public async Task <IActionResult> Login([FromBody] AccountLoginModel model)
{
var account = await _accountRepository.GetAccountByIdAsync(model.AccountId);
if (account == null)
{
throw new NotFound400Exception("account");
}
if (!await _accountRepository.AnyByAccountAsync(model.AccountId, model.Password))
{
throw new PasswordIsIncorrectException();
}
var permissions = await _groupRepository.GetPermissionsByGroupIdAsync(account.GroupId, 1, int.MaxValue);
StringBuilder functionIds = new StringBuilder();
List <string> functionCodes = new List <string>();
if (permissions.Total > 0)
{
int functionId = permissions.Items[0].FunctionId;
var functionCode = await _functionRepository.GetFunctionByIdAsync(functionId);
functionIds.Append(functionId);
functionCodes.Add(functionCode.Code);
for (int i = 1; i < permissions.Items.Count; i++)
{
functionId = permissions.Items[i].FunctionId;
functionCode = await _functionRepository.GetFunctionByIdAsync(functionId);
if (functionCode != null)
{
functionCodes.Add(functionCode.Code);
functionIds.Append(',').Append(permissions.Items[i].FunctionId);
}
}
}
// create token
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(AppSettings.JwtKey));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim(VmsClaimTypes.Name, account.Name),
new Claim(VmsClaimTypes.AccountId, account.AccountId),
new Claim(VmsClaimTypes.FunctionIds, functionIds.ToString())
};
var token = new JwtSecurityToken(AppSettings.JwtIssuer, null, claims, null, DateTime.Now.AddDays(AppSettings.JwtExpirationDays), credentials);
var tokenString = new JwtSecurityTokenHandler().WriteToken(token);
return(Ok(new AccountAuthenticateResponse {
AccountId = account.AccountId, Token = tokenString, FunctionCodes = functionCodes
}));
}
public async Task <IActionResult> DeleteFunctionAsync([FromRoute] int functionId)
{
var function = await _functionRepository.GetFunctionByIdAsync(functionId);
if (function == null)
{
throw new NotFound404Exception("function");
}
if (function.Code.Contains("Full"))
{
throw new ForbiddenException(); // can not delete 'Full' functions
}
function.IsDeleted = true;
function.UpdatedDate = DateTime.Now;
function.UpdatedBy = CurrentAccountId;
await _functionRepository.UpdateFunctionAsync(function);
return(Ok(FunctionDTO.GetFrom(function)));
}
public async Task <IActionResult> CreatePermissionAsync([FromRoute] int groupId, [FromBody] PermissionCreateModel model)
{
var currentAccount = await _accountRepository.GetAccountByIdAsync(CurrentAccountId);
if (currentAccount.GroupId > groupId)
{
throw new ForbiddenException(); // the lower the group id, the higher the authority; can only delete the group with authority lower than the current group
}
var group = await _groupRepository.GetGroupByIdAsync(groupId);
var function = await _functionRepository.GetFunctionByIdAsync(model.FunctionId);
if (group == null)
{
throw new NotFound404Exception("group");
}
if (function == null)
{
throw new NotFound400Exception("function");
}
if (await _groupRepository.AnyByPermissionAsync(model.FunctionId, groupId))
{
throw new AlreadyExistsException("function");
}
var permission = new Permission
{
FunctionId = model.FunctionId,
GroupId = groupId
};
await _groupRepository.CreatePermissionAsync(permission);
return(Ok(FunctionDTO.GetFrom(function)));
}
