public async override Task <MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
{
var permissionNames = context.Permissions.Select(x => x.Name).ToList();
var result = new MultiplePermissionGrantResult(permissionNames.ToArray());
var roles = context.Principal?.FindAll(AbpClaimTypes.Role).Select(c => c.Value).ToArray();
if (roles == null || !roles.Any())
{
return(result);
}
foreach (var role in roles)
{
var multipleResult = await PermissionStore.IsGrantedAsync(permissionNames.ToArray(), Name, role);
foreach (var grantResult in multipleResult.Result.Where(grantResult =>
result.Result.ContainsKey(grantResult.Key) &&
result.Result[grantResult.Key] == PermissionGrantResult.Undefined &&
grantResult.Value != PermissionGrantResult.Undefined))
{
result.Result[grantResult.Key] = grantResult.Value;
permissionNames.RemoveAll(x => x == grantResult.Key);
}
if (result.AllGranted || result.AllProhibited)
{
break;
}
}
return(result);
}
public override async Task <PermissionGrantResult> GetResultAsync(PermissionValueCheckContext context)
{
var roleIds = context.Principal?.FindAll(RocketClaimTypes.RoleId).Select(c => c.Value).ToArray();
if (roleIds == null || !roleIds.Any())
{
return(PermissionGrantResult.Undefined);
}
var permissionGrantResult = PermissionGrantResult.Undefined;
foreach (var roleId in roleIds)
{
var result = await PermissionStore.GetResultAsync(context.Permission.Name, Name, roleId);
if (result == null)
{
continue;
}
if (result.ScopeType > permissionGrantResult.ScopeType)
{
permissionGrantResult = result;
}
}
return(permissionGrantResult);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var userId = context.Principal?.FindFirst(AbpClaimTypes.UserId)?.Value;
if (userId == null)
{
return(PermissionGrantResult.Undefined);
}
var roleNames = await OrganizationUnitRepository.GetCurrentUserRoleNamesByOrganizationUnitAsync(Guid.Parse(userId));
if (roleNames == null || !roleNames.Any())
{
return(PermissionGrantResult.Undefined);
}
foreach (var roleName in roleNames)
{
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, roleName))
{
return(PermissionGrantResult.Granted);
}
}
return(PermissionGrantResult.Undefined);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var roles = context.Principal?.FindAll(JwtClaimTypes.Role)
.Where(c => !string.IsNullOrWhiteSpace(c.Value))
.Select(c => new Role(c.Value))
.ToArray();
if (!string.IsNullOrWhiteSpace(context.ScopeId))
{
roles = roles?.Where(r => r.ScopeId == context.ScopeId)
.ToArray();
}
if (roles == null || !roles.Any())
{
return(PermissionGrantResult.Undefined);
}
foreach (var role in roles)
{
if (await PermissionStore.IsGrantedAsync(context.Permission.Name,
Name,
role.Name,
role.ScopeId,
context.TenantId))
{
return(PermissionGrantResult.Granted);
}
}
return(PermissionGrantResult.Undefined);
}
public async override Task <PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName == Name)
{
return(new PermissionValueProviderGrantInfo(
await PermissionStore.IsGrantedAsync(name, providerName, providerKey),
providerKey
));
}
if (providerName == UserPermissionValueProvider.ProviderName)
{
var userId = Guid.Parse(providerKey);
var roleNames = await UserRoleFinder.GetRolesAsync(userId);
foreach (var roleName in roleNames)
{
var permissionGrant = await PermissionGrantRepository.FindAsync(name, Name, roleName);
if (permissionGrant != null)
{
return(new PermissionValueProviderGrantInfo(true, roleName));
}
}
}
return(PermissionValueProviderGrantInfo.NonGranted);
}
public override async Task <PermissionGrantResult> GetResultAsync(PermissionValueCheckContext context)
{
var clientId = context.Principal?.FindFirst(RocketClaimTypes.ClientId)?.Value;
if (clientId == null)
