public ActionResult UpdateBusiness()
{
ReflectionController rc = new ReflectionController();
List <Type> listControllerType = rc.GetControllers("ManagementDispatch.Controllers");
List <string> listControllerOld = _data.BlogBusinesses.Select(c => c.BusinessId).ToList();
List <string> listPermessionOld = _data.BlogPermissions.Select(c => c.PermissionName).ToList();
foreach (var c in listControllerType)
{
if (!listControllerOld.Contains(c.Name))
{
BlogBusiness b = new BlogBusiness()
{
BusinessId = c.Name, BusinessName = "Chưa có mô tả"
};
_data.BlogBusinesses.InsertOnSubmit(b);
_data.SubmitChanges();
}
List <string> listPermission = rc.GetActions(c);
foreach (var p in listPermission)
{
if (!listPermessionOld.Contains(c.Name + "-" + p))
{
BlogPermission permission = new BlogPermission()
{
PermissionName = c.Name + "-" + p, Description = "Chưa có mô tả", BusinessId = c.Name
};
_data.BlogPermissions.InsertOnSubmit(permission);
_data.SubmitChanges();
}
}
}
return(RedirectToAction("ListRole"));
}
public async Task <(bool IsAdd, string msg)> AddAsync(BlogPermission permission)
{
using (var conn = ConnectionFactory.GetOpenConnection())
{
var tran = conn.BeginTransaction();
try
{
if (GetExistCount("select count(*) from blogpermission where permissionId=@pid", new { pid = permission.PermissionId }) > 0)
{
return(false, "角色已经存在");
}
var pNum = await conn.ExecuteAsync("insert into blogpermission(PermissionName) values(@pName)", new { pName = permission.PermissionName });
if (pNum > 0)
{
tran.Commit();
return(true, "角色添加成功");
}
else
{
tran.Rollback();
return(false, "角色添加失败");
}
}
catch (Exception ex)
{
tran.Rollback();
return(false, ex.Message);
}
}
}
public ActionResult UpdateNghiepVu()
{
ReflectionController rc = new ReflectionController();
List <Type> listControllerType = rc.GetControllers("QuanLyXe.Areas.Admin.Controllers");
List <string> listControllerOld = db.NghiepVus.Select(c => c.MaNghiepVu).ToList();
List <string> listPermistionOld = db.BlogPermissions.Select(p => p.PermisstionName).ToList();
foreach (var c in listControllerType)
{
if (!listControllerOld.Contains(c.Name))
{
NghiepVu nv = new NghiepVu()
{
MaNghiepVu = c.Name, TenNghiepVu = "Chưa có mô tả"
};
db.NghiepVus.Add(nv);
}
List <string> listPermisstion = rc.GetActions(c);
foreach (var p in listPermisstion)
{
if (!listPermistionOld.Contains(c.Name + "-" + p))
{
BlogPermission permission = new BlogPermission()
{
PermisstionName = c.Name + "-" + p, Description = "Chưa có mô tả", MaNghiepVu = c.Name
};
db.BlogPermissions.Add(permission);
}
}
}
db.SaveChanges();
TempData["err"] = "<div class='alert alert-info' role='alert'><span class='glyphicon glyphicon-exclamation-sign' aria-hidden='true'></span><span class='sr-only'></span>Cập Nhật</div>";
return(RedirectToAction("Index"));
}
public ActionResult DeleteConfirmed(int id)
{
BlogPermission blogPermission = db.BlogPermissions.Find(id);
db.BlogPermissions.Remove(blogPermission);
db.SaveChanges();
return(RedirectToAction("Index"));
}
public ActionResult Edit([Bind(Include = "PermissionId,PermisstionName,Description,MaNghiepVu")] BlogPermission blogPermission)
{
if (ModelState.IsValid)
{
db.Entry(blogPermission).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index", new { id = blogPermission.MaNghiepVu }));
}
ViewBag.MaNghiepVu = new SelectList(db.NghiepVus, "MaNghiepVu", "TenNghiepVu", blogPermission.MaNghiepVu);
return(View(blogPermission));
}
public ActionResult Create([Bind(Include = "PermissionId,PermisstionName,Description,MaNghiepVu")] BlogPermission blogPermission)
{
if (ModelState.IsValid)
{
db.BlogPermissions.Add(blogPermission);
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.MaNghiepVu = new SelectList(db.NghiepVus, "MaNghiepVu", "TenNghiepVu", blogPermission.MaNghiepVu);
