public void RevokePermission(operation mOperation, objectRbac mObject, role mRole) { role TempRole = Mapping(mRole); if (TempRole == null) { throw new Exception("Role Does not exist in system."); } objectRbac tempObject = Mapping(mObject); operation tempOperation = Mapping(mOperation); if (tempOperation == null || tempObject == null) { return; } //Grant permission string hsql = "from permission per where per.ObjectRBAC = :ObjectRBAC AND per.Operation = :Operation "; List <permission> _lst = PermissionSrv.GetbyHQuery(hsql, new SQLParam("ObjectRBAC", tempObject), new SQLParam("ObjectRBAC", tempOperation)); permission TempPermission = (_lst == null || _lst.Count == 0) ? null : _lst[0]; if (TempPermission != null) { if (TempRole.Permissions.Contains(TempPermission)) { TempRole.Permissions.Remove(TempPermission); RoleSrv.CommitChanges(); } } }
public void UnInstallObject(string mObject) { if (_App == null) { return; } IoperationService OperationSrv = new operationService(SessionFactoryConfigPath); IobjectService ObjectSrv = new objectService(SessionFactoryConfigPath); IpermissionService PermissionSrv = new permissionService(SessionFactoryConfigPath); objectRbac tempObject = ObjectSrv.GetByName(mObject, _App.AppID); if (tempObject == null) { return; } string HQL = "from permission per where per.ObjectRBAC = :ObjectRBAC"; IList <permission> PerList = PermissionSrv.GetbyHQuery(HQL, new SQLParam("ObjectRBAC", tempObject)); foreach (permission per in PerList) { per.Roles.Clear(); PermissionSrv.Delete(per); } ObjectSrv.Delete(tempObject); ObjectSrv.CommitChanges(); }
public void GrantPermission(string mObject, string mOperation, string[] mRoles) { if (_App == null) { return; } string HQL = "from role r where r.AppID = :AppID AND r.name in ({0})"; string ParaStr = ":" + string.Join(",:", mRoles); HQL = string.Format(HQL, ParaStr); SQLParam[] paramList = new SQLParam[mRoles.Length + 1]; paramList[0] = new SQLParam("AppID", _App.AppID); for (int i = 0; i < mRoles.Length; i++) { paramList[i + 1] = new SQLParam(mRoles[i], mRoles[i]); } List <role> RoleLst = RoleSrv.GetbyHQuery(HQL, paramList); if (RoleLst == null || RoleLst.Count == 0) { return; } //Grant permission permission TempPermission = PermissionSrv.GetPermission(mObject, mOperation, _App.AppID); if (TempPermission == null) { objectRbac tempObject = ObjectSrv.GetByName(mObject, _App.AppID); operation tempOperation = OperationSrv.GetByName(mOperation, _App.AppID); if (tempObject == null || tempOperation == null) { return; } TempPermission = new permission(); TempPermission.AppID = _App.AppID; TempPermission.name = tempObject.name + ":" + tempOperation.name; TempPermission.ObjectRBAC = tempObject; TempPermission.Operation = tempOperation; TempPermission.Roles = new List <role>(); foreach (role r in RoleLst) { TempPermission.Roles.Add(r); } PermissionSrv.CreateNew(TempPermission); PermissionSrv.CommitChanges(); } else { foreach (role r in RoleLst) { if (!TempPermission.Roles.Contains(r)) { TempPermission.Roles.Add(r); } } PermissionSrv.CommitChanges(); } }
public void DeleteObject(objectRbac mObject) { objectRbac tempObject = Mapping(mObject); if (tempObject != null) { ObjectSrv.Delete(tempObject); } ObjectSrv.CommitChanges(); }
public IList <operation> GetOperationsOnRoleObject(string mRole, string mObject) { if (_App == null) { return(null); } role TempRole = RoleSrv.GetByName(mRole, _App.AppID); objectRbac TempObject = ObjectSrv.GetByName(mObject, _App.AppID); return((from per in TempRole.Permissions where (per.ObjectRBAC == TempObject) select per.Operation).ToList <operation>()); }
