Exemplo n.º 1
0
        protected override async Task <PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permission, string providerName, string providerKey)
        {
            var result = new PermissionWithGrantedProviders(permission.Name, false);

            if (!permission.IsEnabled)
            {
                return(result);
            }

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                return(result);
            }

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                return(result);
            }

            // 这么做的坏处就是没法给特定的Provider设定是否授权字段
            // result.Providers 会出现假数据 UserPermissionProvider未授权, 而所属的

            result.IsGranted = await IsGrantedAsync(permission.Name, providerName, providerKey);

            return(result);
        }
Exemplo n.º 2
0
        protected virtual async Task <PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permission, string providerName, string providerKey)
        {
            var result = new PermissionWithGrantedProviders(permission.Name, false);

            if (!permission.IsEnabled)
            {
                return(result);
            }

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                return(result);
            }

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                return(result);
            }

            foreach (var provider in ManagementProviders)
            {
                var providerResult = await provider.CheckAsync(permission.Name, providerName, providerKey);

                if (providerResult.IsGranted)
                {
                    result.IsGranted = true;
                    result.Providers.Add(new PermissionValueProviderInfo(provider.Name, providerResult.ProviderKey));
                }
            }

            return(result);
        }
Exemplo n.º 3
0
        private async Task <GetMenuGrantListResultDto> InternalGetAsync(string providerName, string providerKey)
        {
            var allMenus         = _menuRepository.ToList();
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();

            var menuGrants = new List <MenuGrantInfoDto>();

            foreach (var menu in allMenus)
            {
                if (!menu.MultiTenancySide.HasFlag(multiTenancySide))
                {
                    continue;
                }

                var grantInfo = await _menuManager.GetAsync(menu.Id, providerName, providerKey);

                menuGrants.Add(new MenuGrantInfoDto
                {
                    Id               = menu.Id,
                    Name             = menu.Name,
                    DisplayName      = menu.DisplayName,
                    PermissionKey    = menu.PermissionKey,
                    IsGranted        = grantInfo.IsGranted,
                    GrantedProviders = grantInfo.Providers
                });
            }

            return(new GetMenuGrantListResultDto
            {
                MenuGrants = menuGrants
            });
        }
Exemplo n.º 4
0
        public virtual async Task SetAsync(string permissionName, string providerName, string providerScope, string providerKey)
        {
            var permission = PermissionDefinitionManager.Get(permissionName);

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                throw new RocketException($"The permission named '{permission.Name}' has not compatible with the provider named '{providerName}'");
            }

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                throw new RocketException($"The permission named '{permission.Name}' has multitenancy side '{permission.MultiTenancySide}' which is not compatible with the current multitenancy side '{CurrentTenant.GetMultiTenancySide()}'");
            }

            var currentGrantInfo = await GetInternalAsync(permission, providerName, providerKey);

            if (currentGrantInfo.Scope == providerScope)
            {
                return;
            }

            var provider = Providers.FirstOrDefault(m => m.Name == providerName);

            if (provider == null)
            {
                throw new RocketException("Unknown permission management provider: " + providerName);
            }

            await provider.SetAsync(permissionName, providerKey, providerScope);
        }
Exemplo n.º 5
0
        public async Task SetAsync(string permissionName, string providerName, string providerKey, bool isGranted)
        {
            var permission = PermissionDefinitionManager.Get(permissionName);

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                //TODO: BusinessException
                throw new ApplicationException($"The permission named '{permission.Name}' has not compatible with the provider named '{providerName}'");
            }

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                //TODO: BusinessException
                throw new ApplicationException($"The permission named '{permission.Name}' has multitenancy side '{permission.MultiTenancySide}' which is not compatible with the current multitenancy side '{CurrentTenant.GetMultiTenancySide()}'");
            }

            var currentGrantInfo = await GetInternalAsync(permission, providerName, providerKey);

            if (currentGrantInfo.IsGranted == isGranted)
            {
                return;
            }

            var provider = ManagementProviders.FirstOrDefault(m => m.Name == providerName);

            if (provider == null)
            {
                //TODO: BusinessException
                throw new AbpException("Unknown permission management provider: " + providerName);
            }

