public async Task <ActionResult> FetchPermissions(string roleId, string roleName)
        {
            var model = GetPageData();
            var ownerPermissionsresponse = await _bosIAClient.GetOwnerPermissionsSetsAsFlatAsync <PermissionsModule>(Guid.Parse(roleId));

            List <Module>                allModules          = new List <Module>();
            List <Operation>             allOperations       = new List <Operation>();
            List <IPermissionsOperation> permittedOperations = new List <IPermissionsOperation>();
            List <IPermissionsSet>       permittedModules    = new List <IPermissionsSet>();

            if (ownerPermissionsresponse.IsSuccessStatusCode)
            {
                permittedModules    = ownerPermissionsresponse.Permissions.Modules;
                permittedOperations = ownerPermissionsresponse.Permissions.Operations;
            }

            var modulesResponse = await _bosIAClient.GetModulesAsync <Module>(true, true);

            if (modulesResponse.IsSuccessStatusCode)
            {
                allModules = modulesResponse.Modules;
            }

            var operationsResponse = await _bosIAClient.GetOperationsAsync <Operation>(true, true);

            if (operationsResponse.IsSuccessStatusCode)
            {
                allOperations = operationsResponse.Operations;
            }

            foreach (PermissionsSet module in permittedModules)
            {
                var moduleObj = allModules.FirstOrDefault(x => x.Id == module.ModuleId);

                if (moduleObj != null)
                {
                    moduleObj.IsPermitted = true;
                    if (moduleObj.Operations.Count > 0)
                    {
                        foreach (Operation operation in moduleObj.Operations)
                        {
                            var operationObj = permittedOperations.FirstOrDefault(x => x.OperationId == operation.Id);
                            if (operationObj != null)
                            {
                                operation.IsPermitted = true;
                            }
                        }
                    }
                }
            }

            model.ModuleOperations = allModules;
            model.OwnerId          = roleId;
            model.RoleName         = roleName;
            return(View("Index", model));
        }
Пример #2
0
        public async Task <IActionResult> Index()
        {
            var modules = await _iaClient.GetModulesAsync <Module>(true, true);

            var userPermissionsSets = await GetUserPermissionsSets();

            var model = new HomeViewModel
            {
                Id          = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value,
                Email       = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value,
                Username    = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name).Value,
                Modules     = modules.Modules,
                Permissions = userPermissionsSets,
                IsAdmin     = User.Claims.Any(c => c.Type == ClaimTypes.Role && c.Value.ToLower().Trim() == "super admin")
            };

            return(View(model));
        }
        public async Task <IActionResult> Index()
        {
            try
            {
                RemoveUserSessions();
                var rolesResponse = await _authClient.GetRolesAsync <Role>();

                var modulesResponse = await _iaClient.GetModulesAsync <Module>(true, true);

                string roleId = string.Empty, roleName = string.Empty;
                if (HttpContext.Session.GetString("RoleId") != null && HttpContext.Session.GetString("RoleId") != "")
                {
                    roleId   = HttpContext.Session.GetString("RoleId");
                    roleName = HttpContext.Session.GetString("RoleName");
                }
                else
                {
                    roleId   = Convert.ToString(rolesResponse.Roles[0].Id);
                    roleName = rolesResponse.Roles[0].Name;
                    RemoveRoleSessions();
                    HttpContext.Session.SetString("RoleId", roleId);
                    HttpContext.Session.SetString("RoleName", roleName);
                }
                var userPermissionsSets = await GetUserPermissionsSets(Guid.Parse(roleId));

                var model = new PermissionsViewModel
                {
                    Roles       = rolesResponse.Roles,
                    Modules     = modulesResponse.Modules,
                    Permissions = userPermissionsSets
                };
                foreach (Module r in modulesResponse.Modules)
                {
                    var OperationsResponse = await _iaClient.GetFilteredOperationsAsync <Operation>($"$filter=deleted eq false and parentOperationId eq null and moduleId eq {r.Id}&$expand=ChildOperations($levels=max)&$orderBy=LastModifiedOn desc");