{
return(PermissionGrantResult.Undefined);
}
return(await PermissionStore.GetResultAsync(context.Permission.Name, Name, clientId));
}
public override async Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
{
var permissionNames = context.Permissions.Select(x => x.Name).ToArray();
var userId = context.Principal?.FindFirst(AbpClaimTypes.UserId)?.Value;
if (userId == null)
{
return new MultiplePermissionGrantResult(permissionNames);
}
return await PermissionStore.IsGrantedAsync(permissionNames, Name, userId);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var userId = context.Principal?.FindFirst(AbpClaimTypes.UserId)?.Value;
if (userId == null)
{
return(PermissionGrantResult.Undefined);
}
return(await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, userId)
? PermissionGrantResult.Granted
: PermissionGrantResult.Undefined);
}
public async override Task <MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
{
var permissionNames = context.Permissions.Select(x => x.Name).ToArray();
var clientId = context.Principal?.FindFirst(AbpClaimTypes.ClientId)?.Value;
if (clientId == null)
{
return(new MultiplePermissionGrantResult(permissionNames));;
}
using (CurrentTenant.Change(null))
{
return(await PermissionStore.IsGrantedAsync(permissionNames, Name, clientId));
}
}
public async override Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var clientId = context.Principal?.FindFirst(AbpClaimTypes.ClientId)?.Value;
if (clientId == null)
{
return(PermissionGrantResult.Undefined);
}
using (CurrentTenant.Change(null))
{
return(await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, clientId)
? PermissionGrantResult.Granted
: PermissionGrantResult.Undefined);
}
}
public override async Task <PermissionValueProviderGrantInfo> CheckAsync(PermissionValueCheckContext context)
{
var clientId = context.Principal?.FindFirst(AbpClaimTypes.ClientId)?.Value;
if (clientId == null)
{
return(PermissionValueProviderGrantInfo.NonGranted);
}
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, clientId))
{
return(new PermissionValueProviderGrantInfo(true, clientId));
}
return(PermissionValueProviderGrantInfo.NonGranted);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var userId = context.UserId;
var tenantId = context.TenantId;
if (userId == null)
{
return(PermissionGrantResult.Undefined);
}
return(await PermissionStore.IsGrantedAsync(context.Permission.Name,
Name,
userId,
context.ScopeId,
tenantId)
? PermissionGrantResult.Granted
: PermissionGrantResult.Undefined);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var roles = context.Principal?.FindAll(AbpClaimTypes.Role).Select(c => c.Value).ToArray();
if (roles == null || !roles.Any())
{
return(PermissionGrantResult.Undefined);
}
foreach (var role in roles)
{
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, role))
{
return(PermissionGrantResult.Granted);
}
}
return(PermissionGrantResult.Undefined);
}
public override async Task <PermissionValueProviderGrantInfo> CheckAsync(PermissionValueCheckContext context)
{
var roles = context.Principal?.FindAll(ClaimTypes.Role).Select(c => c.Value).ToArray();
if (roles == null || !roles.Any())
{
return(PermissionValueProviderGrantInfo.NonGranted);
}
foreach (var role in roles)
{
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, role))
{
return(new PermissionValueProviderGrantInfo(true, role));
}
}
return(PermissionValueProviderGrantInfo.NonGranted);
}
/// <summary>
/// 获取菜单所对应的权限
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public IEnumerable <Permission> GetPermission(string menuid)
{
Menu2PermissionDAL m2p = new Menu2PermissionDAL();
PermissionStore store = new PermissionStore();
//中间表
