public ActionResult SaveMenuPermissions(PermissionsModel model)
{
try
{
var entity = new PermissionsDto
{
Id = model.Id,
MenuId = model.MenuId,
Name = model.Name,
Action = model.Action,
Code = model.Code,
Type = model.Type,
Remark = model.Remark
};
var response = _permissionsService.SavePermissions(new SavePermissionsRequest
{
Entity = entity
});
if (!response.IsSuccess)
{
return(ToJsonErrorResult(1, response.MessageText));
}
return(ToJsonResult(new { status = 0 }));
}
catch (Exception ex)
{
LogManager.DefaultLogger.ErrorFormat("保存菜单权限出错:{0}", new { model, err = ex.ToString() }.ToJson());
return(ToJsonFatalResult("保存菜单权限出错"));
}
}
public async Task <PermissionsDto> Get()
{
var dto = new PermissionsDto();
var userId = User.GetDiscordId();
await foreach (var claim in _context.UserClaims
.AsNoTracking()
.Where(claim => claim.UserId == userId)
.Where(claim => claim.ClaimType == AppClaimTypes.Character || claim.ClaimType == AppClaimTypes.RaidLeader)
.AsAsyncEnumerable())
{
if (long.TryParse(claim.ClaimValue, out var resourceId))
{
if (claim.ClaimType == AppClaimTypes.Character)
{
dto.Characters.Add(resourceId);
}
else if (claim.ClaimType == AppClaimTypes.RaidLeader)
{
dto.Teams.Add(resourceId);
}
}
}
return(dto);
}
//private static SchoolContext _context = new SchoolContext();
//管控權限
public static List <PermissionsDto> GetPersonalPermissions(string LogonId)
{
SchoolContext _context = new SchoolContext();
var permissionsDtoList = new List <PermissionsDto>();
var user = _context.ApplicationUser.FirstOrDefault(x => x.LogonId == LogonId);
var userRoles = _context.ApplicationUserRoles.FirstOrDefault(x => x.UserId == user.ID);
var permissions = _context.Permissions.Where(x => x.RoleId == userRoles.RoleId);
foreach (var permission in permissions)
{
PermissionsDto permissionsDto = new PermissionsDto
{
ID = permission.ID,
Name = permission.Name,
Url = permission.Url,
IsGranted = permission.IsGranted,
CreatedUserId = permission.CreatedUserId,
CreateDate = permission.CreateDate,
RoleId = permission.RoleId,
MenuItemsId = permission.MenuItemsId
};
permissionsDtoList.Add(permissionsDto);
}
return(permissionsDtoList);
}
private PermissionsDto GetPermissionsData(int portalId, int desktopModuleId)
{
var permissions = new PermissionsDto(true);
if (desktopModuleId > 0)
{
var portalModule = DesktopModuleController.GetPortalDesktopModule(portalId, desktopModuleId);
if (portalModule != null)
{
permissions.DesktopModuleId = desktopModuleId;
var modulePermissions = DesktopModulePermissionController.GetDesktopModulePermissions(portalModule.PortalDesktopModuleID);
foreach (DesktopModulePermissionInfo permission in modulePermissions)
{
if (permission.UserID != Null.NullInteger)
{
permissions.AddUserPermission(permission);
}
else
{
permissions.AddRolePermission(permission);
}
}
permissions.RolePermissions =
permissions.RolePermissions.OrderByDescending(p => p.Locked)
.ThenByDescending(p => p.IsDefault)
.ThenBy(p => p.RoleName)
.ToList();
permissions.UserPermissions = permissions.UserPermissions.OrderBy(p => p.DisplayName).ToList();
}
}
return(permissions);
}
public async Task <IActionResult> SetPermission([FromBody] PermissionsDto newPermission)
{
int environmentOwnerId = await _repo.GetEnvironmentOwnerId(newPermission.EnvironmentId);
//TODO Umbauen?
AuthorizationResult authorization = await _authService.AuthorizeAsync(User, null,
new[]
{
new ChangePermissionRequirement(newPermission.EnvironmentId, environmentOwnerId, newPermission.UserId,
PermissionFlags.IsOwner | PermissionFlags.ManageUsers)
});
if (!authorization.Succeeded)
{
return(Unauthorized());
}
Permission currentPermission = await _repo.GetUserPermission(newPermission.EnvironmentId, newPermission.UserId);
_mapper.Map(newPermission, currentPermission);
currentPermission.Serial = SerialGenerator.Generate();
_permissionsCache.Update(currentPermission.UserId, currentPermission.Environment.Id, currentPermission);
if (await _repo.SaveAll())
{
return(NoContent());
}
throw new Exception($"Error saving permissions user:{newPermission.UserId} env:{newPermission.EnvironmentId}");
}
public async Task <PermissionsDto> Get()
{
var dto = new PermissionsDto();
var userId = User.GetDiscordId();
Debug.Assert(userId.HasValue);
await foreach (var characterId in _context.Characters
.AsNoTracking()
.Where(c => c.OwnerId == userId)
.Select(c => c.Id)
.AsAsyncEnumerable())
{
dto.Characters.Add(characterId);
}
await foreach (var teamId in _context.RaidTeamLeaders
.AsNoTracking()
.Where(rtl => rtl.UserId == userId)
.Select(rtl => rtl.RaidTeamId)
.AsAsyncEnumerable())
{
dto.Teams.Add(teamId);
}
return(dto);
}
public IActionResult GetPermissions()
{
PermissionsDto permissions = new PermissionsDto()
{
Roles = _roleManager.Roles.Select(x => x.Name).ToList()
};
return(Ok(permissions));
}
private string GetFilePermission(PermissionsDto permissions, string propertyName)
{
