private static string GetDescription1(PermissionActions action)
{
switch (action)
{
case PermissionActions.Read:
return("查看");
case PermissionActions.Edit:
return("编辑");
case PermissionActions.Import:
return("导入");
case PermissionActions.Export:
return("导出");
case PermissionActions.Print:
return("打印");
case PermissionActions.Backup:
return("备分");
case PermissionActions.Restore:
return("恢复");
case PermissionActions.Collect:
return("采集");
default:
return(string.Empty);
}
}
private IDictionary <string, PermissionState> GetHabboPermissions(int habboId)
{
IDictionary <string, PermissionState> permissions = new Dictionary <string, PermissionState>();
using (WrappedMySqlConnection connection = CoreManager.ServerCore.MySqlConnectionProvider.GetConnection())
{
foreach (KeyValuePair <string, PermissionState> permission in PermissionActions.GetHabboPermissionsFromHabboId(habboId, connection))
{
permissions.Add(permission);
}
foreach (string groupName in PermissionActions.GetHabboPermissionGroupsFromHabboId(habboId, connection))
{
if (!_permissionGroupCache.ContainsKey(groupName))
{
CoreManager.ServerCore.ConsoleManager.Warning("Permissions", CoreManager.ServerCore.StringLocale.GetString("CORE:ERROR_PERMISSIONS_UNDEFINED_GROUP", groupName, habboId));
continue;
}
foreach (KeyValuePair <string, PermissionState> permission in _permissionGroupCache[groupName])
{
if (permissions.ContainsKey(permission.Key))
{
continue; // Individual permissions get priority over PermissionGroup permissions.
}
permissions.Add(permission);
}
}
}
return(permissions);
}
private static string GetDescription1(PermissionActions action)
{
switch (action)
{
case PermissionActions.Read:
return "查看";
case PermissionActions.Edit:
return "编辑";
case PermissionActions.Approve :
return "审核";
case PermissionActions.UndoApprove :
return "取消审核";
case PermissionActions.Nullify :
return "作废";
case PermissionActions.Ship :
return "发货";
case PermissionActions.Inventory :
return "入库";
case PermissionActions.Print :
return "打印";
case PermissionActions.Check :
return "盘点";
case PermissionActions.Slice :
return "加工";
default:
return string.Empty;
}
}
private static string GetDescription1(PermissionActions action)
{
switch (action)
{
case PermissionActions.Read:
return("查看");
case PermissionActions.Edit:
return("编辑");
case PermissionActions.Approve:
return("审核");
case PermissionActions.UndoApprove:
return("取消审核");
case PermissionActions.Nullify:
return("作废");
case PermissionActions.Ship:
return("发货");
case PermissionActions.Inventory:
return("入库");
case PermissionActions.Print:
return("打印");
default:
return(string.Empty);
}
}
// POST: api/user
public IHttpActionResult Post(HttpRequestMessage request, [FromBody] PermissionModel value)
{
if (_log.IsDebugEnabled)
{
_log.DebugFormat("Executing call in debug mode");
}
var headers = request.Headers;
//Check the request object to see if they passed a userId
if (headers.Contains("userid"))
{
var user = headers.GetValues("userid").First();
_log.InfoFormat("Handling POST request from user: {0}", user);
if (!ModelState.IsValid)
{
return(BadRequest("Invalid data."));
}
try
{
PermissionActions permissionActions = new PermissionActions();
permissionActions.Insert(value, user);
return(Ok());
}
catch (Exception e)
{
_log.Error("An error occurred while adding Permission.", e);
return(InternalServerError(e));
}
}
return(BadRequest("Header value <userid> not found."));
}
/// <summary>
/// 检测此操作员是否被授予某个权限
/// </summary>
/// <param name="right"></param>
/// <param name="action"></param>
/// <returns></returns>
public bool Permit(Permission right, PermissionActions action)
{
if (this.Role != null)
{
return(Role.Permit(right, action));
}
else
{
return(false);
}
}
public PermissionDistributor()
{
_permissionGroupCache = new Dictionary <string, IDictionary <string, PermissionState> >();
foreach (PermissionsGroupPermissionData permission in PermissionActions.GetAllPermissionGroupPermissions())
{
if (!_permissionGroupCache.ContainsKey(permission.GroupName))
{
_permissionGroupCache.Add(new KeyValuePair <string, IDictionary <string, PermissionState> >());
}
_permissionGroupCache[permission.GroupName].Add(permission.PermissionName, permission.PermissionState);
}
_defaultPermissions = new Dictionary <string, PermissionState>();
CoreManager.ServerCore.ConsoleManager.Notice("Permissions", CoreManager.ServerCore.StringLocale.GetString("CORE:BOOT_PERMISSIONS_CALCULATE"));
_defaultPermissions = GetHabboPermissions(DefaultPermissionsHabboId);
}
public static string GetDescription(PermissionActions actions)
{
string ret = string.Empty;
