);
return(result.IsAllowAccess);
}
/// <summary>
/// Kiểm tra người dùng có quyền thao tác trên một permission hay không?
/// </summary>
/// <param name="userID">User cần kiểm tra</param>
/// <param name="privilegeType">Loại thao tác</param>
/// <param name="permission">Tên quyền cần kiểm tra</param>
/// <returns></returns>
public bool CheckPermission(Guid userID, PrivilegeType privilegeType, string permission)
{
// return true;
//if (Common.UserNameSystem == userID.ToString())
//{
// return true;
//}
if (userID == Guid.Empty)
{
return true;
}
SecurityRepository security = new SecurityRepository();
return security.CheckPermission(userID, privilegeType, permission);
}
protected static void SetPrivilegeLevel(
Dictionary <PrivilegeType, SecurityPrivilegeMetadata> availablePrivilegesTypes
, PrivilegeDepthExtended?initialValue
, PrivilegeDepthExtended?currentValue
, PrivilegeType privilegeType
, Dictionary <Guid, PrivilegeDepth> privilegesAdd
, HashSet <Guid> privilegesRemove
)
{
if (currentValue == initialValue)
{
return;
}
if (privilegeType == PrivilegeType.None ||
!availablePrivilegesTypes.ContainsKey(privilegeType)
)
{
return;
}
var privilege = availablePrivilegesTypes[privilegeType];
if (privilege == null)
{
return;
}
if (currentValue == PrivilegeDepthExtended.None)
{
privilegesRemove.Add(privilege.PrivilegeId);
}
else if (currentValue.HasValue)
{
if (privilegesAdd.ContainsKey(privilege.PrivilegeId))
{
privilegesAdd[privilege.PrivilegeId] = (PrivilegeDepth)Math.Max((int)currentValue.Value, (int)privilegesAdd[privilege.PrivilegeId]);
}
else
{
privilegesAdd.Add(privilege.PrivilegeId, (PrivilegeDepth)currentValue.Value);
}
}
}
public string RevokePrivilege(PrivilegeType privilege, string table, string profile, User user)
{
if (!(user.GetName() == "admin"))
{
return(Messages.SecurityNotSufficientPrivileges);
}
else
{
Profile pr = GetProfile(profile);
if (!profiles.Contains(pr))
{
return(Messages.SecurityProfileDoesNotExist);
}
else
{
return(pr.DeletePrivilege(privilege, table));
}
}
}
public void HasPrivilege2()
{
string privilege = "TestPriv";
string cvrNumber = "29537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:cVRnumberIdentifier:" + cvrNumber;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
ap.Load(at);
Assert.IsFalse(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.ProductionUnit, cvrNumber, privilege), "User unexpectedly has privilege");
}
public bool CheckPrivilege(User user, PrivilegeType privilege, string table)
{
if (user.GetName() == "admin")
{
return(true);
}
else
{
Profile pr = user.GetProfile();
if (pr.GetHashTable().ContainsKey(table))
{
if (pr.GetHashTable()[table].Contains(privilege))
{
return(true);
}
}
}
return(false);
}
public void HasPrivilege3()
{
string privilege = "TestPriv";
string productionUnit = "6029537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:productionUnitIdentifier:" + productionUnit;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
ap.Load(at);
Assert.That(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.ProductionUnit, productionUnit, privilege), "User unexpectedly does not have privilege for production unit");
}
public Boolean grant(PrivilegeType privilege_type, Table table, String security_profile)
{
//GRANT privilege_type ON table TO security_profile;
/*
*
* Table, Security_profile, privilege_type
*
* Clientes, DELETE, Admin
* Empresa, INSERT, User
* Empresa, DELETE, Admin
* Empleado, SELECT, User
* Departamentos, UPDATE, Admin
*
*/
//tablaPrivilegios.Add(privilege_type.ToString + table.ToString + security_profile);
return(false);