            await provider.SetAsync(permissionName, providerKey, isGranted);
        }
Exemplo n.º 6
0
        public override Task<PagedResultDto<MenuDto>> GetListAsync(MenuRequestDto input)
        {
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();

            var allMenus = Repository
                .WhereIf(input.Type.HasValue, m => m.MenuType == input.Type)
                .WhereIf(!input.Name.IsNullOrWhiteSpace(), m => m.DisplayName.Contains(input.Name))
                .WhereIf(multiTenancySide == MultiTenancySides.Tenant,
                    m => m.MultiTenancySide != MultiTenancySides.Host)
                .ToList();

            var root = allMenus
                .Where(x => !x.ParentId.HasValue) // 没有parentId
                .Union(
                    // 有parentId,但是“allMenus"中不存在他的Parent。
                    allMenus.Where(x => x.ParentId.HasValue).Where(x => allMenus.All(y => x.ParentId != y.Id))
                )
                .OrderBy(x => x.Sort);

            var menuDtos = new List<MenuDto>();
            foreach (var menu in root)
            {
                var dto = ObjectMapper.Map<Menu, MenuDto>(menu);
                menuDtos.Add(dto);
                // AddChildrenMenuRecursively(dto, allMenus);

                SortChildrenMenu(dto);
            }

            return Task.FromResult(new PagedResultDto<MenuDto>(allMenus.Count, menuDtos));
        }
Exemplo n.º 7
0
        public virtual async Task <PermissionGrantResult> GetResultAsync(
            ClaimsPrincipal claimsPrincipal,
            string name)
        {
            Check.NotNull(name, nameof(name));

            var permission = PermissionDefinitionManager.Get(name);

            if (!permission.IsEnabled)
            {
                return(PermissionGrantResult.Prohibited);
            }

            var multiTenancySide = claimsPrincipal?.GetMultiTenancySide() ??
                                   CurrentTenant.GetMultiTenancySide();

            if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
            {
                return(PermissionGrantResult.Prohibited);
            }

            var context = new PermissionValueCheckContext(permission, claimsPrincipal);

            // 可选权限策略:一、获取最大权限;二、以用户权限为主
            // 当前权限策略:用户权限为主(用户权限 > 角色权限 > 客户端权限)
            // 对权限提供程序排序,用户权限放到第一位
            var providers = PermissionValueProviderManager.ValueProviders.OrderByDescending(m => m.Name).ToList();

            var permissionGrantResult = PermissionGrantResult.Undefined;

            foreach (var provider in providers)
            {
                if (context.Permission.Providers.Any() && !context.Permission.Providers.Contains(provider.Name))
                {
                    continue;
                }

                var result = await provider.GetResultAsync(context);

                // 用户权限为主(用户权限 > 角色权限 > 客户端权限)
                if (Options.PermissionPolicy == PermissionPolicy.User)
                {
                    permissionGrantResult = result;
                    break;
                }
                else
                {
                    // 最大权限为主
                    if (result?.GrantType == PermissionGrantType.Granted && result?.ScopeType > permissionGrantResult.ScopeType)
                    {
                        permissionGrantResult = result;
                    }
                }
            }

            return(permissionGrantResult);
        }
Exemplo n.º 8
0
        protected virtual async Task <PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permission, string providerName, string providerKey)
        {
            var result = new PermissionWithGrantedProviders(permission.Name, false);

            if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
            {
                return(result);
            }

            if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
            {
                return(result);
            }

            // 可选权限策略:一、获取最大权限;二、以用户权限为主
            // 当前权限策略:以用户权限为主(用户权限 > 角色权限 > 客户端权限)
            // 对权限提供程序排序,用户权限放到最后赋值,覆盖前者权限
            foreach (var provider in Providers)
            {
                var providerResult = await provider.CheckAsync(permission.Name, providerName, providerKey);

                if (providerResult.IsGranted)
                {
                    result.IsGranted = true;
                    // 以用户权限为主,将用户权限解析程序放到最后赋值,覆盖前者权限(用户权限 > 角色权限 > 客户端权限)
                    if (PermissionOptions.PermissionPolicy == PermissionPolicy.User)
                    {
                        result.Scope = providerResult.ProviderScope;
                    }
                    else
                    {
                        // 以最大权限为主
                        var providerScope = PermissionScopeType.Prohibited;
                        if (Enum.TryParse(providerResult.ProviderScope, out PermissionScopeType ps))
                        {
                            providerScope = ps;
                        }

