Пример #1
0
        /// <summary>
        /// Return list target get by UserId
        /// </summary>
        /// <param name="userId"></param>
        /// <returns></returns>
        public List <Targets> GetTargetsByUserId(int userId)
        {
            UserRoleManager manager = new UserRoleManager();
            var             roles   = manager.GetRolesByUserId(userId);

            return(GetTargetsByRoleIds(roles.Select(x => x.RoleID).ToList()));
        }
Пример #2
0
        /// <summary>
        /// 削除するロールに紐づくユーザーが存在する場合はエラーメッセージを表示する
        /// </summary>
        /// <param name="roleId"></param>
        private void CheckRoleHaveReferenceWithUserBeforeDelete(int roleId)
        {
            var userInRole = userRoleManager.GetRolesByUserId(GetEmployeeID());
            var roles      = userInRole.Where(x => x.RoleID == roleId).ToList();

            if (userInRole.Where(x => x.RoleID == roleId).Any())
            {
                throw new Exception("");
            }
        }
Пример #3
0
        public AuthorizationResult Authorize()
        {
            AuthorizationResult result = new AuthorizationResult();

            //チェック対象のURLかどうかを判断
            var requestPath = context.Request.Path;

            if (string.IsNullOrEmpty(requestPath))
            {
                return(result);
            }
            var setting = context.Configuration.GetRoleBaseAuthorizationSetting();

            if (setting.IsIgnoreUrl(requestPath))
            {
                context.ServiceContainer.AddInstance(
                    new PermissionResult()
                {
                    PermitFlag      = true,
                    PermitProcTypes = new List <PermitProcType>()
                    {
                        PermitProcType.Approve,
                        PermitProcType.Reference,
                        PermitProcType.Update
                    }
                }
                    );
                result.IsAuthorized = true;
                return(result);
            }

            //認証されたユーザーに紐付くロールの検証
            var roles = userRoleManager.GetRolesByUserId(GetEmployeeID());

            if (roles.Count == 0)
            {
                result.Status = System.Net.HttpStatusCode.Unauthorized;
                return(result);
            }

            //ロールに紐づくターゲットのアクセス権の検証
            var target = targetManager.GetTargets(context.Request.Path, ContentTypes.Url);

            if (target == null)
            {
                result.Status = System.Net.HttpStatusCode.Forbidden;
                return(result);
            }

            var permissionResults = permissionManager.GetPermissions(roles.Select(x => x.RoleID).ToList(), target.TargetID);

            if (!permissionResults.PermitFlag)
            {
                result.Status = System.Net.HttpStatusCode.Forbidden;
                return(result);
            }

            if (permissionResults.PermitProcTypes.ToList()[0] == PermitProcType.None)
            {
                result.Status = System.Net.HttpStatusCode.Forbidden;
                return(result);
            }

            //ロールに紐づくパーミッション情報のサービスユニットコンテキストへの格納
            //TODO: ServiceContainer に AddInstance(パーミッション情報)
            context.ServiceContainer.AddInstance(permissionResults);
            result.IsAuthorized = true;
            return(result);
        }