for (int i = 0; i < 32; i++)
{
PermissionActions temp = (PermissionActions)(1 << i);
if (Enum.IsDefined(typeof(PermissionActions), temp))
{
if ((temp & actions) != 0)
{
string descr = GetDescription1(temp);
if (!string.IsNullOrEmpty(descr)) ret += descr + ",";
}
}
}
ret = ret.TrimEnd(',');
return ret;
}
private void AddActionNodes(TreeNode parent, PermissionActions actions)
{
for (int i = 0; i < 32; i++)
{
PermissionActions temp = (PermissionActions)(1 << i);
if (Enum.IsDefined(typeof(PermissionActions), temp))
{
if ((temp & actions) != 0)
{
string descr = PermissionActionDescription.GetDescription(temp);
if (!string.IsNullOrEmpty(descr))
{
TreeNode actionNode = new TreeNode(descr, 1, 1);
actionNode.Tag = temp;
parent.Nodes.Add(actionNode);
}
}
}
}
}
public static string GetDescription(PermissionActions actions)
{
string ret = string.Empty;
for (int i = 0; i < 32; i++)
{
PermissionActions temp = (PermissionActions)(1 << i);
if (Enum.IsDefined(typeof(PermissionActions), temp))
{
if ((temp & actions) != 0)
{
string descr = GetDescription1(temp);
if (!string.IsNullOrEmpty(descr))
{
ret += descr + ",";
}
}
}
}
ret = ret.TrimEnd(',');
return(ret);
}
/// <summary>
/// 查看此角色是否被授予此权限
/// </summary>
public bool Permit(Permission right, PermissionActions action)
{
if (Permission == "all")
{
return(true);
}
else
{
if (_AllRights == null)
{
GetAllRights();
}
if (_AllRights != null && _AllRights.Count > 0)
{
if (_AllRights.Keys.Contains((uint)right))
{
return((_AllRights[(uint)right] & (uint)action) == (uint)action);
}
}
return(false);
}
}
// GET: api/user
public IHttpActionResult Get(HttpRequestMessage request)
{
if (_log.IsDebugEnabled)
{
_log.DebugFormat("Executing call in debug mode");
}
var headers = request.Headers;
bool showInActive = false;
if (headers.Contains("showInactive"))
{
showInActive = Boolean.Parse(headers.GetValues("showInactive").First());
}
//Check the request object to see if they passed a userId
if (headers.Contains("userid"))
{
var user = headers.GetValues("userid").First();
_log.InfoFormat("Handling GET request from user: {0}", user);
try
{
PermissionActions permissionActions = new PermissionActions();
_log.Debug("Getting Permissions");
IEnumerable <PermissionModel> permissionList = permissionActions.Get(showInActive);
var permissionModels = permissionList as IList <PermissionModel> ?? permissionList.ToList();
_log.DebugFormat("Permissions retreived Count: {0}", permissionModels.Count());
return(Ok(permissionModels));
}
catch (Exception e)
{
_log.Error("An error occurred while getting Permission.", e);
return(InternalServerError(e));
}
}
return(BadRequest("Header value <userid> not found."));
}
/// <summary>
/// The is authorized.
/// </summary>
/// <param name="entityPermissionGuid">
/// The entity permission guid.
/// </param>
/// <param name="model">
/// The model.
/// </param>
/// <param name="action">
/// The action.
/// </param>
/// <returns>
/// The <see cref="bool"/>.
/// </returns>
public virtual bool IsAuthorized(Guid entityPermissionGuid, string model, PermissionActions action)
{
if (!this.User.Identity.IsAuthenticated && this.User.Identity.Name != "Anonymous" &&
this.User.Identity.GetIdentityProvider() != "Anonymous")
{
// not authed
return(false);
}
var idp = this.User.GetIdentityProvider();
var permissions =
this.PermissionRepository.Search(
p =>
p.IdentityProvider == idp && (p.Model == model || p.Model == null) &&
(p.Action == action || p.Action == PermissionActions.All) &&
(p.EntityGuid == entityPermissionGuid || p.EntityGuid == default(Guid)));
foreach (var denyPermission in permissions.Where(p => p.Access == AccessControlType.Deny))
{
if (this.User.IsInRole(denyPermission.Identity) || this.User.Identity.Name == denyPermission.Identity)
{
return(false);
}
}
foreach (var permission in permissions.Where(p => p.Access == AccessControlType.Allow))
{
if (this.User.IsInRole(permission.Identity) || this.User.Identity.Name == permission.Identity)
{
return(true);
}
}
return(false);
}
// GET: api/user/5
public IHttpActionResult Get(int id, HttpRequestMessage request)
{
if (_log.IsDebugEnabled)
{
_log.DebugFormat("Executing call in debug mode");
}
var headers = request.Headers;
//Check the request object to see if they passed a userId
if (headers.Contains("userid"))
{
var user = headers.GetValues("userid").First();
_log.InfoFormat("Handling GET request from user: {0}", user);
PermissionActions permissionActions = new PermissionActions();
try
{
_log.Debug("Getting Permission");
var permissionModel = permissionActions.GetById(id);
if (permissionModel != null)