                        var resultScope = PermissionScopeType.Prohibited;
                        if (Enum.TryParse(result.Scope, out PermissionScopeType rs))
                        {
                            resultScope = rs;
                        }

                        if (providerScope > resultScope)
                        {
                            result.Scope = providerResult.ProviderScope;
                        }
                    }

                    result.Providers.Add(new PermissionValueProviderInfo(provider.Name, providerResult.ProviderScope, providerResult.ProviderKey));
                }
            }

            return(result);
        }
Exemplo n.º 9
0
        public virtual Task<List<AuthPolicyDto>> GetAuthPolicies()
        {
            var result = new List<AuthPolicyDto>();
            var groups = _permissionDefinitionManager.GetGroups();
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();
            foreach (var group in groups)
            {
                if (group.Permissions.Count == 0)
                {
                    continue;
                }

                foreach (var permission in group.Permissions)
                {
                    if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
                    {
                        continue;
                    }

                    var policy = new AuthPolicyDto()
                    {
                        Name = permission.Name,
                        DisplayName = permission.DisplayName.Localize(_stringLocalizerFactory),
                        Children = new List<AuthPolicyDto>
                        {
                            new AuthPolicyDto
                            {
                                Name = permission.Name,
                                DisplayName = permission.DisplayName.Localize(_stringLocalizerFactory)
                            }
                        }
                    };
                    result.Add(policy);

                    foreach (var c in permission.Children)
                    {
                        if (!c.MultiTenancySide.HasFlag(multiTenancySide))
                        {
                            continue;
                        }

                        policy.Children.Add(new AuthPolicyDto
                        {
                            Name = c.Name,
                            DisplayName = c.DisplayName.Localize(_stringLocalizerFactory)
                        });
                    }
                }

                
            }

            return Task.FromResult(result);
        }
Exemplo n.º 10
0
        public async Task <MultiplePermissionGrantResult> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string[] names)
        {
            Check.NotNull(names, nameof(names));

            var multiTenancySide = claimsPrincipal?.GetMultiTenancySide() ?? CurrentTenant.GetMultiTenancySide();

            var result = new MultiplePermissionGrantResult();

            if (!names.Any())
            {
                return(result);
            }

            var permissionDefinitions = new List <PermissionDefinition>();

            foreach (var name in names)
            {
                var permission = PermissionDefinitionManager.Get(name);

                result.Result.Add(name, PermissionGrantResult.Undefined);

                if (permission.IsEnabled &&
                    await PermissionStateManager.IsEnabledAsync(permission) &&
                    permission.MultiTenancySide.HasFlag(multiTenancySide))
                {
                    permissionDefinitions.Add(permission);
                }
            }

            foreach (var provider in PermissionValueProviderManager.ValueProviders)
            {
                var context = new PermissionValuesCheckContext(
                    permissionDefinitions.Where(x => !x.Providers.Any() || x.Providers.Contains(provider.Name)).ToList(),
                    claimsPrincipal);

                var multipleResult = await provider.CheckAsync(context);

                foreach (var grantResult in multipleResult.Result.Where(grantResult =>
                                                                        result.Result.ContainsKey(grantResult.Key) &&
                                                                        result.Result[grantResult.Key] == PermissionGrantResult.Undefined &&
                                                                        grantResult.Value != PermissionGrantResult.Undefined))
                {
                    result.Result[grantResult.Key] = grantResult.Value;
                    permissionDefinitions.RemoveAll(x => x.Name == grantResult.Key);
                }

                if (result.AllGranted || result.AllProhibited)
                {
                    break;
                }
            }

            return(result);
        }
Exemplo n.º 11
0
        public virtual async Task <bool> IsGrantedAsync(
            ClaimsPrincipal claimsPrincipal,
            string name)
        {
            Check.NotNull(name, nameof(name));

            var permission = PermissionDefinitionManager.Get(name);

            if (!permission.IsEnabled)
            {
                return(false);
            }

