protected override void CheckUserAuthorization(HttpContext context)
{
ManagerInfo manager = HiContext.Current.Manager;
int num;
if (manager != null)
{
int roleId = manager.RoleId;
SystemRoles systemRoles = SystemRoles.StoreAdmin;
if (roleId != systemRoles.GetHashCode())
{
int roleId2 = manager.RoleId;
systemRoles = SystemRoles.ShoppingGuider;
num = ((roleId2 != systemRoles.GetHashCode()) ? 1 : 0);
}
else
{
num = 0;
}
}
else
{
num = 1;
}
if (num != 0)
{
throw new HidistroAshxException("权限不足");
}
if (Users.GetStoreState(HiContext.Current.Manager.StoreId))
{
return;
}
throw new HidistroAshxException("门店未开启或状态异常");
}
public void AddRole(SystemRoles role)
{
if (SystemRoles.Missing(role))
{
SystemRoles.Add(role);
}
}
public void Delete(SystemRoles val)
{
_insertParameters = new SystemRoleDeleteDataParameters(val);
DataBaseHelper dbHelper = new DataBaseHelper(StoredProcedureName);
dbHelper.Run(base.ConnectionString, _insertParameters.Parameters);
}
protected override void CheckUserAuthorization(HttpContext context)
{
ManagerInfo manager = HiContext.Current.Manager;
if (manager == null)
{
throw new HidistroAshxException("未登录");
}
int roleId = manager.RoleId;
SystemRoles systemRoles = SystemRoles.StoreAdmin;
int num;
if (roleId != systemRoles.GetHashCode())
{
int roleId2 = manager.RoleId;
systemRoles = SystemRoles.ShoppingGuider;
if (roleId2 != systemRoles.GetHashCode())
{
int roleId3 = manager.RoleId;
systemRoles = SystemRoles.SupplierAdmin;
num = ((roleId3 == systemRoles.GetHashCode()) ? 1 : 0);
goto IL_006d;
}
}
num = 1;
goto IL_006d;
IL_006d:
if (num != 0)
{
throw new HidistroAshxException("权限不足");
}
AdministerCheckAttribute administerCheckAttribute = (AdministerCheckAttribute)Attribute.GetCustomAttribute(base.GetType(), typeof(AdministerCheckAttribute));
int num2;
if (administerCheckAttribute != null && administerCheckAttribute.AdministratorOnly)
{
int roleId4 = manager.RoleId;
systemRoles = SystemRoles.SystemAdministrator;
num2 = ((roleId4 != systemRoles.GetHashCode()) ? 1 : 0);
}
else
{
num2 = 0;
}
if (num2 != 0)
{
throw new HidistroAshxException("权限不足");
}
PrivilegeCheckAttribute privilegeCheckAttribute = (PrivilegeCheckAttribute)Attribute.GetCustomAttribute(base.GetType(), typeof(PrivilegeCheckAttribute));
if (privilegeCheckAttribute == null)
{
return;
}
if (ManagerHelper.HasPrivilege((int)privilegeCheckAttribute.Privilege, manager))
{
return;
}
throw new HidistroAshxException("权限不足");
}
public static ProfileRole FromSystemRole(this SystemRoles systemRole)
{
return(new ProfileRole()
{
Role = systemRole
});
}
public bool IsUserInRole(SystemRoles role)
{
AutorizationType = AutorizationType.Authorize;
InitializeActions();
Route = "GetUserProfile";
Method = HttpVerbs.Post;
ExpectedResponseType = typeof(User);
ExpectedResponseHttpStatusCode = HttpStatusCode.OK;
var value = new UserProfileModel();
value.Accesstoken = LoginResult.AccessToken;
Body = JsonConvert.SerializeObject(value);
var result = accountActions.RunAPI <User>(EndPoint, Route, Method, Body);
Verification(accountActions, result);
JToken res = null;
if (result.ProviderAttributes.TryGetValue("roles", out res))
{
var jValues = res.Cast <JValue>().ToArray();
var test = jValues.Any(i => i.Value.ToString() == role.ToString());
return(test);
}
return(false);
}
public void RemoveRole(SystemRoles role)
{
