public async Task <JsonResult> UpdateUserPermission([FromBody] UserPerModel model)
        {
            JMessage msg = new JMessage {
                Error = true, Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_FAIL"), CommonUtil.ResourceValue("PERMISSION").ToLower())
            };
            string userName = string.Empty;

            try
            {
                var user = await _context.Users.FirstOrDefaultAsync(x => x.Id == model.UserId);

                if (user != null)
                {
                    var app = await _context.AdApplications.FirstOrDefaultAsync(x => x.ApplicationCode == model.AppCode);

                    if (app != null)
                    {
                        // Update user is exceeded permission
                        user.IsExceeded = model.IsExceeded;

                        //// Update Branch Reference
                        //var oldBranchRef = user.OrgReference;
                        //user.OrgReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : "";
                        user.UpdatedDate = DateTime.Now;
                        user.UpdatedBy   = ESEIM.AppContext.UserName;
                        _context.Update(user);
                        //_actionLog.InsertActionLog("ASP_NET_USERS", "Update success branch reference of user: "******"Update", false, user.UserName);

                        // Update Group User and Permission
                        var listOldGroup         = _context.AdUserInGroups.Where(x => x.UserId == user.Id && x.ApplicationCode == app.ApplicationCode).ToList();
                        var listOldPermissionAll = _context.AdPermissions.Where(x => x.ApplicationCode == app.ApplicationCode && x.UserId == user.Id && listOldGroup.Any(y => y.GroupUserCode == x.GroupUserCode)).ToList();

                        if (model.GroupUsers.Count > 0)
                        {
                            var listOldGroupDel = listOldGroup.Where(x => model.GroupUsers.All(y => y.GroupCode != x.GroupUserCode)).ToList();
                            _context.RemoveRange(listOldGroupDel);      // Remove all old group not selected
                            var listOldPermissionDel = listOldPermissionAll.Where(x => model.GroupUsers.All(y => y.GroupCode != x.GroupUserCode || (y.GroupCode == x.GroupUserCode && y.RoleId != x.RoleId))).ToList();
                            _context.RemoveRange(listOldPermissionDel); // Remove all old permission

                            var listPermissionAll     = _context.AdPermissions.Where(x => x.ApplicationCode == model.AppCode && model.GroupUsers.Any(y => y.GroupCode == x.GroupUserCode && y.RoleId == x.RoleId)).ToList();
                            var listPermissionDefault = listPermissionAll.Where(x => x.UserId == null).ToList();
                            var listPermissionUser    = listPermissionAll.Where(x => x.UserId == model.UserId).ToList();

                            foreach (var groupUser in model.GroupUsers)
                            {
                                var oldGroup            = listOldGroup.FirstOrDefault(x => x.GroupUserCode == groupUser.GroupCode && x.ApplicationCode == model.AppCode);
                                var listPerDefaultGroup = listPermissionDefault.Where(x => x.GroupUserCode == groupUser.GroupCode && x.ApplicationCode == model.AppCode);
                                if (oldGroup != null)
                                {
                                    //if (groupUser.RoleId != oldGroup.RoleId)
                                    //{
                                    // Update user in group
                                    oldGroup.BranchReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : "";
                                    if (!oldGroup.IsMain)
                                    {
                                        oldGroup.RoleId = groupUser.RoleId;
                                    }
                                    oldGroup.GrantAll = true;
                                    _context.Update(oldGroup); // Update entity
                                    //}
                                }
                                else
                                {
                                    // Add user to group
                                    var userInGroup = new AdUserInGroup();
                                    userInGroup.UserId          = model.UserId;
                                    userInGroup.GroupUserCode   = groupUser.GroupCode;
                                    userInGroup.ApplicationCode = model.AppCode;
                                    userInGroup.RoleId          = groupUser.RoleId;
                                    userInGroup.GrantAll        = true;
                                    userInGroup.BranchReference = model.BranchRefs.Count > 0 ? string.Join(",", model.BranchRefs) : "";
                                    _context.Add(userInGroup); // Add entity
                                }