                    if (OperationsResponse != null && OperationsResponse.IsSuccessStatusCode)
                    {
                        r.Operations = new List <IOperation>();
                    }
                    r.Operations.AddRange(OperationsResponse.Operations);
                    foreach (Module m in r.ChildModules)
                    {
                        if (userPermissionsSets.Any(p => p.ReferenceId == r.Id))
                        {
                            m.IsAssigned = true;
                        }
                        else
                        {
                            m.IsAssigned = false;
                        }
                        var set = (userPermissionsSets.Any(p => p.ReferenceId == m.Id)) ? userPermissionsSets.Find(p => p.ReferenceId == m.Id) : new PermissionsSet();
                        if (m.Operations != null && m.Operations.Count > 0)
                        {
                            var childOperations = SetIsAssignedOperations(m.Operations, set.Permissions);
                            m.Operations = childOperations;
                        }
                        if (r.ChildModules != null && r.ChildModules.Count > 0)
                        {
                            var childmodules = SetIsAssignedForSubmodules(r.ChildModules, userPermissionsSets);
                            r.ChildModules = childmodules;
                        }
                    }
                    model = SetViewModelPermissionSet(r, userPermissionsSets, model);
                }
                return(View(model));
            }
            catch (Exception)
            {
                throw new Exception("Error while fetching values");
            }
        }
        /// <summary>
        /// Author: BOS Framework, Inc
        /// Description: Returns the view that displays all the modules and operations that are associated with the given role, together with the complete list of modules and operations
        /// </summary>
        /// <param name="roleId"></param>
        /// <param name="roleName"></param>
        /// <returns></returns>
        public async Task <ActionResult> FetchPermissions(string roleId, string roleName)
        {
            try
            {
                var model = GetPageData(); //This mehod returns all the data that is required for loading the page
                if (model == null)
                {
                    model = new ExpandoObject(); //If the model object is null, we create a new dynamic object
                }

                /* ------------- LOGIC -------------
                 * Get the roleId and verify if it is non-null or non-empty
                 * Make a call to the BOS API to get the list of all the Modules and Operations that the role is permitted
                 * Get the absolute list of all the modules and permissions in the application
                 * Loop through the permitted modules and operations and set the 'IsPermitted' property to true. Based on this property the View is displayed
                 */
                if (!string.IsNullOrWhiteSpace(roleId))                                                                                           //Checking for non-null roleId. This is the for which the permissions are set
                {
                    var ownerPermissionsresponse = await _bosIAClient.GetOwnerPermissionsSetsAsFlatAsync <PermissionsModule>(Guid.Parse(roleId)); //Making a BOS API call to get the permitted list of modules and operations. GetOwnerPermissionsSetsAsFlatAsync endpoint is called becasue it is easier to iterate through a non-nested list

                    if (ownerPermissionsresponse != null && ownerPermissionsresponse.StatusCode == System.Net.HttpStatusCode.Unauthorized)
                    {
                        return(RedirectToAction("SignOut", "Auth"));//Token Expired
                    }
                    //Declaring a few vairables that will help to get to the required output - i.e. a single list of all modules and operations (which is nested) but has a differentiating attribute of 'IsPermitted'
                    List <Module>                allModules          = new List <Module>();
                    List <Operation>             allOperations       = new List <Operation>();
                    List <IPermissionsOperation> permittedOperations = new List <IPermissionsOperation>();
                    List <IPermissionsSet>       permittedModules    = new List <IPermissionsSet>();

                    if (ownerPermissionsresponse != null && ownerPermissionsresponse.IsSuccessStatusCode)
                    {
                        permittedModules    = ownerPermissionsresponse.Permissions.Components; //Assiging the BOS API response of flat-listed modules to the variable
                        permittedOperations = ownerPermissionsresponse.Permissions.Operations; //Assiging the BOS API response of flat-listed operations to the variable
                    }

                    var modulesResponse = await _bosIAClient.GetModulesAsync <Module>(true, true); //Making another BOS API call to get the complete list of Modules in the application

                    if (modulesResponse != null && modulesResponse.StatusCode == System.Net.HttpStatusCode.Unauthorized)
                    {
                        return(RedirectToAction("SignOut", "Auth"));//Token Expired
                    }
                    if (modulesResponse != null && modulesResponse.IsSuccessStatusCode)
                    {
                        allModules = modulesResponse.Modules; //Assiging the BOS API response of complete list of nested modules to the variable
                    }

                    var operationsResponse = await _bosIAClient.GetOperationsAsync <Operation>(true, true); // Making another BOS API call to get the complete list of Operations in the application

                    if (operationsResponse != null && operationsResponse.StatusCode == System.Net.HttpStatusCode.Unauthorized)
                    {
                        return(RedirectToAction("SignOut", "Auth"));//Token Expired
                    }
                    if (operationsResponse != null && operationsResponse.IsSuccessStatusCode)
                    {
                        allOperations = operationsResponse.Operations;  //Assiging the BOS API response of complete list of nested operations to the variable
                    }

                    //Iterating through the permitted list of modules and finding it in the other complete list of modules to set the 'IsPermitted' property to True
                    foreach (PermissionsSet module in permittedModules)
                    {
                        var moduleObj = allModules.Where(x => x.Id == module.ComponentId).FirstOrDefault(); //However, this works only at level-0, in the nested list, so we have a few custom methods that help us iterate through the N-Level down nested list

                        if (moduleObj != null)
                        {
                            moduleObj.IsPermitted = true; //If the permitted moduleId is found in the list of all the Modules, we set its "IsPermitted" property to True