if (SystemRoles.Contains(role))
{
SystemRoles.Remove(role);
}
}
public void Add(SystemRoles dep)
{
_insertParameters = new SystemRoleInsertDataParameters(dep);
DataBaseHelper dbHelper = new DataBaseHelper(StoredProcedureName);
dbHelper.Run(base.ConnectionString, _insertParameters.Parameters);
}
public DataSet GetSystemRoleById(SystemRoles val)
{
DataSet resultSet = new DataSet();
SystemRoleSelectByIdDAL instance = new SystemRoleSelectByIdDAL();
resultSet = instance.View(val);
return(resultSet);
}
public SuperAdminSeed(RoleManager <IdentityRole> roleManager, UserManager <ApplicationUser> userManager, IOptions <SystemRoles> systemRoles,
IOptions <AppSettings.SuperAdmin> superAdmin)
{
_roleManager = roleManager;
_userManager = userManager;
_systemRoles = systemRoles.Value;
_superAdmin = superAdmin.Value;
}
public FinanceManagementRepository(IMSDbContext imsDbContext,
IOptions <SystemRoles> systemRoles,
IOptions <InitialFinancePaymentTypes> initialFinancePaymentTypes)
{
_imsDbContext = imsDbContext;
_systemRoles = systemRoles.Value;
_initialFinancePaymentTypes = initialFinancePaymentTypes.Value;
}
public void Initialize()
{
//Need to change the Autorization logic in order to check the Role
AutorizationType = AutorizationType.Authorize;
AccessedSystemRoles = new SystemRoles[3] {
SystemRoles.AgencyAdmin, SystemRoles.Administrator, SystemRoles.Agent
};
}
public SystemRoles SystemRolesModelToSystemRoles(SystemRolesModel SystemRolesModel)
{
var SystemRoles = new SystemRoles();
SystemRoles.Id = SystemRolesModel.ID;
SystemRoles.Role = SystemRolesModel.Role;
SystemRoles.Status = SystemRolesModel.Status;
return(SystemRoles);
}
public DataSet View(SystemRoles val)
{
DataSet ds;
DataBaseHelper dbHelper = new DataBaseHelper(StoredProcedureName);
_insertParameters = new SystemRoleSelectDataParameters(val);
ds = dbHelper.Run(ConnectionString, _insertParameters.Parameters);
return(ds);
}
public StaffPlannerManagementRepository(IMSDbContext imsDbContext,
IInstituteUserMappingHelperService instituteUserMappingHelperService,
INotificationManagementRepository notificationManagementRepository,
IOptions <SystemRoles> systemRoles)
{
_imsDbContext = imsDbContext;
_instituteUserMappingHelperService = instituteUserMappingHelperService;
_notificationManagementRepository = notificationManagementRepository;
_systemRoles = systemRoles.Value;
}
public SystemRolesModel SystemRolesToSystemRolesModel(SystemRoles SystemRoles)
{
IApplicationLogic applicationLogic = new ApplicationLogic(_session);
var SystemRolesModel = new SystemRolesModel();
SystemRolesModel.ID = SystemRoles.Id;
SystemRolesModel.Role = SystemRoles.Role;
SystemRolesModel.Status = SystemRoles.Status;
return(SystemRolesModel);
}
public ManagerInfo FindManagerByStoreId(int storeId, SystemRoles role)
{
DbCommand sqlStringCommand = base.database.GetSqlStringCommand("SELECT * FROM [dbo].[aspnet_Managers] WHERE StoreId = @StoreId AND RoleId = @RoleId");
base.database.AddInParameter(sqlStringCommand, "StoreId", DbType.Int32, storeId);
base.database.AddInParameter(sqlStringCommand, "RoleId", DbType.Int32, (int)role);
ManagerInfo result = null;
using (IDataReader objReader = base.database.ExecuteReader(sqlStringCommand))
{
result = DataHelper.ReaderToModel <ManagerInfo>(objReader);
}
return(result);
}
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
