/// <summary> /// Return allowed categories based on the users role /// </summary> /// <param name="role"></param> /// <returns></returns> public IEnumerable<Category> GetAllowedCategories(IMemberGroup role) { var filteredCats = new List<Category>(); var allCats = GetAll().Where(x => !x.LockCategory); foreach (var category in allCats) { var permissionSet = ServiceFactory.PermissionService.GetPermissions(category, role); if (!permissionSet[AppConstants.PermissionDenyAccess].IsTicked && !permissionSet[AppConstants.PermissionReadOnly].IsTicked) { filteredCats.Add(category); } } return filteredCats; }
// var permissionSet = _permissionService.GetPermissions(category, role); //if (!permissionSet[AppConstants.PermissionDenyAccess].IsTicked) //{ // filteredCats.Add(category); //} /// <summary> /// Admin: so no need to check db, admin is all powerful /// </summary> private PermissionSet GetAdminPermissions(Category category, IMemberGroup memberGroup) { // Get all permissions var permissionList = GetAll(); // Make a new entry in the results against each permission. All true (this is admin) except "Deny Access" // and "Read Only" which should be false var permissionSet = new PermissionSet(permissionList.Select(permission => new CategoryPermission { Category = category, IsTicked = (permission.Name != AppConstants.PermissionDenyAccess && permission.Name != AppConstants.PermissionReadOnly), MemberGroup = memberGroup, Permission = permission }).ToList()); return permissionSet; }
public DialoguePageController() { _membersGroup = (CurrentMember == null ? ServiceFactory.MemberService.GetGroupByName(AppConstants.GuestRoleName) : CurrentMember.Groups.FirstOrDefault()); }
/// <summary> /// Returns permission set based on category and role /// </summary> /// <param name="category"></param> /// <param name="memberGroup"></param> /// <returns></returns> public PermissionSet GetPermissions(Category category, IMemberGroup memberGroup) { if (memberGroup == null) { // This can only happen if the user has deleted a group, and not reassigned them // so in this occasion we just set them to a guest until the admin assigns them a new group memberGroup = ServiceFactory.MemberService.GetGroupByName(AppConstants.GuestRoleName); } // Pass the role in to see select which permissions to apply // Going to cache this per request, just to help with performance var objectContextKey = string.Concat(HttpContext.Current.GetHashCode().ToString("x"), "-", category.Id, "-", memberGroup.Id); if (!HttpContext.Current.Items.Contains(objectContextKey)) { switch (memberGroup.Name) { case AppConstants.AdminRoleName: _permissions = GetAdminPermissions(category, memberGroup); break; case AppConstants.GuestRoleName: _permissions = GetGuestPermissions(category, memberGroup); break; default: _permissions = GetOtherPermissions(category, memberGroup); break; } HttpContext.Current.Items.Add(objectContextKey, _permissions); } return HttpContext.Current.Items[objectContextKey] as PermissionSet; }
/// <summary> /// Get permissions for roles other than those specially treated in this class /// </summary> /// <param name="category"></param> /// <param name="memberGroup"></param> /// <returns></returns> private PermissionSet GetOtherPermissions(Category category, IMemberGroup memberGroup) { // Get all permissions var permissionList = GetAll(); // Get the known permissions for this role and category var categoryRow = ServiceFactory.CategoryPermissionService.GetCategoryRow(memberGroup.Id, category.Id); //var categoryRowPermissions = categoryRow.ToDictionary(catRow => catRow.Permission); // Load up the results with the permisions for this role / cartegory. A null entry for a permissions results in a new // record with a false value var permissions = new List<CategoryPermission>(); foreach (var permission in permissionList) { permissions.Add(categoryRow.ContainsKey(permission) ? categoryRow[permission] : new CategoryPermission { Category = category, MemberGroup = memberGroup, IsTicked = false, Permission = permission }); } var permissionSet = new PermissionSet(permissions); return permissionSet; }
/// <summary> /// Guest = Not logged in, so only need to check the access permission /// </summary> /// <param name="category"></param> /// <param name="memberGroup"></param> private PermissionSet GetGuestPermissions(Category category, IMemberGroup memberGroup) { // Get all the permissions var permissionList = GetAll(); // Make a CategoryPermissionForRole for each permission that exists, // but only set the read-only permission to true for this role / category. All others false var permissions = permissionList.Select(permission => new CategoryPermission { Category = category, IsTicked = permission.Name == AppConstants.PermissionReadOnly, MemberGroup = memberGroup, Permission = permission }).ToList(); // Deny Access may have been set (or left null) for guest for the category, so need to read for it var denyAccessPermission = ServiceFactory.CategoryPermissionService.GetByRole(memberGroup.Id) .FirstOrDefault(x => x.CategoryId == category.Id && x.Permission.Name == AppConstants.PermissionDenyAccess && x.MemberGroupId == memberGroup.Id); // Set the Deny Access value in the results. If it's null for this role/category, record it as false in the results var categoryPermissionForRole = permissions.FirstOrDefault(x => x.Permission.Name == AppConstants.PermissionDenyAccess); if (categoryPermissionForRole != null) { categoryPermissionForRole.IsTicked = denyAccessPermission != null && denyAccessPermission.IsTicked; } var permissionSet = new PermissionSet(permissions); return permissionSet; }
public DialogueCategorySurfaceController() { _usersRole = (CurrentMember == null ? ServiceFactory.MemberService.GetGroupByName(AppConstants.GuestRoleName) : CurrentMember.Groups.FirstOrDefault()); }
public PersonActivityController(HttpContext httpContext, IPerson person, ISignInfo signInfo, IMemberGroup memberGroup) { if (httpContext.Session["UserID"] != null) { GameID = Convert.ToInt32(httpContext.Session["UserID"].ToString()); } EFPerson = person; EFSign = signInfo; EFMemberGroup = memberGroup; }