public UserEffectivePermissions GetUserEffectivePermissions(string userName)
{
var returnValue = new UserEffectivePermissions
{
UserName = userName
};
var userRoleList = _projectRoleManager.GetProjectRoleListForUser(userName);
var projectIdList = userRoleList.Select(i=>i.ProjectId).Distinct();
foreach(var projectId in projectIdList)
{
var projectRoleList = userRoleList.Where(i=>i.ProjectId == projectId);
var effectiveProjectPermissions = new DeployProjectEffectivePermissions
{
ProjectId = projectId,
ProjectName = StringHelper.IsNullOrEmpty(projectRoleList.Select(i=>i.ProjectName).FirstOrDefault(), "(No Project Name)"),
EditComponentConfigurationAccess = projectRoleList.Any(i => i.Permissions.EditComponentConfigurationAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: projectRoleList.Any(i => i.Permissions.EditComponentConfigurationAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
CreateEnvironmentAccess = projectRoleList.Any(i => i.Permissions.CreateEnvironmentAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: projectRoleList.Any(i => i.Permissions.CreateEnvironmentAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
EditProjectPermissionsAccess = projectRoleList.Any(i => i.Permissions.EditProjectPermissionsAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: projectRoleList.Any(i => i.Permissions.EditProjectPermissionsAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
ApproveRejectDeployPermissionList = MergePermissions(projectRoleList.SelectMany(i => i.Permissions.ApproveRejectDeployPermissionList)),
RequestDeployPermissionList = MergePermissions(projectRoleList.SelectMany(i => i.Permissions.RequestDeployPermissionList)),
RunDeploymentPermissionList = MergePermissions(projectRoleList.SelectMany(i => i.Permissions.RunDeploymentPermissionList)),
EditEnvironmentPermissionList = MergePermissions(projectRoleList.SelectMany(i => i.Permissions.EditEnvironmentPermissionList)),
EditEnvironmentPermissionsPermissionList = MergePermissions(projectRoleList.SelectMany(i => i.Permissions.EditEnvironmentPermissionsPermissionList))
};
returnValue.ProjectPermissionList.Add(effectiveProjectPermissions);
}
var userSystemRoleList = _systemRoleManager.GetSystemRoleListForUser(userName);
returnValue.SystemPermissions = new SystemRolePermissions
{
EditSystemPermissionsAccess = userSystemRoleList.Any(i => i.Permissions.EditSystemPermissionsAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: userSystemRoleList.Any(i => i.Permissions.EditSystemPermissionsAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
EditUsersAccess = userSystemRoleList.Any(i => i.Permissions.EditUsersAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: userSystemRoleList.Any(i => i.Permissions.EditUsersAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
EditDeploymentCredentialsAccess = userSystemRoleList.Any(i => i.Permissions.EditDeploymentCredentialsAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: userSystemRoleList.Any(i => i.Permissions.EditDeploymentCredentialsAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
EditBuildPurgeRulesAccess = userSystemRoleList.Any(i => i.Permissions.EditBuildPurgeRulesAccess == EnumPermissionAccess.Deny) ? EnumPermissionAccess.Deny
: userSystemRoleList.Any(i => i.Permissions.EditBuildPurgeRulesAccess == EnumPermissionAccess.Grant) ? EnumPermissionAccess.Grant
: EnumPermissionAccess.None,
};
return returnValue;
}
public object Get(UserEffectivePermissions request)
{
if(request == null)
{
throw new ArgumentNullException("request is null");
}
if(string.IsNullOrEmpty(request.UserName))
{
throw new ArgumentNullException("request.UserName is null");
}
return _permissionValidator.GetUserEffectivePermissions(request.UserName);
}