var identity = (Identity)Thread.CurrentPrincipal.Identity;
var isAuthenticated = false;
if (identity.IsAuthenticated)
{
var controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var action = filterContext.ActionDescriptor.ActionName;
var roles = SystemRoles.ActionRoles(controller, action);
var roleGuids = new List <string>();
if (roles != null)
{
roleGuids.AddRange(roles.Select(role => role.RoleCode));
}
if (roleGuids.Count > 0)
{
if (identity.Roles.Any(userRole => roleGuids.Contains(userRole)))
{
isAuthenticated = true;
}
}
else
{
isAuthenticated = true;
}
}
if (!isAuthenticated)
{
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary
{
{ "controller", "Redirection" },
{ "action", "RedirectAction" },
{ "message", Messages.DangerNoPermission },
{ "cssClass", "alert alert-danger" },
{ "timeout", 2 },
{ "url", "/" + identity.LanguageCode + "/Account/MyAccount" }
});
}
base.OnActionExecuted(filterContext);
}
protected override void ConfigureSecurity(ExecutionContext context)
{
context.Assertions.Add(c => {
if (SystemRoles.IsSystemRole(RoleName))
{
return(AssertResult.Deny(new SecurityException(String.Format("The role '{0}' is system protected.", RoleName))));
}
return(AssertResult.Allow());
});
context.Assertions.Add(c => {
if (!c.User.CanDropRole(RoleName))
{
return(AssertResult.Deny(new SecurityException(String.Format("User '{0}' has not enough rights to drop a role.", c.User.Name))));
}
return(AssertResult.Allow());
});
}
public CircularNoticeManagementRepository(IMSDbContext imsDbContext,
IOptions <SystemRoles> systemRoles,
IOptions <EmailConfiguration> emailConfiguration,
ISmsService smsService,
IEmailService emailService,
INotificationManagementRepository notificationManagementRepository,
ITemplateManagementRepository templateManagementRepository,
IOptions <TemplateManagementTypes> templateManagementTypes,
IEventManagementRepository eventManagementRepository)
{
_imsDbContext = imsDbContext;
_systemRoles = systemRoles.Value;
_emailConfiguration = emailConfiguration.Value;
_smsService = smsService;
_emailService = emailService;
_notificationManagementRepository = notificationManagementRepository;
_templateManagementRepository = templateManagementRepository;
_templateManagementTypes = templateManagementTypes.Value;
_eventManagementRepository = eventManagementRepository;
}
public UserManagementRepository(IMSDbContext iMSDbContext,
UserManager <ApplicationUser> userManager,
IEmailService emailService,
IOptions <EmailConfiguration> emailConfiguration,
IOptions <SystemRoles> systemRoles,
IOptions <StringConstants> stringConstants,
IInstituteUserMappingHelperService instituteUserMappingHelperService,
ITimeTableManagementRepository timeTableManagementRepository,
INotificationManagementRepository notificationManagementRepository,
IStaffActivityManagementRepository staffActivityManagementRepository)
{
_iMSDbContext = iMSDbContext;
_userManager = userManager;
_emailService = emailService;
_emailConfiguration = emailConfiguration.Value;
_systemRoles = systemRoles.Value;
_stringConstants = stringConstants.Value;
_instituteUserMappingHelperService = instituteUserMappingHelperService;
_timeTableManagementRepository = timeTableManagementRepository;
_notificationManagementRepository = notificationManagementRepository;
_staffActivityManagementRepository = staffActivityManagementRepository;