                                // Add or Update permission
                                if (groupUser.Resources != null && groupUser.Resources.Count > 0)
                                {
                                    groupUser.Resources = groupUser.Resources.Where(x => x.HasPermission && !x.IsFunction).ToList();
                                    // Get all permission need remove
                                    var permissionDel = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && !groupUser.Resources.Any(y => y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode));
                                    _context.RemoveRange(permissionDel); // Remove all permission not in selected
                                    // Get all permission need update
                                    var permissionUpdate = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && groupUser.Resources.Any(y => y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode)).ToList();
                                    if (permissionUpdate.Count > 0)
                                    {
                                        foreach (var perUpdate in permissionUpdate)
                                        {
                                            var resUpdate = groupUser.Resources.FirstOrDefault(y => y.FunctionCode == perUpdate.FunctionCode && y.Code == perUpdate.ResourceCode);
                                            perUpdate.ExpiredDate = resUpdate?.ExpiredDate;
                                        }
                                    }
                                    // Get all permission need add
                                    var permissionAdd = groupUser.Resources.Where(x => !listPermissionUser.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code && y.GroupUserCode == groupUser.GroupCode && y.RoleId == groupUser.RoleId))
                                                        .Select(x => new AdPermission
                                    {
                                        ApplicationCode = model.AppCode,
                                        FunctionCode    = x.FunctionCode,
                                        ResourceCode    = x.Code,
                                        GroupUserCode   = groupUser.GroupCode,
                                        UserId          = model.UserId,
                                        RoleId          = groupUser.RoleId,
                                        ExpiredDate     = x.ExpiredDate,
                                    }).ToList();
                                    _context.AddRange(permissionAdd); // Add entity
                                }
                                else
                                {
                                    //var permissionDel = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupCode && x.RoleId == groupUser.RoleId && !listPerDefaultGroup.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.ResourceCode));
                                    //_context.RemoveRange(permissionDel); // Remove all permission not in selected

                                    var permissionAdd = listPerDefaultGroup.Where(x => !listPermissionUser.Any(y => y.FunctionCode == x.FunctionCode && y.ResourceCode == x.ResourceCode && y.GroupUserCode == groupUser.GroupCode && y.RoleId == groupUser.RoleId))
                                                        .Select(x => new AdPermission
                                    {
                                        ApplicationCode = x.ApplicationCode,
                                        FunctionCode    = x.FunctionCode,
                                        ResourceCode    = x.ResourceCode,
                                        GroupUserCode   = x.GroupUserCode,
                                        UserId          = model.UserId,
                                        RoleId          = x.RoleId,
                                    }).ToList();
                                    _context.AddRange(permissionAdd); // Add entity
                                }
                            }
                        }
                        else
                        {
                            _context.RemoveRange(listOldGroup);         // Remove all old group
                            _context.RemoveRange(listOldPermissionAll); // Remove all old permission
                        }
                        //_actionLog.InsertActionLog("VIB_PERMISSION", "Update success permission for user: "******"Update", false, user.UserName);

                        var result = await _context.SaveChangesAsync();

                        msg.Error = false;
                        msg.Title = "Update user permission successfully";
                    }
                    else
                    {
                        msg.Title = "Application is not exists in system!";
                    }
                }
                else
                {
                    msg.Title = "User is not exists in system!";
                }
            }
            catch (Exception ex)
            {
                //_actionLog.InsertActionLog("VIB_PERMISSION", "Update failed permission for user " + userName + " : " + ex.Message, null, null, "Error", true, userName);
                msg.Object = ex;
            }

            return(Json(msg));
        }
示例#2
0
        public async Task <JsonResult> UpdatePermission([FromBody] PermissionModel model)
        {
            JMessage msg = new JMessage {
                Error = true, Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_FAIL"), CommonUtil.ResourceValue("PERMISSION").ToLower())
            };

            try
            {
                model.Resources = model.Resources.Where(x => !x.IsFunction).ToList();
                if (model.GroupCodes.Count > 0)
                {
                    var listFunctionChild = await _context.AdFunctions.Where(x => x.FunctionCode == model.FunctionCode || x.ParentCode == model.FunctionCode || x.Parent.ParentCode == model.FunctionCode).ToListAsync();