            if (!await StateCheckerManager.IsEnabledAsync(permission))
            {
                return(false);
            }

            var multiTenancySide = claimsPrincipal?.GetMultiTenancySide()
                                   ?? CurrentTenant.GetMultiTenancySide();

            if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
            {
                return(false);
            }

            var isGranted = false;
            var context   = new PermissionValueCheckContext(permission, claimsPrincipal);

            foreach (var provider in PermissionValueProviderManager.ValueProviders)
            {
                if (context.Permission.Providers.Any() &&
                    !context.Permission.Providers.Contains(provider.Name))
                {
                    continue;
                }

                var result = await provider.CheckAsync(context);

                if (result == PermissionGrantResult.Granted)
                {
                    isGranted = true;
                }
                else if (result == PermissionGrantResult.Prohibited)
                {
                    return(false);
                }
            }

            return(isGranted);
        }
        public virtual Task SeedAsync(DataSeedContext context)
        {
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();
            var permissionNames  = PermissionDefinitionManager
                                   .GetPermissions()
                                   .Where(p => p.MultiTenancySide.HasFlag(multiTenancySide))
                                   .Select(p => p.Name)
                                   .ToArray();

            return(PermissionDataSeeder.SeedAsync(
                       RolePermissionValueProvider.ProviderName,
                       "admin",
                       permissionNames,
                       context.TenantId
                       ));
        }
        public virtual async Task SeedAsync(DataSeedContext context)
        {
            var multiTenancySide      = CurrentTenant.GetMultiTenancySide();
            var permissionDefinitions = PermissionDefinitionManager
                                        .GetPermissions()
                                        .Where(p => p.MultiTenancySide.HasFlag(multiTenancySide))
                                        .ToArray();

            var permissions = new Dictionary <string, string> ();

            foreach (var permissionDefinition in permissionDefinitions)
            {
                var selectedScope = permissionDefinition.Scopes.FirstOrDefault();
                // 系统权限需要首先设置Scope范围
                if (selectedScope == null)
                {
                    throw new RocketException($"No scopes defined for the permission '{permissionDefinition.Name}', please define permission scopes first.");
                }

                // 系统权限需要设置最大权限作为第一个权限
                if (selectedScope.Name == nameof(PermissionScopeType.Prohibited))
                {
                    throw new RocketException($"Prohibited scope for the permission '{permissionDefinition.Name}' can not set as first scope, please set max scope as the first scope.");
                }

                permissions.Add(permissionDefinition.Name, selectedScope.Name);
            }

            // 设置超级管理员角色权限 63eab816-3619-a6d7-c82b-39f53e403b4a
            await PermissionDataSeeder.SeedAsync(
                RolePermissionValueProvider.ProviderName,
                "63eab816-3619-a6d7-c82b-39f53e403b4a",
                permissions,
                context.TenantId
                );

            // 设置超管账号权限 716d0fe6-3101-057b-ba30-39f53e403930
            await PermissionDataSeeder.SeedAsync(
                UserPermissionValueProvider.ProviderName,
                "716d0fe6-3101-057b-ba30-39f53e403930",
                permissions,
                context.TenantId
                );
        }
Exemplo n.º 14
0
        protected virtual async Task <MultiplePermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition[] permissions, string providerName, string providerKey)
        {
            var permissionNames = permissions.Select(x => x.Name).ToArray();
            var multiplePermissionWithGrantedProviders = new MultiplePermissionWithGrantedProviders(permissionNames);

            var neededCheckPermissions = new List <PermissionDefinition>();

            foreach (var permission in permissions
                     .Where(x => x.IsEnabled)
                     .Where(x => x.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
                     .Where(x => !x.Providers.Any() || x.Providers.Contains(providerName)))
            {
                if (await SimpleStateCheckerManager.IsEnabledAsync(permission))
                {
                    neededCheckPermissions.Add(permission);
                }
            }

            if (!neededCheckPermissions.Any())
            {
                return(multiplePermissionWithGrantedProviders);
            }

            foreach (var provider in ManagementProviders)
            {
                permissionNames = neededCheckPermissions.Select(x => x.Name).ToArray();
                var multiplePermissionValueProviderGrantInfo = await provider.CheckAsync(permissionNames, providerName, providerKey);

                foreach (var providerResultDict in multiplePermissionValueProviderGrantInfo.Result)
                {
                    if (providerResultDict.Value.IsGranted)
                    {
                        var permissionWithGrantedProvider = multiplePermissionWithGrantedProviders.Result
                                                            .First(x => x.Name == providerResultDict.Key);