}
public void LoadFromStronglyTypedObject()
{
string privilege = "TestPriv";
string cvrNumber = "29537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:cVRnumberIdentifier:" + cvrNumber;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
ap.Load(at);
Assert.That(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.CvrNumber, cvrNumber, privilege), "User does not have expected privilege");
}
public string DeletePrivilege(PrivilegeType privilege, string table)
{
if (hashtable.ContainsKey(table))
{
if (hashtable[table].Contains(privilege))
{
List <PrivilegeType> newList = hashtable[table];
newList.Remove(privilege);
hashtable[table] = newList;
return(Messages.SecurityPrivilegeRevoked);
}
else
{
return(Messages.SecurityPrivilegeDoesNotExist);
}
}
else
{
return(Messages.SecurityPrivilegeDoesNotExist);
}
}
public void HasPrivilege3()
{
string privilege = "TestPriv";
string productionUnit = "6029537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:productionUnitIdentifier:" + productionUnit;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
ap.Load(at);
Assert.That(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.ProductionUnit, productionUnit, privilege), "User unexpectedly does not have privilege for production unit");
}
public void HasPrivilege2()
{
string privilege = "TestPriv";
string cvrNumber = "29537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:cVRnumberIdentifier:" + cvrNumber;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
ap.Load(at);
Assert.IsFalse(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.ProductionUnit, cvrNumber, privilege), "User unexpectedly has privilege");
}
public void LoadFromStronglyTypedObject()
{
string privilege = "TestPriv";
string cvrNumber = "29537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:cVRnumberIdentifier:" + cvrNumber;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
ap.Load(at);
Assert.That(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.CvrNumber, cvrNumber, privilege), "User does not have expected privilege");
}
/// <summary>
/// Kiểm tra người dùng có quyền thao tác trên một permission hay không?
/// </summary>
/// <param name="userID">User cần kiểm tra</param>
/// <param name="privilegeType">Loại thao tác</param>
/// <param name="permission">Tên quyền cần kiểm tra</param>
/// <returns></returns>
public bool CheckPermission(Guid userID, PrivilegeType privilegeType, string permission)
{
bool result = false;
if (userID != Guid.Empty)
{
var listDataPermission = GetPermission(userID);
if (listDataPermission != null && listDataPermission.Count() > 0)
{
result = listDataPermission.Any(d => d.ListGroupPermission != null && d.ListGroupPermission.Any(p =>
p.ResourceName == permission && SecurityHelper.CheckPrivilege(privilegeType, p.PrivilegeNumber.GetInteger())));
}
}
else
{
result = true;
}
return(result);
}
//<summary> Kiểm tra quyền cho user </summary>
//<param name="privilegeType"></param>
//<param name="permission"></param>
//<returns></returns>
public JsonResult CheckPermission(PrivilegeType privilegeType, string permission)
{
// return Json(true, JsonRequestBehavior.AllowGet);
var isSuccess = true;
Guid userId = Guid.Empty;
if (Request[SessionObjects.UserId] != null)
{
Guid.TryParse(Request[SessionObjects.UserId].ToString(), out userId);
if (userId != Guid.Empty)
{
Session[SessionObjects.UserId] = userId;
}
}
else
{
if (Session[SessionObjects.UserId] != null)
{
Guid.TryParse(Session[SessionObjects.UserId].ToString(), out userId);
}
}
if (permission == "#" || permission == "Home")
{
