public virtual async Task <ActionResult <DataWithVersion <PermissionsForClient> > > PermissionsForClient() { try { // Retrieve the user permissions and their current version var(version, permissions) = await _repo.Permissions__Load(); // Arrange the permission in a DTO that is easy for clients to consume var permissionsForClient = new PermissionsForClient(); foreach (var gView in permissions.GroupBy(e => e.View)) { string view = gView.Key; Dictionary <string, bool> viewActions = gView .GroupBy(e => e.Action) .ToDictionary(g => g.Key, g => true); permissionsForClient[view] = viewActions; } // Tag the permissions for client with their current version var result = new DataWithVersion <PermissionsForClient> { Version = version.ToString(), Data = permissionsForClient }; // Return the result return(Ok(result)); } catch (Exception ex) { _logger.LogError($"Error: {ex.Message} {ex.StackTrace}"); return(BadRequest(ex.Message)); } }
public async Task <Versioned <PermissionsForClient> > PermissionsForClient(CancellationToken cancellation) { // Retrieve the user permissions and their current version var(version, permissions, reportIds, dashboardIds) = await _repo.Permissions__Load(true, cancellation); // Arrange the permission in a DTO that is easy for clients to consume var views = new PermissionsForClientViews(); foreach (var gView in permissions.GroupBy(e => e.View)) { string view = gView.Key; Dictionary <string, bool> viewActions = gView .GroupBy(e => e.Action) .ToDictionary(g => g.Key, g => true); views[view] = viewActions; } // Include the report Ids and definitionIds var permissionsForClient = new PermissionsForClient { Views = views, ReportIds = reportIds, DashboardIds = dashboardIds }; // Tag the permissions for client with their current version var result = new Versioned <PermissionsForClient> ( version: version.ToString(), data: permissionsForClient ); // Return the result return(result); }
public virtual async Task <ActionResult <DataWithVersion <PermissionsForClient> > > GetForClient() { try { // Retrieve the current version of the permissions int userId = _tenantInfo.UserId(); Guid version = await _db.LocalUsers.Where(e => e.Id == userId).Select(e => e.PermissionsVersion).FirstOrDefaultAsync(); if (version == null) { // This should never happen return(BadRequest("No user in the system")); } // Retrieve all the permissions var allPermissions = await _db.AbstractPermissions.FromSql($@" DECLARE @UserId INT = CONVERT(INT, SESSION_CONTEXT(N'UserId')); SELECT ViewId, Criteria, Level, Mask FROM [dbo].[Permissions] P JOIN [dbo].[Roles] R ON P.RoleId = R.Id JOIN [dbo].[RoleMemberships] RM ON R.Id = RM.RoleId WHERE R.IsActive = 1 AND RM.UserId = @UserId UNION SELECT ViewId, Criteria, Level, Mask FROM [dbo].[Permissions] P JOIN [dbo].[Roles] R ON P.RoleId = R.Id WHERE R.IsPublic = 1 AND R.IsActive = 1 ").ToListAsync(); // Arrange the permission in a DTO that is easy for clients to consume var permissions = new PermissionsForClient(); foreach (var gViewIds in allPermissions.GroupBy(e => e.ViewId)) { string viewId = gViewIds.Key; var gLevels = gViewIds.GroupBy(e => e.Level); var viewPermissions = new ViewPermissionsForClient(); foreach (var gLevel in gLevels) { var level = gLevel.Key; if (level == Constants.Read) { viewPermissions.Read = true; } if (level == Constants.Create) { viewPermissions.Create = true; } if (level == Constants.ReadCreate) { viewPermissions.Read = true; viewPermissions.Create = true; } if (level == Constants.Update) { viewPermissions.Update = true; } if (level == Constants.Sign) { viewPermissions.Sign = true; } } permissions[viewId] = viewPermissions; } // Tag the permissions for client with their current version var result = new DataWithVersion <PermissionsForClient> { Version = version.ToString(), Data = permissions }; // Return the result return(Ok(result)); } catch (Exception ex) { _logger.LogError($"Error: {ex.Message} {ex.StackTrace}"); return(BadRequest(ex.Message)); } }