protected override async Task <PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permission, string providerName, string providerKey)
{
var result = new PermissionWithGrantedProviders(permission.Name, false);
if (!permission.IsEnabled)
{
return(result);
}
if (!await PermissionStateManager.IsEnabledAsync(permission))
{
return(result);
}
if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
{
return(result);
}
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
return(result);
}
// 这么做的坏处就是没法给特定的Provider设定是否授权字段
// result.Providers 会出现假数据 UserPermissionProvider未授权, 而所属的
result.IsGranted = await IsGrantedAsync(permission.Name, providerName, providerKey);
return(result);
}
public async Task Global_PermissionState_Test()
{
var myPermission2 = PermissionDefinitionManager.Get("MyPermission2");
(await PermissionStateManager.IsEnabledAsync(myPermission2)).ShouldBeFalse();
using (CurrentPrincipalAccessor.Change(new Claim(AbpClaimTypes.Role, "admin")))
{
(await PermissionStateManager.IsEnabledAsync(myPermission2)).ShouldBeTrue();
}
}
public async Task PermissionState_Test()
{
var myPermission1 = PermissionDefinitionManager.Get("MyPermission1");
myPermission1.StateProviders.ShouldContain(x => x.GetType() == typeof(TestRequireEditionPermissionStateProvider));
(await PermissionStateManager.IsEnabledAsync(myPermission1)).ShouldBeFalse();
using (CurrentPrincipalAccessor.Change(new Claim(AbpClaimTypes.EditionId, Guid.NewGuid().ToString())))
{
(await PermissionStateManager.IsEnabledAsync(myPermission1)).ShouldBeTrue();
}
}
public virtual async Task SetAsync(string permissionName, string providerName, string providerKey, bool isGranted)
{
var permission = PermissionDefinitionManager.Get(permissionName);
if (!permission.IsEnabled || !await PermissionStateManager.IsEnabledAsync(permission))
{
//TODO: BusinessException
throw new ApplicationException($"The permission named '{permission.Name}' is disabled!");
}
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
//TODO: BusinessException
throw new ApplicationException($"The permission named '{permission.Name}' has not compatible with the provider named '{providerName}'");
}
if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
{
//TODO: BusinessException
throw new ApplicationException($"The permission named '{permission.Name}' has multitenancy side '{permission.MultiTenancySide}' which is not compatible with the current multitenancy side '{CurrentTenant.GetMultiTenancySide()}'");
}
var currentGrantInfo = await GetInternalAsync(permission, providerName, providerKey);
if (currentGrantInfo.IsGranted == isGranted)
{
return;
}
var provider = ManagementProviders.FirstOrDefault(m => m.Name == providerName);
if (provider == null)
{
//TODO: BusinessException
throw new AbpException("Unknown permission management provider: " + providerName);
}
await provider.SetAsync(permissionName, providerKey, isGranted);
}
protected virtual async Task <PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permission, string providerName, string providerKey)
{
var result = new PermissionWithGrantedProviders(permission.Name, false);
if (!permission.IsEnabled)
{
return(result);
}
if (!await PermissionStateManager.IsEnabledAsync(permission))
{
return(result);
}
if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
{
return(result);
}
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
return(result);
}
foreach (var provider in ManagementProviders)
{
var providerResult = await provider.CheckAsync(permission.Name, providerName, providerKey);
if (providerResult.IsGranted)
{
result.IsGranted = true;
result.Providers.Add(new PermissionValueProviderInfo(provider.Name, providerResult.ProviderKey));
}
}
return(result);
}