}
public static string GetSystemRolesString(SystemRoles systemRoles)
{
switch (systemRoles)
{
case SystemRoles.Admin: return("Admin");
case SystemRoles.Advisor: return("Advisor");
case SystemRoles.Judge: return("Judge");
case SystemRoles.Leader: return("Leader");
case SystemRoles.Student: return("Student");
case SystemRoles.CoAdvisor: return("Co-Advisor");
case SystemRoles.SafetyAdmin: return("Safety Admin");
case SystemRoles.Lab: return("Lab Admin");
default: return("");
}
}
private int InsertRoleAndAccess(int instanceId, SystemRoles systemRole, IEnumerable components, AccessLevel accessLevel)
{
var role = new Role
{
InstanceId = instanceId,
RoleType = systemRole,
RoleName = systemRole.GetDescription()
};
Db.Save(role);
foreach (var component in components)
{
if ((int)component == (int)AccessComponent.None)
continue;
var componentsToRole = new ComponentRole
{
InstanceId = instanceId,
AccessLevel = accessLevel,
ComponentId = (int)component,
RoleId = role.RoleId
};
Db.Save(componentsToRole);
}
return role.RoleId;
}
public void Initialize()
{
AutorizationType = AutorizationType.Authorize;
AccessedSystemRoles = new SystemRoles[] { SystemRoles.AgencyAdmin, SystemRoles.Administrator, SystemRoles.Agent };
}
private int GetSystemRole(SystemRoles roleType)
{
if (roleType == SystemRoles.None)
throw new Exception();
var roleId = Db.GetSystemRoleId(roleType);
if(!roleId.HasValue)
throw new Exception();
return roleId.Value;
}
public SystemRoleInsertDataParameters(SystemRoles dep)
{
SystemRoles = dep;
Build();
}
/// <summary>
/// 保存,添加,修改角色
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public Result SaveRoles(RoleModel model)
{
Result result = new Result();
var list = base.Query <SystemRoles>().ToList();
if (list.Any(t => t.Name == model.Name && t.Id != model.Id))
{
return(result.SetStatus(ErrorCode.Existed, "已存在同名的角色定义"));
}
SystemRoles role;
if (model.Id < 1)
{
int newId = 1;
while (list.Any(t => t.Id == newId))
{
newId = newId * 2;
}
role = new SystemRoles {
Id = newId
};
base.Add(role);
}
else
{
role = base.Single <SystemRoles>(t => t.Id == model.Id);
if (role == null)
{
return(result.SetStatus(ErrorCode.NotFound, "角色不存在"));
}
base.Update(role);
}
role.Name = model.Name;
if (model.Menus != null)
{
var o1 = base.Where <SystemRolePermission>(t => t.RoleId == role.Id).ToList();
o1.ForEach(t =>
{
if (!model.Menus.Contains(t.ActionId))
{
base.Delete(t);
}
});
var _actions = o1.Select(t => t.ActionId).ToList();
model.Menus.ForEach(t =>
{
if (!_actions.Contains(t))
{
base.Add(new SystemRolePermission {
RoleId = role.Id, ActionId = t, CreateTime = DateTime.Now
});
}
});
}
base.Save();
#region 清除缓存
//
_RolePermissions.Clear();
currentMenus = new Dictionary <int, List <MenuModel> >();
#endregion
role.Menus = model.Menus;
result.Data = role;
return(result);
}
public static bool IsUserInRole(string userName, SystemRoles role)
{
return(GetUserRolesByName(userName).Any(r => r == role.ToString("F")));
}
public void Update(SystemRoles val)
{
}
public void Delete(SystemRoles val)
{
SystemRoleDeleteDAL instance = new SystemRoleDeleteDAL();
instance.Delete(val);
}
public void Add(SystemRoles val)
{
SystemRoleInsertDAL instance = new SystemRoleInsertDAL();
instance.Add(val);
}
public bool HasSystemRole(SystemRoles role) => Me.SystemRoles.Contains(role);