var listtep = m2p.GetAll().Where(o => o.MenuID == menuid);
//权限表
var plisttep = store.GetAll();
var list = listtep == null ? new List <Menu2Permission>() : listtep.ToList();
var plist = plisttep == null ? new List <Permission>() : plisttep.ToList();
//2个结果集连接
var result = from i in list
join j in plist
on i.PermissionID equals j.Id
orderby j.State
select j
;
return(result);
}
protected override async Task <bool> IsGrantedAsync(string permissionName, string providerName, string providerKey)
{
if (!RolePermissionValueProvider.ProviderName.Equals(providerName))
{
// 如果查询的是用户权限,需要查询用户角色权限
if (providerName == UserPermissionValueProvider.ProviderName)
{
var userId = Guid.Parse(providerKey);
var roleNames = await GetUserRolesAsync(userId);
foreach (var roleName in roleNames)
{
var permissionGrant = await PermissionStore.IsGrantedAsync(permissionName, RolePermissionValueProvider.ProviderName, roleName);
if (permissionGrant)
{
return(true);
}
}
}
}
return(await base.IsGrantedAsync(permissionName, providerName, providerKey));
}
public PermissionManager(PermissionStore PermissionStore) : base(PermissionStore)
{
Store = PermissionStore;
}
public async Task <ActionResult> Login(LoginViewModel usermodel)
{
if (!ModelState.IsValid)
{
return(View(usermodel));
}
Microsoft.Owin.IOwinContext OwinContext = HttpContext.GetOwinContext();
//初始化用户管理相关
UserStore userStore = new UserStore();
UserDAL userdal = new UserDAL();
UserManager UserManager = new UserManager(userStore);
//初始化权限管理相关
PermissionStore ps = new PermissionStore();
PermissionManager pm = new PermissionManager(ps);
//登录
SignInManager signInManager = new SignInManager(UserManager, OwinContext.Authentication);
Microsoft.AspNet.Identity.Owin.SignInStatus SignInStatus;
string pass = usermodel.Password;
string username = usermodel.LoginName;
var user = new Com.HSJF.Infrastructure.Identity.Model.User {
UserName = username, Password = pass
};
byte[] _Key = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["Cryptokey"] ?? "HSJF!@#$12345678");
byte[] _IV = Encoding.UTF8.GetBytes(WebConfigurationManager.AppSettings["CryptoIV"] ?? "HSJF^%$#12345678");
SymmCrypto symm = new SymmCrypto(_Key, _IV);
if (!userdal.FindUser(usermodel.LoginName, Convert.ToBase64String(symm.EncryptFromString(usermodel.Password))))
{
ModelState.AddModelError("", "用户名不存在或者已被禁用!");
return(View());
}
//域登陆
if (WebConfigurationManager.AppSettings["LoginMode"] == "LDAP")
{
LdapAuthentication ldap = new LdapAuthentication();
if (!ldap.IsAuthenticated(usermodel.LoginName, usermodel.Password))
{
ModelState.AddModelError("", "用户名或者密码错误!");
return(View());
}
var newuser = UserManager.FindByName(username);
user.Password = symm.DecryptToString(Convert.FromBase64String(newuser.Password));
}
SignInStatus = await PrivateLogin(user.UserName, user.Password);
switch (SignInStatus)
{
//成功
case Microsoft.AspNet.Identity.Owin.SignInStatus.Success:
//此处表示已经在startup 中配置
//标示
//System.Security.Claims.ClaimsIdentity identity = UserManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
//授权登陆
//AutherticationManager.SignIn(new Microsoft.Owin.Security.AuthenticationProperties { IsPersistent = true }, identity);
System.Web.HttpContext.Current.Session["_currentUser"] = signInManager.UserManager.FindByName(user.UserName);
return(RedirectToAction("Index", "Home"));
//锁定
case Microsoft.AspNet.Identity.Owin.SignInStatus.LockedOut:
Response.Write("LockedOut!");
break;
//要求验证
case Microsoft.AspNet.Identity.Owin.SignInStatus.RequiresVerification:
Response.Write("RequiresVerification!");
break;
//登录失败
case Microsoft.AspNet.Identity.Owin.SignInStatus.Failure:
ModelState.AddModelError("", @"用户名或者密码错误!");
return(View());
}
return(View());
}