public IList <operation> RoleOperationsOnObject(role mRole, objectRbac mObject) { role TempRole = Mapping(mRole); objectRbac TempObject = Mapping(mObject); if (TempRole.AppID != App.AppID || TempObject.AppID != App.AppID) { return(null); } return((from per in TempRole.Permissions where (per.ObjectRBAC == TempObject) select per.Operation).ToList <operation>()); }
public IList <operation> GetOperationsOnRoleObject(string mRole, string mObject) { if (_App == null) { return(null); } IobjectService ObjectSrv = new objectService(SessionFactoryConfigPath); IroleService RoleSrv = new roleService(SessionFactoryConfigPath); role TempRole = RoleSrv.GetByName(mRole, _App.AppID); objectRbac TempObject = ObjectSrv.GetByName(mObject, _App.AppID); return((from per in TempRole.Permissions where (per.ObjectRBAC == TempObject) select per.Operation).ToList <operation>()); }
private objectRbac Mapping(objectRbac mObject) { objectRbac tempObject; if (mObject.objectid > 0) { tempObject = ObjectSrv.Getbykey(mObject.objectid); } else { tempObject = ObjectSrv.GetByName(mObject.name, App.AppID); } return(tempObject); }
public IList <operation> UserOperationsOnObject(user mUser, objectRbac mObject) { IList <operation> _ret = new List <operation>(); objectRbac TempObject = Mapping(mObject); IList <role> Role_Lst = AuthorizedRoles(mUser); foreach (role r in Role_Lst) { List <operation> operationLst = (from per in r.Permissions where (per.ObjectRBAC == TempObject) select per.Operation).ToList <operation>(); foreach (operation op in operationLst) { if (!_ret.Contains(op)) { _ret.Add(op); } } } return(_ret); }
public void GrantPermission(objectRbac mObject, operation mOperation, role mRole) { role TempRole = Mapping(mRole); if (TempRole == null) { throw new Exception("Role Does not exist in system."); } objectRbac tempObject = Mapping(mObject); operation tempOperation = Mapping(mOperation); //Grant permission string hsql = "from permission per where per.ObjectRBAC = :ObjectRBAC AND per.Operation = :Operation "; List <permission> _lst = PermissionSrv.GetbyHQuery(hsql, new SQLParam("ObjectRBAC", tempObject), new SQLParam("ObjectRBAC", tempOperation)); permission TempPermission = (_lst == null || _lst.Count == 0) ? null : _lst[0]; if (TempPermission == null) { TempPermission = new permission(); TempPermission.AppID = App.AppID; TempPermission.name = tempObject.name + ":" + tempOperation.name; TempPermission.ObjectRBAC = tempObject; TempPermission.Operation = tempOperation; PermissionSrv.CreateNew(TempPermission); TempRole.Permissions.Add(TempPermission); RoleSrv.CommitChanges(); } else { if (!TempRole.Permissions.Contains(TempPermission)) { TempRole.Permissions.Add(TempPermission); RoleSrv.CommitChanges(); } } }
public ActionResult UpdateObj(ObjectView obj) { if (ModelState.IsValid) { var checkname = _iService.Query.FirstOrDefault(x => x.name.ToUpper() == obj.name.ToUpper()); if (checkname == null || checkname.objectid == obj.objectid) { try { objectRbac p = new objectRbac(); p = _iService.Getbykey(obj.objectid); p.name = obj.name.Trim(); var _nhomcn_object = _INHOMCHUCNANG_OBJECTService.Getbykey(obj.objectid); _nhomcn_object.NHOMCHUCNANGID = obj.nhomchucnangid; _iService.BeginTran(); _INHOMCHUCNANG_OBJECTService.Update(_nhomcn_object); _iService.Update(p); _iService.CommitTran(); _iLogSystemService.CreateNew(HttpContext.User.Identity.Name, "Cập nhật chức năng", "Thực hiện chức năng cập nhật chức năng", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser); } catch (Exception e) { _iService.RolbackTran(); ViewData["EditError"] = e.Message; } } else { ViewData["EditError"] = "Tên đã tồn tại, xin chọn tên khác!"; } } else { ViewData["EditError"] = "Bạn phải nhập đầy đủ thông tin!"; } return(PartialView("ObjectPartial", GetAllObjectView())); }