                    var listGroupUser = await _context.AdGroupUsers.Where(x => model.GroupCodes.Any(y => y == x.GroupUserCode)).ToListAsync();

                    var listUserInGroup = await _context.AdUserInGroups.Where(x => model.GroupCodes.Any(y => y == x.GroupUserCode) && x.RoleId == model.RoleId).ToListAsync();

                    var listPermissionAll = await _context.AdPermissions.Where(x => x.ApplicationCode == model.ApplicationCode && x.RoleId == model.RoleId && listGroupUser.Any(y => y.GroupUserCode == x.GroupUserCode) && (string.IsNullOrEmpty(model.FunctionCode) || listFunctionChild.Any(y => y.FunctionCode == x.FunctionCode))).ToListAsync();

                    var listPermissionDefault = listPermissionAll.Where(x => x.UserId == null).ToList();
                    var listPermissionUser    = listPermissionAll.Where(x => x.UserId != null).ToList();
                    if (listGroupUser.Count > 0)
                    {
                        foreach (var groupUser in listGroupUser)
                        {
                            if (!model.IsMultiple)
                            {
                                // Remove permission default
                                var delPermissionDefault = listPermissionDefault.Where(x => x.GroupUserCode == groupUser.GroupUserCode && !model.Resources.Any(y => y.HasPermission && !y.IsFunction && y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode));
                                _context.RemoveRange(delPermissionDefault);

                                // Remove permission user
                                var delPermissionUser = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupUserCode && !model.Resources.Any(y => y.HasPermission && !y.IsFunction && y.FunctionCode == x.FunctionCode && y.Code == x.ResourceCode));
                                _context.RemoveRange(delPermissionUser);
                            }

                            // Add permission default
                            var addPermissionDefault = model.Resources.Where(x => x.HasPermission && !x.IsFunction && !listPermissionDefault.Any(y => y.GroupUserCode == groupUser.GroupUserCode && y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code))
                                                       .Select(x => new AdPermission
                            {
                                ApplicationCode = model.ApplicationCode,
                                FunctionCode    = x.FunctionCode,
                                ResourceCode    = x.Code,
                                GroupUserCode   = groupUser.GroupUserCode,
                                RoleId          = model.RoleId,
                                UserId          = null,
                            });
                            _context.AddRange(addPermissionDefault);

                            // Add permission user
                            var listUser = listUserInGroup.Where(x => x.GroupUserCode == groupUser.GroupUserCode).ToList();
                            //var permissionUser = listPermissionUser.Where(x => x.GroupUserCode == groupUser.GroupUserCode).GroupBy(g => g.UserId).ToList();
                            if (listUser.Count > 0)
                            {
                                foreach (var perUser in listUser)
                                {
                                    var addPermissionUser = model.Resources.Where(x => x.HasPermission && !x.IsFunction && x.Scope == false && !listPermissionUser.Any(y => y.GroupUserCode == groupUser.GroupUserCode && y.FunctionCode == x.FunctionCode && y.ResourceCode == x.Code))
                                                            .Select(x => new AdPermission
                                    {
                                        ApplicationCode = model.ApplicationCode,
                                        FunctionCode    = x.FunctionCode,
                                        ResourceCode    = x.Code,
                                        GroupUserCode   = groupUser.GroupUserCode,
                                        RoleId          = model.RoleId,
                                        UserId          = perUser.UserId,
                                    });
                                    _context.AddRange(addPermissionUser);
                                }
                            }
                        }
                    }

                    var result = await _context.SaveChangesAsync();
                }
                _actionLog.InsertActionLog("VIB_PERMISSION", "Update define permission for deparment/profit center success", null, null, "Update");

                msg.Error = false;
                msg.Title = string.Format(CommonUtil.ResourceValue("MSG_UPDATE_SUCCESS"), CommonUtil.ResourceValue("PERMISSION").ToLower());
            }
            catch (Exception ex)
            {
                _actionLog.InsertActionLog("VIB_PERMISSION", "Update define permission failed: " + ex.Message, null, null, "Error");
                msg.Object = ex;
            }

            return(Json(msg));
        }