public virtual async Task <ActionResult <DataWithVersion <PermissionsForClient> > > PermissionsForClient()
{
try
{
// Retrieve the user permissions and their current version
var(version, permissions) = await _repo.Permissions__Load();
// Arrange the permission in a DTO that is easy for clients to consume
var permissionsForClient = new PermissionsForClient();
foreach (var gView in permissions.GroupBy(e => e.View))
{
string view = gView.Key;
Dictionary <string, bool> viewActions = gView
.GroupBy(e => e.Action)
.ToDictionary(g => g.Key, g => true);
permissionsForClient[view] = viewActions;
}
// Tag the permissions for client with their current version
var result = new DataWithVersion <PermissionsForClient>
{
Version = version.ToString(),
Data = permissionsForClient
};
// Return the result
return(Ok(result));
}
catch (Exception ex)
{
_logger.LogError($"Error: {ex.Message} {ex.StackTrace}");
return(BadRequest(ex.Message));
}
}
public async Task <Versioned <PermissionsForClient> > PermissionsForClient(CancellationToken cancellation)
{
// Retrieve the user permissions and their current version
var(version, permissions, reportIds, dashboardIds) = await _repo.Permissions__Load(true, cancellation);
// Arrange the permission in a DTO that is easy for clients to consume
var views = new PermissionsForClientViews();
foreach (var gView in permissions.GroupBy(e => e.View))
{
string view = gView.Key;
Dictionary <string, bool> viewActions = gView
.GroupBy(e => e.Action)
.ToDictionary(g => g.Key, g => true);
views[view] = viewActions;
}
// Include the report Ids and definitionIds
var permissionsForClient = new PermissionsForClient
{
Views = views,
ReportIds = reportIds,
DashboardIds = dashboardIds
};
// Tag the permissions for client with their current version
var result = new Versioned <PermissionsForClient>
(
version: version.ToString(),
data: permissionsForClient
);
// Return the result
return(result);
}
public virtual async Task <ActionResult <DataWithVersion <PermissionsForClient> > > GetForClient()
{
try
{
// Retrieve the current version of the permissions
int userId = _tenantInfo.UserId();
Guid version = await _db.LocalUsers.Where(e => e.Id == userId).Select(e => e.PermissionsVersion).FirstOrDefaultAsync();
if (version == null)
{
// This should never happen
return(BadRequest("No user in the system"));
}
// Retrieve all the permissions
var allPermissions = await _db.AbstractPermissions.FromSql($@"
DECLARE @UserId INT = CONVERT(INT, SESSION_CONTEXT(N'UserId'));
SELECT ViewId, Criteria, Level, Mask
FROM [dbo].[Permissions] P
JOIN [dbo].[Roles] R ON P.RoleId = R.Id
JOIN [dbo].[RoleMemberships] RM ON R.Id = RM.RoleId
WHERE R.IsActive = 1
AND RM.UserId = @UserId
UNION
SELECT ViewId, Criteria, Level, Mask
FROM [dbo].[Permissions] P
JOIN [dbo].[Roles] R ON P.RoleId = R.Id
WHERE R.IsPublic = 1
AND R.IsActive = 1
").ToListAsync();
// Arrange the permission in a DTO that is easy for clients to consume
var permissions = new PermissionsForClient();
foreach (var gViewIds in allPermissions.GroupBy(e => e.ViewId))
{
string viewId = gViewIds.Key;
var gLevels = gViewIds.GroupBy(e => e.Level);
var viewPermissions = new ViewPermissionsForClient();
foreach (var gLevel in gLevels)
{
var level = gLevel.Key;
if (level == Constants.Read)
{
viewPermissions.Read = true;
}
if (level == Constants.Create)
{
viewPermissions.Create = true;
}
if (level == Constants.ReadCreate)
{
viewPermissions.Read = true;
viewPermissions.Create = true;
}
if (level == Constants.Update)
{
viewPermissions.Update = true;
}
if (level == Constants.Sign)
{
viewPermissions.Sign = true;
}
}
permissions[viewId] = viewPermissions;
}
// Tag the permissions for client with their current version
var result = new DataWithVersion <PermissionsForClient>
{
Version = version.ToString(),
Data = permissions
};
// Return the result
return(Ok(result));
}
catch (Exception ex)
{
_logger.LogError($"Error: {ex.Message} {ex.StackTrace}");
return(BadRequest(ex.Message));
}
}