public void InstallObject(string mObject, string[] mOperations) { if (_App == null) { return; } IoperationService OperationSrv = new operationService(SessionFactoryConfigPath); IobjectService ObjectSrv = new objectService(SessionFactoryConfigPath); IpermissionService PermissionSrv = new permissionService(SessionFactoryConfigPath); objectRbac tempObject = ObjectSrv.GetByName(mObject, _App.AppID); if (tempObject != null) { return; } tempObject = new objectRbac(); tempObject.AppID = _App.AppID; tempObject.name = mObject; ObjectSrv.CreateNew(tempObject); foreach (string ope in mOperations) { operation TempOpe = OperationSrv.GetByName(ope, _App.AppID); if (TempOpe == null) { TempOpe = new operation(); TempOpe.name = ope; TempOpe.AppID = _App.AppID; OperationSrv.CreateNew(TempOpe); } permission TempPermission = new permission(); TempPermission.AppID = _App.AppID; TempPermission.name = tempObject.name + ":" + TempOpe.name; TempPermission.ObjectRBAC = tempObject; TempPermission.Operation = TempOpe; PermissionSrv.CreateNew(TempPermission); } PermissionSrv.CommitChanges(); }
public ActionResult AddNewPms(ObjectPermission obpms) { if (ModelState.IsValid && Session["MultiType"] != null) { var checkPermissionInObject = _iPMSService.Query.Where(m => m.ObjectRBAC.objectid == obpms.ObjectId) .Select(n => n.permissionid) .ToList(); int count = checkPermissionInObject.Count; if (count < 8) { var checkname = _iPMSService.Query.FirstOrDefault(x => x.name.ToUpper() == obpms.PmsName.ToUpper()); if (checkname == null) { try { objectRbac objRb = new objectRbac(); objRb.objectid = obpms.ObjectId; permission p = new permission(); p.AppID = 1; p.name = obpms.PmsName.Trim(); p.Description = obpms.DesPms.Trim(); p.ObjectRBAC = objRb; var Type_pms = new TYPE_PERMISSION(); string TYPE_PERMISSIONMULTI = Session["MultiType"].ToString(); _iPMSService.BeginTran(); _iPMSService.CreateNew(p); Type_pms.PERMISSIONID = p.permissionid; Type_pms.TYPE_PERMISSIONMULTI = TYPE_PERMISSIONMULTI; Type_pms.LOAI_PERMISSION = obpms.LoaiPermission; _ITYPE_PERMISSIONService.CreateNew(Type_pms); _iPMSService.CommitTran(); _iLogSystemService.CreateNew(HttpContext.User.Identity.Name, "Thêm mới tác vụ ", "Thực hiện chức năng thêm mới tác vụ", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser); } catch (Exception e) { _iPMSService.RolbackTran(); ViewData["EditError"] = e.Message; } } else { ViewData["EditError"] = "Tên đã tồn tại, xin chọn tên khác!"; } } else { ViewData["EditError"] = "Một chức năng chỉ chứa tối đa 8 tác vụ, nhóm hiện đã có 8 tác vụ, vui lòng chọn chức năng khác!"; } } else { ViewData["EditError"] = "Bạn phải nhập đầy đủ thông tin"; } Session["MultiType"] = null; Session["MultiTypeCheckEdit"] = null; return(PartialView("PERMISSIONPartial", GetAllPms())); }
public ActionResult UpdatePms(ObjectPermission obpms) { if ((ModelState.IsValid && Session["MultiTypeCheckEdit"] == null) || (ModelState.IsValid && Session["MultiType"] != null)) { var checkPermissionInObject = _iPMSService.Query.Where(m => m.ObjectRBAC.objectid == obpms.ObjectId) .Select(n => n.permissionid) .ToList(); int count = checkPermissionInObject.Count; if (count <= 8) { var checkname = _iPMSService.Query.FirstOrDefault(x => x.name.ToUpper() == obpms.PmsName.ToUpper()); if (checkname == null || checkname.permissionid == obpms.PermissionId) { try { objectRbac objRecord = new objectRbac(); objRecord.objectid = obpms.ObjectId; permission p = new permission(); p = _iPMSService.Getbykey(obpms.PermissionId); p.name = obpms.PmsName.Trim(); p.Description = obpms.DesPms.Trim(); p.ObjectRBAC = objRecord; _iPMSService.BeginTran(); if (Session["MultiType"] != null) { var Type_pms = _ITYPE_PERMISSIONService.Getbykey(obpms.PermissionId); string TYPE_PERMISSIONMULTI = Session["MultiType"].ToString(); Type_pms.TYPE_PERMISSIONMULTI = TYPE_PERMISSIONMULTI; var listrole = _iroleService.Query.Where(m => m.Permissions.Any(n => n.permissionid == obpms.PermissionId)); foreach (var item in listrole) { var typerole = _iTypeRoleService.Query.FirstOrDefault(m => m.ROLE_ID == item.roleid) != null?