//dấu # : khi click vào phân trang (|< < > >|) thì permission sẽ trả về '#'
return Json(true, JsonRequestBehavior.AllowGet);
}
var permissionModel = new PermissionModel
{
UserID = userId,
PrivilegeType = privilegeType,
Permission = permission
};
var service = new RestServiceClient<PermissionModel>(UserLogin);
service.SetCookies(this.Request.Cookies, _hrm_Sys_Service);
PermissionModel result = service.Post(_hrm_Sys_Service, "api/SysPermission/", permissionModel);
bool isAccess = result == null ? false : result.IsAllowAccess;
return Json(isAccess, JsonRequestBehavior.AllowGet);
}
private void FillAddPrivilege(PrivilegeDepthExtended initialValue
, PrivilegeDepthExtended currentValue
, PrivilegeType privilegeType
, Dictionary <Guid, PrivilegeDepth> privilegesAdd
)
{
if (currentValue == initialValue)
{
return;
}
if (privilegeType == PrivilegeType.None ||
EntityPrivileges == null ||
!EntityPrivileges.Any()
)
{
return;
}
var privilege = EntityPrivileges.FirstOrDefault(p => p.PrivilegeType == privilegeType);
if (privilege == null)
{
return;
}
if (currentValue != PrivilegeDepthExtended.None)
{
if (privilegesAdd.ContainsKey(privilege.PrivilegeId))
{
privilegesAdd[privilege.PrivilegeId] = (PrivilegeDepth)Math.Max((int)currentValue, (int)privilegesAdd[privilege.PrivilegeId]);
}
else
{
privilegesAdd.Add(privilege.PrivilegeId, (PrivilegeDepth)currentValue);
}
}
}
public void HasPrivilege5()
{
string privilege = "SomePrivilege";
string productionUnit = "6029537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:productionUnitIdentifier:" + productionUnit;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
string xml = Serialization.SerializeToXmlString(at);
ap.Load(Convert.ToBase64String(Encoding.UTF8.GetBytes(xml)));
Assert.That(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.ProductionUnit, productionUnit, privilege), "User unexpectedly does not have privilege for production unit");
}
public string AddPrivilege(PrivilegeType privilege, string table)
{
if (hashtable.ContainsKey(table))
{
if (hashtable[table].Contains(privilege))
{
return(Messages.SecurityPrivilegeAlreadyGranted);
}
else
{
List <PrivilegeType> newList = hashtable[table];
newList.Add(privilege);
hashtable[table] = newList;
return(Messages.SecurityPrivilegeGranted);
}
}
else
{
List <PrivilegeType> newList = new List <PrivilegeType>();
newList.Add(privilege);
hashtable.Add(table, newList);
return(Messages.SecurityPrivilegeGranted);
}
}
public SecurityTypeModel(PrivilegeType priv)
{
_priv = priv;
}
/// <summary>
/// Add a privilege to the current role.
/// </summary>
/// <param name="Service">Organization Service</param>
/// <param name="EntityLogicalName">Entity Logical Name</param>
/// <param name="Type">Privilege Type</param>
/// <param name="Depth">Privilege Level</param>
public void AddPrivilege(IOrganizationService Service, string EntityLogicalName, PrivilegeType Type, PrivilegeDepth Depth)
{
RetrieveEntityRequest RERequest = new RetrieveEntityRequest()
{
LogicalName = base.LogicalName, EntityFilters = Microsoft.Xrm.Sdk.Metadata.EntityFilters.Privileges
};
RetrieveEntityResponse REResponse = Service.Execute(RERequest) as RetrieveEntityResponse;
SecurityPrivilegeMetadata Privilege = (from Priv in REResponse.EntityMetadata.Privileges where Priv.PrivilegeType == Type select Priv).FirstOrDefault();
if (Privilege != null)
{
AddPrivilegesRoleRequest Request = new AddPrivilegesRoleRequest()
{
RoleId = this.Id,
Privileges = new RolePrivilege[] {
new RolePrivilege {
BusinessUnitId = this.GetAttributeValue <Guid>("businessunitid"), PrivilegeId = Privilege.PrivilegeId, Depth = Depth