return(View(blogPermission));
}
// GET: Admin/BlogPermissions/Details/5
public ActionResult Details(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
BlogPermission blogPermission = db.BlogPermissions.Find(id);
if (blogPermission == null)
{
return(HttpNotFound());
}
return(View(blogPermission));
}
// GET: Admin/BlogPermissions/Edit/5
public ActionResult Edit(int?id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
BlogPermission blogPermission = db.BlogPermissions.Find(id);
if (blogPermission == null)
{
return(HttpNotFound());
}
ViewBag.MaNghiepVu = new SelectList(db.NghiepVus, "MaNghiepVu", "TenNghiepVu", blogPermission.MaNghiepVu);
return(View(blogPermission));
}
public ActionResult EditBlogPermission(int id, FormCollection formCollection)
{
try
{
BlogPermission blogPermission = _data.BlogPermissions.SingleOrDefault(n => n.PermissionId == id);
blogPermission.Description = formCollection["Description"];
UpdateModel(blogPermission);
_data.SubmitChanges();
return(RedirectToAction("ListPermission", new { id = blogPermission.BusinessId }));
}
catch
{
return(View());
}
}
//- ~ValidateSystemPermission -//
internal static void ValidateSystemPermission(BlogPermission blogPermission)
{
Char databasePermissionCode = GetDatabasePermissionCode(blogPermission);
//+
using (MinimaServiceLINQDataContext db = new MinimaServiceLINQDataContext(ServiceConfiguration.ConnectionString))
{
String authorEmail = OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name;
//+ validate
AuthorLINQ authorLinq;
Validator.EnsureAuthorExists(authorEmail, out authorLinq, db);
//+
if (!authorLinq.UserRights.Any(ur => ur.UserRightLevel == PermissionLevel.System &&
ur.UserRightType == databasePermissionCode))
{
throw new SecurityException(Message.Invalid);
}
}
}
//- $GetDatabasePermissionCode -//
private static Char GetDatabasePermissionCode(BlogPermission blogPermission)
{
switch (blogPermission)
{
case BlogPermission.Create:
return('C');
case BlogPermission.Retrieve:
return('R');
case BlogPermission.Update:
return('U');
case BlogPermission.Delete:
return('D');
default:
throw new InvalidOperationException("Invalid blog permission required.");
}
}
/// <summary>
/// Generate a new admin user (for when doesn't exist) independent of the implementation type
/// </summary>
/// <returns>The new login</returns>
public virtual BlogLogin GenerateDefaultUser(BlogPermission permissionLevel, String password = "")
=> new BlogLogin()
{
Id = Guid.NewGuid().ToString(), // Generate a new ID for this user
BlogId = "",
Username = defaultAdminUsername,
PasswordHash = (new CryptoHelper()).CalculateHash(
(permissionLevel == BlogPermission.Admin) ? defaultAdminPassword : password),
Email = defaultAdminEmail, // Default email (not a real one)
PasswordChange = true, // Requires a password change the first login
Permissions = (permissionLevel == BlogPermission.Admin) ?
new List <BlogPermission>()
{
BlogPermission.Admin,
BlogPermission.User
} :
new List <BlogPermission>()
{
BlogPermission.User
}
};
/// <summary>
/// Setup to tell the system what level of security it should have
/// </summary>
public BlogSecurityAttribute(BlogPermission permission)
{
this.Permission = permission;
}
//+
//- @Ctor -//
public MinimaSecureOperationInvoker(IOperationInvoker operationInvoker, Char permissionLevel, BlogPermission permissionRequired)
{
this.InnerOperationInvoker = operationInvoker;
this.PermissionLevel = permissionLevel;
this.PermissionRequired = permissionRequired;
}
public ActionResult EditBlogPermission(int id)
{
BlogPermission blogBusiness = _data.BlogPermissions.SingleOrDefault(n => n.PermissionId == id);
return(View(blogBusiness));
}