                            //We repeat the process for Operations
                            if (moduleObj.Operations.Count > 0)
                            {
                                foreach (Operation operation in moduleObj.Operations)
                                {
                                    var operationObj = permittedOperations.FirstOrDefault(x => x.OperationId == operation.Id);
                                    if (operationObj != null)
                                    {
                                        operation.IsPermitted = true; //If the permitted OperationId is found in the list of all the Operations, we set its "IsPermitted" property to True
                                    }
                                    else
                                    {
                                        if (operation.ChildOperations != null && operation.ChildOperations.Count > 0)
                                        {
                                            var operationsList = operation.ChildOperations;
                                            SetPermittedSubOperations(operation.Id, ref operationsList, ref permittedOperations);
                                        }
                                    }
                                    if (operation.ChildOperations != null && operation.ChildOperations.Count > 0)
                                    {
                                        var operationsList = operation.ChildOperations;
                                        SetPermittedSubOperations(operation.Id, ref operationsList, ref permittedOperations);
                                    }
                                }
                            }
                        }
                        else
                        {
                            //If it is not found, then we go to the next level of the nested list
                            SetPermittedSubModules(module.ComponentId, ref allModules, ref permittedOperations);
                        }
                    }
                    List <Module> myModuleList = allModules[0].ChildComponents.ConvertAll(o => (Module)o);
                    model.ModuleOperations = myModuleList;  //Finally, assigning the updated "allModules" nested-list to the model
                    model.OwnerId          = roleId;
                    model.RoleName         = roleName;
                    return(View("Index", model)); //Returing to the View with the sufficient data to render the page
                }
                else
                {
                    ModelState.AddModelError("CustomError", "The selected role does not have a verified Id. Please try again.");
                    return(View("Index", model));
                }
            }
            catch (Exception ex)
            {
                Logger.LogException("Permissions", "FetchPermissions", ex);

                dynamic model = new ExpandoObject();
                model.Message    = ex.Message;
                model.StackTrace = ex.StackTrace;
                return(View("ErrorPage", model));
            }
        }
Пример #5
0
        /// <summary>
        /// Author: BOS Framework, Inc
        /// Description: Returns the view that displays all the modules and operations that are associated with the given role
        /// </summary>
        /// <param name="roleId"></param>
        /// <param name="roleName"></param>
        /// <returns></returns>
        public async Task <ActionResult> FetchPermissions(string roleId, string roleName)
        {
            try
            {
                var model = GetPageData();
                if (model == null)
                {
                    model = new ExpandoObject();
                }

                if (!string.IsNullOrWhiteSpace(roleId))
                {
                    var ownerPermissionsresponse = await _bosIAClient.GetOwnerPermissionsSetsAsFlatAsync <PermissionsModule>(Guid.Parse(roleId));

                    List <Module>                allModules          = new List <Module>();
                    List <Operation>             allOperations       = new List <Operation>();
                    List <IPermissionsOperation> permittedOperations = new List <IPermissionsOperation>();
                    List <IPermissionsSet>       permittedModules    = new List <IPermissionsSet>();

                    if (ownerPermissionsresponse != null && ownerPermissionsresponse.IsSuccessStatusCode)
                    {
                        permittedModules    = ownerPermissionsresponse.Permissions.Modules;
                        permittedOperations = ownerPermissionsresponse.Permissions.Operations;
                    }

                    var modulesResponse = await _bosIAClient.GetModulesAsync <Module>(true, true);

                    if (modulesResponse != null && modulesResponse.IsSuccessStatusCode)
                    {
                        allModules = modulesResponse.Modules;
                    }

                    var operationsResponse = await _bosIAClient.GetOperationsAsync <Operation>(true, true);

                    if (operationsResponse != null && operationsResponse.IsSuccessStatusCode)
                    {
                        allOperations = operationsResponse.Operations;
                    }

                    foreach (PermissionsSet module in permittedModules)
                    {
                        var moduleObj = allModules.FirstOrDefault(x => x.Id == module.ModuleId);

                        if (moduleObj != null)
                        {
                            moduleObj.IsPermitted = true;
                            if (moduleObj.Operations.Count > 0)
                            {
                                foreach (Operation operation in moduleObj.Operations)
                                {
                                    var operationObj = permittedOperations.FirstOrDefault(x => x.OperationId == operation.Id);
                                    if (operationObj != null)
                                    {
                                        operation.IsPermitted = true;
                                    }
                                }
                            }
                        }
                    }

                    model.ModuleOperations = allModules;
                    model.OwnerId          = roleId;
                    model.RoleName         = roleName;
                    return(View("Index", model));
                }
                else
                {
                    ModelState.AddModelError("CustomError", "The selected role does not have a verified Id. Please try again.");
                    return(View("Index", model));
                }
            }
            catch (Exception ex)
            {
                Logger.LogException("Permissions", "FetchPermissions", ex);

                dynamic model = new ExpandoObject();
                model.Message    = ex.Message;
                model.StackTrace = ex.StackTrace;
                return(View("ErrorPage", model));
            }
        }