Exemplo n.º 1
0
        /// <summary>
        /// Update permissions associated with a role
        /// </summary>
        /// <remarks>Updates the permissions for a role</remarks>
        /// <param name="id">id of Role to update</param>
        /// <param name="items"></param>
        /// <response code="200">OK</response>
        /// <response code="404">Role not found</response>
        public virtual IActionResult RolesIdPermissionsPutAsync(int id, PermissionViewModel[] items)
        {
            using (IDbContextTransaction txn = _context.BeginTransaction())
            {
                Role role = _context.Roles
                            .Where(x => x.Id == id)
                            .Include(x => x.RolePermissions)
                            .ThenInclude(rolePerm => rolePerm.Permission)
                            .FirstOrDefault();

                if (role == null)
                {
                    // record not found
                    return(new ObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
                }

                List <Permission> allPermissions        = _context.Permissions.ToList();
                List <int?>       permissionIds         = items.Select(x => x.Id).ToList();
                List <int>        existingPermissionIds = role.RolePermissions.Select(x => x.Permission.Id).ToList();
                List <int?>       permissionIdsToAdd    = permissionIds.Where(x => !existingPermissionIds.Contains((int)x)).ToList();

                // Permissions to add
                foreach (int?permissionId in permissionIdsToAdd)
                {
                    Permission permToAdd = allPermissions.FirstOrDefault(x => x.Id == permissionId);

                    if (permToAdd == null)
                    {
                        throw new ArgumentException(string.Format("Invalid Permission Code {0}", permissionId));
                    }

                    role.AddPermission(permToAdd);
                }

                // Permissions to remove
                List <RolePermission> permissionsToRemove = role.RolePermissions.Where(x => x.Permission != null && !permissionIds.Contains(x.Permission.Id)).ToList();

                foreach (RolePermission perm in permissionsToRemove)
                {
                    role.RemovePermission(perm.Permission);
                    _context.RolePermissions.Remove(perm);
                }

                _context.Roles.Update(role);
                _context.SaveChanges();
                txn.Commit();

                IEnumerable <Permission> dbPermissions = role.RolePermissions.Select(x => x.Permission);

                // create DTO with serializable response
                List <PermissionViewModel> result = dbPermissions.Select(x => x.ToViewModel()).ToList();

                return(new ObjectResult(new HetsResponse(result)));
            }
        }
Exemplo n.º 2
0
        /// <summary>
        ///
        /// </summary>
        /// <remarks>Updates the permissions for a role</remarks>
        /// <param name="id">id of Role to update</param>
        /// <param name="items"></param>
        /// <response code="200">OK</response>
        /// <response code="404">Role not found</response>
        public virtual IActionResult RolesIdPermissionsPutAsync(int id, PermissionViewModel[] items)
        {
            using (var txn = _context.BeginTransaction())
            {
                // Eager loading of related data
                var role = _context.Roles
                           .Where(x => x.Id == id)
                           .Include(x => x.RolePermissions)
                           .ThenInclude(rolePerm => rolePerm.Permission)
                           .FirstOrDefault();

                if (role == null)
                {
                    // Not Found
                    return(new StatusCodeResult(404));
                }

                var allPermissions        = _context.Permissions.ToList();
                var permissionIds         = items.Select(x => x.Id).ToList();
                var existingPermissionIds = role.RolePermissions.Select(x => x.Permission.Id).ToList();
                var permissionIdsToAdd    = permissionIds.Where(x => !existingPermissionIds.Contains((int)x)).ToList();

                // Permissions to add
                foreach (var permissionId in permissionIdsToAdd)
                {
                    var permToAdd = allPermissions.FirstOrDefault(x => x.Id == permissionId);
                    if (permToAdd == null)
                    {
                        // TODO throw new BusinessLayerException(string.Format("Invalid Permission Code {0}", code));
                    }
                    role.AddPermission(permToAdd);
                }

                // Permissions to remove
                List <RolePermission> permissionsToRemove = role.RolePermissions.Where(x => x.Permission != null && !permissionIds.Contains(x.Permission.Id)).ToList();
                foreach (RolePermission perm in permissionsToRemove)
                {
                    role.RemovePermission(perm.Permission);
                    _context.RolePermissions.Remove(perm);
                }

                _context.Roles.Update(role);
                _context.SaveChanges();
                txn.Commit();

                var dbPermissions = role.RolePermissions.Select(x => x.Permission);

                // Create DTO with serializable response
                var result = dbPermissions.Select(x => x.ToViewModel()).ToList();
                return(new ObjectResult(result));
            }
        }
Exemplo n.º 3
0
        /// <summary>
        /// Update permission for a role
        /// </summary>
        /// <remarks>Adds permissions to a role</remarks>
        /// <param name="id">id of Role to update</param>
        /// <param name="item"></param>
        /// <response code="200">OK</response>
        public virtual IActionResult RolesIdPermissionsPostAsync(int id, PermissionViewModel item)
        {
            using (IDbContextTransaction txn = _context.BeginTransaction())
            {
                Role role = _context.Roles
                            .Where(x => x.Id == id)
                            .Include(x => x.RolePermissions)
                            .ThenInclude(rolePerm => rolePerm.Permission)
                            .FirstOrDefault();

                if (role == null)
                {
                    // record not found
                    return(new ObjectResult(new HetsResponse("HETS-01", ErrorViewModel.GetDescription("HETS-01", _configuration))));
                }

                List <Permission> allPermissions          = _context.Permissions.ToList();
                List <string>     existingPermissionCodes = role.RolePermissions.Select(x => x.Permission.Code).ToList();

                if (!existingPermissionCodes.Contains(item.Code))
                {
                    Permission permToAdd = allPermissions.FirstOrDefault(x => x.Code == item.Code);

                    if (permToAdd == null)
                    {
                        throw new ArgumentException(string.Format("Invalid Permission Code {0}", item.Code));
                    }

                    role.AddPermission(permToAdd);
                }

                _context.Roles.Update(role);
                _context.SaveChanges();
                txn.Commit();

                List <RolePermission> dbPermissions = _context.RolePermissions.ToList();

                // Create DTO with serializable response
                List <RolePermissionViewModel> result = dbPermissions.Select(x => x.ToViewModel()).ToList();

                return(new ObjectResult(new HetsResponse(result)));
            }
        }