{
_log.DebugFormat("Permission retrieved. ID: {0}", permissionModel.Id);
return(Ok(permissionModel));
}
return(Ok());
}
catch (Exception e)
{
_log.Error("An error occurred while getting Permission.", e);
return(InternalServerError(e));
}
}
return(BadRequest("Header value <userid> not found."));
}
public async Task <Permission> SetPermissionForDepartmentAsync(int departmentId, string userId, PermissionTypes type, PermissionActions action,
string data, bool lockToGroup, CancellationToken cancellationToken = default(CancellationToken))
{
var permission = await GetPermissionByDepartmentTypeAsync(departmentId, type) ?? new Permission();
permission.DepartmentId = departmentId;
permission.PermissionType = (int)type;
permission.Action = (int)action;
permission.Data = data;
permission.LockToGroup = lockToGroup;
permission.UpdatedBy = userId;
permission.UpdatedOn = DateTime.UtcNow;
return(await _permissionsRepository.SaveOrUpdateAsync(permission, cancellationToken));
}
public Permission SetPermissionForDepartment(int departmentId, string userId, PermissionTypes type, PermissionActions action, string data, bool lockToGroup)
{
var permission = GetPermisionByDepartmentType(departmentId, type) ?? new Permission();
permission.DepartmentId = departmentId;
permission.PermissionType = (int)type;
permission.Action = (int)action;
permission.Data = data;
permission.LockToGroup = lockToGroup;
permission.UpdatedBy = userId;
permission.UpdatedOn = DateTime.UtcNow;
_permissionsRepository.SaveOrUpdate(permission);
return(permission);
}
/// <summary>
/// The get authorized entities.
/// </summary>
/// <param name="model">
/// The model.
/// </param>
/// <param name="action">
/// The action.
/// </param>
/// <returns>
/// The
/// <see>
/// <cref>ICollection</cref>
/// </see>
/// .
/// </returns>
protected virtual IQueryable <Permission> GetAuthorizedEntities(string model, PermissionActions action)
{
return
(this.PermissionRepository.Search(
p =>
(p.Model == model || p.Model == null) && (p.Action == action || p.Action == PermissionActions.All)));
}
/// <summary>
/// The get authorized entities.
/// </summary>
/// <param name="entity">
/// The entity.
/// </param>
/// <param name="action">
/// The action.
/// </param>
/// <returns>
/// The <see cref="IQueryable"/>.
/// </returns>
protected IQueryable <Permission> GetAuthorizedEntities(T entity, PermissionActions action)
{
return(this.GetAuthorizedEntities(typeof(T).Name, action));
}
/// <summary>
/// The get authorizing identities.
/// </summary>
/// <param name="model">
/// The model.
/// </param>
/// <param name="action">
/// The action.
/// </param>
/// <returns>
/// The
/// <see>
/// <cref>IEnumerable</cref>
/// </see>
/// .
/// </returns>
protected virtual IEnumerable <Permission> GetAuthorizingIdentities(string model, PermissionActions action)
{
var idp = this.User.GetIdentityProvider();
var permissions =
this.PermissionRepository.Search(
p =>
(p.Model == model || p.Model == null) && (p.Action == action || p.Action == PermissionActions.All) &&
p.Access == AccessControlType.Allow && p.IdentityProvider == idp);
var identities = new List <Permission>();
foreach (var permission in permissions)
{
if (this.User.IsInRole(permission.Identity) && identities.All(p => p.Id != permission.Id))
{
identities.Add(permission);
}
}
return(identities);
}
/// <summary>
/// The get authorizing identities.
/// </summary>
/// <param name="entity">
/// The entity.
/// </param>
/// <param name="action">
/// The action.
/// </param>
/// <returns>
/// The
/// <see>
/// <cref>IEnumerable</cref>
/// </see>
/// .
/// </returns>
protected IEnumerable <Permission> GetAuthorizingIdentities(T entity, PermissionActions action)
{
return(this.GetAuthorizingIdentities(typeof(T).Name, action));
}
private void AddActionNodes(TreeNode parent, PermissionActions actions)
{
for (int i = 0; i < 32; i++)
{
PermissionActions temp = (PermissionActions)(1 << i);
if (Enum.IsDefined(typeof(PermissionActions), temp))
{
if ((temp & actions) != 0)
{
string descr = PermissionActionDescription.GetDescription(temp);
if (!string.IsNullOrEmpty(descr))
{
TreeNode actionNode = new TreeNode(descr, 1, 1);
actionNode.Tag = temp;
parent.Nodes.Add(actionNode);
}
}
}
}
}
/// <summary>
/// The is authorized.
/// </summary>
/// <param name="entity">
/// The entity.
/// </param>
/// <param name="action">
/// The action.
/// </param>
/// <returns>
/// The <see cref="bool"/>.
/// </returns>
public bool IsAuthorized(T entity, PermissionActions action)
{
return(this.IsAuthorized(entity.EntityGuid, typeof(T).Name, action));
}
