public IActionResult SaveRolePermissions([FromBody] EditRolePermissionsModel model)
{
var resourceOwner = _resourceOwnerService.FindByName(model.ResourceName);
if (resourceOwner == null)
{
return(NotFound());
}
var Role = _roleService.FindById(model.RoleId);
if (Role.Name.IsCaseInsensitiveEqual(RoleDefaults.ADMINISTRATOR))
{
return(JError(T["notallow_edit"]));
}
if (ModelState.IsValid)
{
_roleObjectAccessService.DeleteByRole(model.RoleId, resourceOwner.ModuleName);
if (model.ObjectId.NotEmpty())
{
List <RoleObjectAccess> roleObjectAccess = new List <RoleObjectAccess>();
var objectTypeCode = Module.Core.ModuleCollection.GetIdentity(resourceOwner.ModuleName);
int i = 0;
foreach (var item in model.ObjectId)
{
var roa = new RoleObjectAccess
{
RoleObjectAccessId = Guid.NewGuid(),
RoleId = model.RoleId,
ObjectId = item,
ObjectTypeCode = objectTypeCode
};
if (model.Mask == null)
{
roa.AccessRightsMask = 1;
}
else if (model.Mask != null && model.Mask[i] > 0)
{
roa.AccessRightsMask = (int)model.Mask[i];
}
if (roa.AccessRightsMask > 0 && !roleObjectAccess.Exists(x => x.ObjectId == item && x.ObjectTypeCode == objectTypeCode))
{
roleObjectAccess.Add(roa);
}
i++;
}
if (roleObjectAccess.NotEmpty())
{
_roleObjectAccessService.CreateMany(roleObjectAccess);
}
}
return(SaveSuccess());
}
return(SaveFailure(GetModelErrors()));
}
public IActionResult EditRolePermissions(EditRolePermissionsModel model)
{
var resourceOwner = _resourceOwnerService.FindByName(model.ResourceName);
if (resourceOwner == null)
{
return(NotFound());
}
model.Role = _roleService.FindById(model.RoleId);
model.ResourceOwnerDescriptor = resourceOwner;
return(DynamicResult(model, $"~/Views/Security/{WebContext.ActionName}.cshtml"));
}
public IActionResult EditRoleFieldPermissions(Guid roleId)
{
if (roleId.IsEmpty())
{
return(NotFound());
}
var resourceOwner = _resourceOwnerService.FindByName(AttributeDefaults.ModuleName);
if (resourceOwner == null)
{
return(NotFound());
}
EditRolePermissionsModel model = new EditRolePermissionsModel
{
ResourceName = AttributeDefaults.ModuleName,
ResourceOwnerDescriptor = resourceOwner,
Role = _roleService.FindById(roleId),
RoleId = roleId,
RoleObjectAccess = _roleObjectAccessService.QueryRolePermissions(roleId, DataAuthorizationDefaults.ModuleName)
};
return(DynamicResult(model, $"~/Views/Security/{WebContext.ActionName}.cshtml"));
}