                        permissionWithGrantedProvider.IsGranted = true;
                        permissionWithGrantedProvider.Providers.Add(new PermissionValueProviderInfo(provider.Name, providerResultDict.Value.ProviderKey));
                    }
                }
            }

            return(multiplePermissionWithGrantedProviders);
        }
Exemplo n.º 15
0
        public virtual async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
        {
            await CheckProviderPolicy(providerName);

            var result = new GetPermissionListResultDto
            {
                EntityDisplayName = providerKey,
                Groups            = new List <PermissionGroupDto>()
            };

            var multiTenancySide = CurrentTenant.GetMultiTenancySide();

            foreach (var group in PermissionDefinitionManager.GetGroups())
            {
                var groupDto = new PermissionGroupDto
                {
                    Name        = group.Name,
                    DisplayName = group.DisplayName.Localize(StringLocalizerFactory),
                    Permissions = new List <PermissionGrantInfoDto>()
                };

                foreach (var permission in group.GetPermissionsWithChildren())
                {
                    if (!permission.IsEnabled)
                    {
                        continue;
                    }

                    if (!await SimpleStateCheckerManager.IsEnabledAsync(permission))
                    {
                        continue;
                    }

                    if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
                    {
                        continue;
                    }

                    if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
                    {
                        continue;
                    }

                    var grantInfoDto = new PermissionGrantInfoDto
                    {
                        Name             = permission.Name,
                        DisplayName      = permission.DisplayName.Localize(StringLocalizerFactory),
                        ParentName       = permission.Parent?.Name,
                        AllowedProviders = permission.Providers,
                        GrantedProviders = new List <ProviderInfoDto>()
                    };

                    var grantInfo = await PermissionManager.GetAsync(permission.Name, providerName, providerKey);

                    grantInfoDto.IsGranted = grantInfo.IsGranted;

                    foreach (var provider in grantInfo.Providers)
                    {
                        grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
                        {
                            ProviderName = provider.Name,
                            ProviderKey  = provider.Key,
                        });
                    }

                    groupDto.Permissions.Add(grantInfoDto);
                }

                if (groupDto.Permissions.Any())
                {
                    result.Groups.Add(groupDto);
                }
            }

            return(result);
        }
        public override async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
        {
            var isHostPermission = CurrentUser.UserName == "HostUser";

            await CheckProviderPolicy(providerName);

            var result = new GetPermissionListResultDto
            {
                EntityDisplayName = providerKey,
                Groups            = new List <PermissionGroupDto>()
            };

            var multiTenancySide = CurrentTenant.GetMultiTenancySide();

            foreach (var group in PermissionDefinitionManager.GetGroups().WhereIf(!isHostPermission, x =>
                                                                                  !x.Properties.ContainsKey(AbpQa263DemoConsts.IsHostPermission) ||
                                                                                  (bool)x.Properties[AbpQa263DemoConsts.IsHostPermission] == isHostPermission))
            {
                var groupDto = new PermissionGroupDto
                {
                    Name        = group.Name,
                    DisplayName = group.DisplayName.Localize(StringLocalizerFactory),
                    Permissions = new List <PermissionGrantInfoDto>()
                };

                foreach (var permission in group.GetPermissionsWithChildren().WhereIf(!isHostPermission, x =>
                                                                                      !x.Properties.ContainsKey(AbpQa263DemoConsts.IsHostPermission) ||
                                                                                      (bool)x.Properties[AbpQa263DemoConsts.IsHostPermission] == isHostPermission))
                {
                    if (!permission.IsEnabled)
                    {
                        continue;
                    }

                    if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
                    {
                        continue;
                    }

                    if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
                    {
                        continue;
                    }