var propertyValueObject = typeof(PermissionsDto).GetProperty(propertyName).GetValue(permissions, null);
if (propertyValueObject is string filePermission)
{
return(filePermission);
}
throw new InvalidCastException();
}
public static string ToBits(this PermissionsDto permission)
{
var values = new List <short>()
{
Convert.ToInt16(permission.ManageUsers),
Convert.ToInt16(permission.EditArticleSettings),
Convert.ToInt16(permission.CanScan),
Convert.ToInt16(permission.IsOwner)
};
return(string.Join("", values));
}
public async Task <IActionResult> Post([FromBody] PermissionsDto permissionDto)
{
if (!User.Identity.IsAuthenticated)
{
throw new AuthenticationException();
}
var permission = _mapper.Map <Permissions>(permissionDto);
await _permissionsService.InsertPermission(permission);
permissionDto = _mapper.Map <PermissionsDto>(permission);
var response = new ApiResponse <PermissionsDto>(permissionDto);
return(Ok(response));
}
public async Task <IActionResult> Put(int id, PermissionsDto permissionDto)
{
if (!User.Identity.IsAuthenticated)
{
throw new AuthenticationException();
}
var permission = _mapper.Map <Permissions>(permissionDto);
permission.Id = id;
var result = await _permissionsService.UpdatePermission(permission);
var response = new ApiResponse <bool>(result);
return(Ok(response));
}
public async Task <IActionResult> GetPermissionsDtoesByRoleIDAsync(int roleID)
{
List <PermissionsDto> permissionsDtos;//权限集合
//拿取全部的权限
var permissions = await context.Permissions.Where(m => m.IsDel == 0).ToListAsync();
//Auto映射
permissionsDtos = mapper.Map <List <PermissionsDto> >(permissions);
if (roleID == 0)
{
return(Ok(new { code = 0, msg = "", count = permissionsDtos.Count(), data = permissionsDtos }));
}
//根据角色ID获取对应的权限记录
var roles_Permissions = await wrapperRepository.Role_PermissionRepository.GetRoles_PermissionsByRoleID(roleID);
List <PermissionsDto> rolePermissionsDtos = new List <PermissionsDto>();
//遍历权限集合和 角色权限记录表里的权限进行比对,一样的花就设置选中状态为true
foreach (var permissionsDto in permissionsDtos)
{
PermissionsDto dto = mapper.Map <PermissionsDto>(permissionsDto); //Auto映射
foreach (var roles_Permission in roles_Permissions)
{
if (permissionsDto.ID == roles_Permission.PermissionID) //如果角色包含这个权限就让选中状态为true
{
dto.LAY_CHECKED = true;
}
}
rolePermissionsDtos.Add(dto);
}
return(Ok(new { code = 0, msg = "", count = rolePermissionsDtos.Where(m => m.IsDel == 0).Count(), data = rolePermissionsDtos.Where(m => m.IsDel == 0) }));
}
public void NotificationTest()
{
/* 1. Join Env
* 2. Login user and switch to Tom's env
* 3. Login Owner
* 4. Change Permissions
* 5. Verify Header
* 6. Udpate token
* 7. Verify new Permissions
* 8. Verify Header*/
ResetDb();
var initialPermissions = new Permission()
{
CanScan = true, EditArticleSettings = true
};
JoinEnvironment("sepp", "Zu Hause von Tom", initialPermissions);
LoginResponseObject loginSepp = WebClient.Login("sepp", "P@ssw0rd");
//Switch to other Environment
HttpResponseMessage changeEnvironmentResult =
WebClient.GetAsync($"auth/UpdatePermissionClaims/{loginSepp.MappedUser.Id}/?environmentId=2").Result;
loginSepp.PermissionsToken = JObject.Parse(changeEnvironmentResult.Content.ReadAsStringAsync().Result)
.ToObject <LoginResponseObject>().PermissionsToken;
//Set new Permissions
var newPermission = new PermissionsDto()
{
UserId = loginSepp.MappedUser.Id,
EnvironmentId = 2,
CanScan = true,
EditArticleSettings = true,
ManageUsers = true // New
};
WebClient.Login("tom", "P@ssw0rd");
HttpResponseMessage setPermissionsResult =
WebClient.PutAsJsonAsync("users/SetPermission", newPermission).Result;
//Execute some Action to trigger permissions changed notification
HttpResponseMessage invitationsCountResult = WebClient.UseLogin(loginSepp)
.GetAsync($"users/InvitationsCount/{loginSepp.MappedUser.Id}").Result;
//Update the Token
HttpResponseMessage updateTokenResult = WebClient.GetAsync(
$"auth/UpdatePermissionClaims/{loginSepp.MappedUser.Id}/?environmentId=2").Result;
loginSepp.PermissionsToken = JObject.Parse(updateTokenResult.Content.ReadAsStringAsync().Result)
.ToObject <LoginResponseObject>().PermissionsToken;
JwtSecurityToken token = JwtHelper.DecodeToken(loginSepp.PermissionsToken);
string updatedPermissions = token.Claims.FirstOrDefault(c => c.Type == BeepClaimTypes.Permissions)?.Value;
//Execute another action to verify permissions changed notification is gone
HttpResponseMessage noPermissionsChangedHeader = WebClient.UseLogin(loginSepp)
.GetAsync($"users/InvitationsCount/{loginSepp.MappedUser.Id}").Result;
Assert.True(changeEnvironmentResult.IsSuccessStatusCode);
Assert.True(setPermissionsResult.IsSuccessStatusCode);
Assert.NotNull(invitationsCountResult.Headers.FirstOrDefault(h => h.Key == "PermissionsChanged").Value);
Assert.Equal(newPermission.ToBits(), updatedPermissions);
Assert.Null(noPermissionsChangedHeader.Headers.FirstOrDefault(h => h.Key == "PermissionsChanged").Value);
}