_iTypeRoleService.Query.FirstOrDefault(m => m.ROLE_ID == item.roleid).TYPE : -1; if (!(TYPE_PERMISSIONMULTI.Contains(typerole + ""))) { IList <permission> listtam = item.Permissions; var bientam_PMS = listtam.FirstOrDefault(m => m.permissionid == obpms.PermissionId); listtam.Remove(bientam_PMS); item.Permissions = listtam; _iroleService.Update(item); } } _ITYPE_PERMISSIONService.Update(Type_pms); } _iPMSService.Update(p); _iPMSService.CommitTran(); _iLogSystemService.CreateNew(HttpContext.User.Identity.Name, "Cập nhật tác vụ ", "Thực hiện chức năng cập nhật tác vụ", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser); } catch (Exception e) { _iPMSService.RolbackTran(); ViewData["EditError"] = e.Message; } } else { ViewData["EditError"] = "Tên đã tồn tại, xin chọn tên khác!"; } } else { ViewData["EditError"] = "Một chức năng chỉ chứa tối đa 8 tác vụ, nhóm hiện đã có 8 tác vụ, vui lòng chọn chức năng khác!"; } } else { ViewData["EditError"] = "Bạn phải nhập đầy đủ thông tin"; } Session["MultiType"] = null; Session["MultiTypeCheckEdit"] = null; return(PartialView("PERMISSIONPartial", GetAllPms())); }
public void AddObject(objectRbac mObject) { mObject.AppID = App.AppID; ObjectSrv.CreateNew(mObject); }
public bool CheckAccess(session mSession, operation mOperation, objectRbac mObject) { throw new Exception("This method have not Implement."); }
public Applications CreateNewApplication(string AppName, string AppDescription, string AppUrl, string username, string password) { Applications TempApp = GetByName(AppName); if (TempApp != null) { throw new Exception("This Application is exist."); } userService UserSrv = new userService(SessionFactoryConfigPath); roleService RoleSrv = new roleService(SessionFactoryConfigPath); objectService ObjectSrv = new objectService(SessionFactoryConfigPath); operationService OperationSrv = new operationService(SessionFactoryConfigPath); permissionService PermitSrv = new permissionService(SessionFactoryConfigPath); TempApp = new Applications(); TempApp.AppName = AppName; TempApp.Description = AppDescription; TempApp.URL = AppUrl; user TemUser = UserSrv.GetByName(username); if (TemUser != null) { throw new Exception("Root User is Exist in other Applications"); } TemUser = new user(); TemUser.username = username; TemUser.password = password; role TemRole = new role(); TemRole.name = role.RootRole; objectRbac TempObject = new objectRbac(); TempObject.name = objectRbac.Default; operation TempOpe = new operation(); TempOpe.name = operation.Default; TempOpe.canread = true; permission TemPermission = new permission(); TemPermission.name = permission.Default; //begin transaction TempApp = CreateNew(TempApp); TempObject.AppID = TempApp.AppID; TempObject = ObjectSrv.CreateNew(TempObject); TempOpe.AppID = TempApp.AppID; TempOpe = OperationSrv.CreateNew(TempOpe); TemPermission.AppID = TempApp.AppID; TemPermission.ObjectRBAC = TempObject; TemPermission.Operation = TempOpe; TemPermission = PermitSrv.CreateNew(TemPermission); TemRole.Permissions = new List <permission>(); TemRole.Permissions.Add(TemPermission); TemRole.AppID = TempApp.AppID; TemRole = RoleSrv.CreateNew(TemRole); TemUser.ApplicationList = new List <Applications>(); TemUser.ApplicationList.Add(TempApp); TemUser.Roles = new List <role>(); TemUser.Roles.Add(TemRole); TemUser = UserSrv.CreateNew(TemUser); CommitChanges(); return(TempApp); }
public permission AddPermission(objectRbac mObject, operation mOperation, string PermissionName) { throw new Exception("This method have not Implement."); }