}
}
};
Service.Execute(Request);
}
}
public bool UserIsAllowed(PrivilegeType privelege)
{
return true;
}
private PrivilegeDepthExtended GetPrivilegeLevel(IEnumerable <RolePrivilege> rolePrivileges, PrivilegeType privilegeType)
{
if (privilegeType != PrivilegeType.None &&
EntityMetadata != null &&
EntityMetadata.Privileges != null &&
EntityMetadata.Privileges.Any()
)
{
var privilege = EntityMetadata.Privileges.FirstOrDefault(p => p.PrivilegeType == privilegeType);
if (privilege != null)
{
this._availablePrivilegesTypes.Add(privilegeType, privilege);
var rolePrivilege = rolePrivileges.FirstOrDefault(p => p.PrivilegeId == privilege.PrivilegeId);
if (rolePrivilege != null)
{
return((PrivilegeDepthExtended)rolePrivilege.Depth);
}
}
}
return(PrivilegeDepthExtended.None);
}
public List<string> GetPermission(Guid userID, PrivilegeType privilegeType)
{
if (userID != Guid.Empty)
{
var listDataPermission = GetPermission(userID);
if (listDataPermission != null && listDataPermission.Count() > 0)
{
var listGroupPermission = listDataPermission.Where(d => d.ListGroupPermission != null && d.ListGroupPermission.Any(p =>
SecurityHelper.CheckPrivilege(privilegeType, p.PrivilegeNumber.GetInteger()))).SelectMany(d => d.ListGroupPermission);
return listGroupPermission.Where(m=>m.PrivilegeNumber!=0).Select(d=>d.ResourceName).Distinct().ToList();
}
}
return new List<string>();
}
public void HasPrivilege5()
{
string privilege = "SomePrivilege";
string productionUnit = "6029537682";
AuthorisationsParser ap = new AuthorisationsParser();
AuthorisationsType at = new AuthorisationsType();
PrivilegeType priv = new PrivilegeType();
priv.Value = privilege;
AuthorisationType auth = new AuthorisationType();
auth.resource = "urn:dk:cvr:productionUnitIdentifier:" + productionUnit;
auth.Privilege.Add(priv);
at.Authorisations.Add(auth);
string xml = Serialization.SerializeToXmlString(at);
ap.Load(Convert.ToBase64String(Encoding.UTF8.GetBytes(xml)));
Assert.That(ap.HasPrivilege(AuthorisationsParser.PrivilegeFor.ProductionUnit, productionUnit, privilege), "User unexpectedly does not have privilege for production unit");
}
public GrantPrivilege(PrivilegeType privilege, string table, string profile)
{
m_table = table;
m_privilege = privilege;
m_profile = profile;
}
public bool AvailablePrivilegeType(PrivilegeType privilegeType) => _availablePrivilegesTypes.ContainsKey(privilegeType);
public JsonResult CheckPermissionAction(PrivilegeType privilegeType, string permission)
{
var isAccess = CheckPermission(privilegeType, permission);
return(Json(isAccess, JsonRequestBehavior.AllowGet));
}
public RevokePrivilege(PrivilegeType privilege, string table, string profile)
{
m_table = table;
m_privilege = privilege;
m_profile = profile;
}
/// <summary>
/// Kiểm tra người dùng có quyền thao tác trên một permission hay không?
/// </summary>
/// <param name="userID">User cần kiểm tra</param>
/// <param name="privilegeType">Loại thao tác</param>
/// <param name="permission">Tên quyền cần kiểm tra</param>
/// <returns></returns>
public bool CheckPermission(Guid userID, PrivilegeType privilegeType, string permission)
{
bool result = false;
if (userID != Guid.Empty)
{
var listDataPermission = GetPermission(userID);
if (listDataPermission != null && listDataPermission.Count() > 0)
{
result = listDataPermission.Any(d => d.ListGroupPermission != null && d.ListGroupPermission.Any(p =>
p.ResourceName == permission && SecurityHelper.CheckPrivilege(privilegeType, p.PrivilegeNumber.GetInteger())));
}
}
else
{
result = true;
}
return result;
}