                    var grantInfoDto = new PermissionGrantInfoDto
                    {
                        Name             = permission.Name,
                        DisplayName      = permission.DisplayName.Localize(StringLocalizerFactory),
                        ParentName       = permission.Parent?.Name,
                        AllowedProviders = permission.Providers,
                        GrantedProviders = new List <ProviderInfoDto>()
                    };

                    var grantInfo = await PermissionManager.GetAsync(permission.Name, providerName, providerKey);

                    grantInfoDto.IsGranted = grantInfo.IsGranted;

                    foreach (var provider in grantInfo.Providers)
                    {
                        grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
                        {
                            ProviderName = provider.Name,
                            ProviderKey  = provider.Key,
                        });
                    }

                    groupDto.Permissions.Add(grantInfoDto);
                }

                if (groupDto.Permissions.Any())
                {
                    result.Groups.Add(groupDto);
                }
            }

            return(result);
        }
Exemplo n.º 17
0
        public virtual async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
        {
            await CheckProviderPolicy(providerName);

            var result = new GetPermissionListResultDto
            {
                EntityDisplayName = providerKey,
                Groups            = new List <PermissionGroupDto>()
            };

            var multiTenancySide = CurrentTenant.GetMultiTenancySide();

            foreach (var group in PermissionDefinitionManager.GetGroups())
            {
                var groupDto = new PermissionGroupDto
                {
                    Name        = group.Name,
                    DisplayName = group.DisplayName.Localize(StringLocalizerFactory),
                    Permissions = new List <PermissionGrantInfoDto>()
                };

                var neededCheckPermissions = new List <PermissionDefinition>();

                foreach (var permission in group.GetPermissionsWithChildren()
                         .Where(x => x.IsEnabled)
                         .Where(x => !x.Providers.Any() || x.Providers.Contains(providerName))
                         .Where(x => x.MultiTenancySide.HasFlag(multiTenancySide)))
                {
                    if (await SimpleStateCheckerManager.IsEnabledAsync(permission))
                    {
                        neededCheckPermissions.Add(permission);
                    }
                }

                if (!neededCheckPermissions.Any())
                {
                    return(result);
                }

                var grantInfoDtos = neededCheckPermissions.Select(x => new PermissionGrantInfoDto
                {
                    Name             = x.Name,
                    DisplayName      = x.DisplayName.Localize(StringLocalizerFactory),
                    ParentName       = x.Parent?.Name,
                    AllowedProviders = x.Providers,
                    GrantedProviders = new List <ProviderInfoDto>()
                }).ToList();

                var multipleGrantInfo = await PermissionManager.GetAsync(neededCheckPermissions.Select(x => x.Name).ToArray(), providerName, providerKey);

                foreach (var grantInfo in multipleGrantInfo.Result)
                {
                    var grantInfoDto = grantInfoDtos.First(x => x.Name == grantInfo.Name);

                    grantInfoDto.IsGranted = grantInfo.IsGranted;

                    foreach (var provider in grantInfo.Providers)
                    {
                        grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
                        {
                            ProviderName = provider.Name,
                            ProviderKey  = provider.Key,
                        });
                    }

                    groupDto.Permissions.Add(grantInfoDto);
                }

                if (groupDto.Permissions.Any())
                {
                    result.Groups.Add(groupDto);
                }
            }

            return(result);
        }
        public virtual async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
        {
            var permissionListResult = new GetPermissionListResultDto
            {
                EntityDisplayName = providerKey,
                Groups            = new List <PermissionGroupDto>()
            };
            var multiTenancySide = CurrentTenant.GetMultiTenancySide();
            var permissionGroups = PermissionDefinitionManager.GetGroups();
            IEnumerable <PermissionGrant> permissions =
                await PermissionGrantRepository.GetListAsync(providerName, providerKey);

            // 如果是当前用户权限,还需要查询角色权限
            if (providerName.Equals("U"))
            {
                var userId = CurrentUser.GetId().ToString();
                if (providerKey.Equals(userId))
                {
                    foreach (var role in CurrentUser.Roles)
                    {
                        var rolePermissions = await PermissionGrantRepository
                                              .GetListAsync(RolePermissionValueProvider.ProviderName, role);

                        permissions = permissions.Union(rolePermissions);
                    }
                }
            }
            foreach (var permissionGroup in permissionGroups)
            {
                var groupDto = new PermissionGroupDto
                {
                    Name        = permissionGroup.Name,
                    DisplayName = permissionGroup.DisplayName.Localize(StringLocalizerFactory),
                    Permissions = new List <PermissionGrantInfoDto>()
                };
                foreach (var permission in permissionGroup.GetPermissionsWithChildren())
                {
                    if (!permission.IsEnabled)
                    {
                        continue;
                    }

                    if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
                    {
                        continue;
                    }

                    if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
                    {
                        continue;
                    }

                    var grantInfoDto = new PermissionGrantInfoDto
                    {
                        Name             = permission.Name,
                        DisplayName      = permission.DisplayName.Localize(StringLocalizerFactory),
                        ParentName       = permission.Parent?.Name,
                        AllowedProviders = permission.Providers,
                        GrantedProviders = new List <ProviderInfoDto>()
                    };

                    var grantedPermissions = permissions.Where(p => p.Name.Equals(permission.Name));

                    foreach (var grantedPermission in grantedPermissions)
                    {
                        grantInfoDto.IsGranted = true;
                        grantInfoDto.GrantedProviders.Add(new ProviderInfoDto
                        {
                            ProviderKey  = grantedPermission.ProviderKey,
                            ProviderName = grantedPermission.ProviderName
                        });
                    }

                    groupDto.Permissions.Add(grantInfoDto);
                }

                if (groupDto.Permissions.Any())
                {
                    permissionListResult.Groups.Add(groupDto);
                }
            }

            return(permissionListResult);
        }
Exemplo n.º 19
0
        public virtual async Task <GetPermissionListResultDto> GetAsync(string providerName, string providerKey)
        {
            await CheckProviderPolicy(providerName);

            var result = new GetPermissionListResultDto {
                EntityDisplayName = providerKey,
                Groups            = new List <PermissionGroupDto> ()
            };

            var multiTenancySide = CurrentTenant.GetMultiTenancySide();

            foreach (var group in PermissionDefinitionManager.GetGroups())
            {
                var groupDto = new PermissionGroupDto {
                    Name        = group.Name,
                    DisplayName = group.DisplayName.Localize(StringLocalizerFactory),
                    Permissions = new List <PermissionGrantInfoDto> ()
                };

                foreach (var permission in group.GetPermissionsWithChildren())
                {
                    if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
                    {
                        continue;
                    }

                    if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
                    {
                        continue;
                    }

                    var grantInfoDto = new PermissionGrantInfoDto {
                        Name        = permission.Name,
                        DisplayName = permission.DisplayName.Localize(StringLocalizerFactory),
                        ParentName  = permission.Parent?.Name,
                        // 仅当scopes的元素为两个,且仅包含禁止和启用两种权限的时候才可以使用非下拉框的类型控件
                        IsDropdownBox    = permission.Scopes.Count == 2 && permission.Scopes.Contains(PermissionDefinitionProvider.Prohibited) && permission.Scopes.Contains(PermissionDefinitionProvider.Granted) ? permission.IsDropdownBox : true,
                        AllowedProviders = permission.Providers,
                        Scopes           = permission.Scopes.Where(m => m.MultiTenancySide.HasFlag(multiTenancySide)).Select(m => new PermissionScopeDto()
                        {
                            Name = m.Name, DisplayName = m.DisplayName
                        }).ToList(),
                        GrantedProviders = new List <ProviderInfoDto> ()
                    };

                    var grantInfo = await PermissionManager.GetAsync(permission.Name, providerName, providerKey);

                    grantInfoDto.IsGranted     = grantInfo.IsGranted;
                    grantInfoDto.SelectedScope = grantInfo.Scope;

                    foreach (var provider in grantInfo.Providers)
                    {
                        grantInfoDto.GrantedProviders.Add(new ProviderInfoDto {
                            ProviderName  = provider.Name,
                            ProviderScope = provider.Scope,
                            ProviderKey   = provider.Key,
                        });
                    }

                    groupDto.Permissions.Add(grantInfoDto);
                }

                if (groupDto.Permissions.Any())
                {
                    result.Groups.Add(groupDto);
                }
            }

            return(result);
        }