/// <summary>
/// 根据uid获取用户权限信息列表
/// </summary>
/// <param name="uid"></param>
/// <returns></returns>
public static List <UserPermission> GetUserPermissionInfoByUid(Guid uid)
{
List <UserPermission> list = new List <UserPermission>();
IDbConnection conn = null;
IDbCommand cmd = null;
IDbTransaction trans = null;
try
{
IUserPermission dp = DataProvider.DbUserPermissionDP;
conn = DbConnOperation.CreateMySqlConnection();
cmd = conn.CreateCommand();
conn.Open();
trans = conn.BeginTransaction();
cmd.Transaction = trans;
list = dp.GetUserPermissionInfoByUid(cmd, uid);
trans.Commit();
}
catch (Exception ex)
{
if (trans != null)
{
trans.Rollback();
}
log.Error(string.Format("GetUserPermissionInfoByUid()出错,错误信息如下:{0}", ex.Message));
}
finally
{
if (conn != null)
{
conn.Close();
}
}
return(list);
}
/// <summary>
/// 根据id删除用户权限信息
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public static bool DeleteUserPermissionInfo(Guid id)
{
bool ret = false;
IDbConnection conn = null;
IDbCommand cmd = null;
IDbTransaction trans = null;
try
{
IUserPermission dp = DataProvider.DbUserPermissionDP;
conn = DbConnOperation.CreateMySqlConnection();
cmd = conn.CreateCommand();
conn.Open();
trans = conn.BeginTransaction();
cmd.Transaction = trans;
ret = dp.DeleteUserPermissionInfo(cmd, id);
trans.Commit();
}
catch (Exception ex)
{
if (trans != null)
{
trans.Rollback();
}
log.Error(string.Format("DeleteUserPermissionInfo()出错,错误信息如下:{0}", ex.Message));
}
finally
{
if (conn != null)
{
conn.Close();
}
}
return(ret);
}
public PermissionHandler(IUserPermission permissionRepository)
{
if (permissionRepository == null)
{
throw new ArgumentNullException(nameof(permissionRepository));
}
m_permission = permissionRepository;
}
private void SetUserAccess()
{
if (Request.QueryString["mid"] != null)
{
int menuId = 0;
int userId = 0;
userId = UserBLL.GetLoggedInUserId();
menuId = Convert.ToInt32(EMS.Utilities.GeneralFunctions.DecryptQueryString(Request.QueryString["mid"]));
IUserPermission userPermission = UserBLL.GetMenuAccessByUser(userId, menuId);
Session[Constants.SESSION_USER_PERMISSION] = userPermission;
}
}
public static void GetUserPermission(out bool canAdd, out bool canEdit, out bool canDelete, out bool canView)
{
canAdd = false;
canEdit = false;
canDelete = false;
canView = false;
if (!ReferenceEquals(System.Web.HttpContext.Current.Session[Constants.SESSION_USER_PERMISSION], null))
{
IUserPermission userPermission = (IUserPermission)System.Web.HttpContext.Current.Session[Constants.SESSION_USER_PERMISSION];
if (!ReferenceEquals(userPermission, null))
{
canAdd = userPermission.CanAdd;
canEdit = userPermission.CanEdit;
canDelete = userPermission.CanDelete;
canView = userPermission.CanView;
}
}
}
public UserPermissionController(IUserPermission userPermissionRepository)
{
_userPermissionRepository = userPermissionRepository;
}
// This method must be thread-safe since it is called by the thread-safe OnCacheAuthorization() method.
/**
* Authorization flow:
* - First time, the OnAuthorization will be invoked
* + If the authorization is skip, the action process will continue
* + Else, the cache handler will be added
* - So in both case (cache and no-cache), the authorization will call AuthorizeCore to validate
*
* */
/// <summary>
/// Main point to authorize the user
/// </summary>
/// <param name="filterContext">The filter context of the action</param>
/// <returns></returns>
/// <exception cref="System.ArgumentNullException">httpContext</exception>
/// <exception cref="System.Exception">SystemPermissions is not defined</exception>
protected virtual AuthorizeResultEnum AuthorizeUser(AuthorizationContext filterContext)
{
// Note: use the filterfilterContext so that we may get the controller's attribute
if (filterContext == null)
{
throw new ArgumentNullException(nameof(filterContext));
}
HttpContextBase httpContext = filterContext.HttpContext;
if (httpContext == null)
{
throw new ArgumentNullException(nameof(httpContext));
}
IUserPermission user = ActiveUserEngine.CurrentUser;
// no user data => unauthorized
if (user == null)
{
return(AuthorizeResultEnum.Failed_NotLoggedIn);
}
// TODO: temp disable
//// always authorize system admin
//if (user.IsSystemAdmin)
// return AuthorizeResultEnum.Success;
// FROM NOW, USER IS NOT SUPER ADMIN
// TODO:
// https://www.ryadel.com/en/asp-net-mvc-fix-ambiguous-action-methods-errors-multiple-action-methods-action-name-c-sharp-core/
// Get the MethodInfo of the action
// https://stackoverflow.com/questions/1972234/how-do-i-get-a-methodinfo-from-an-actionexecutingcontext
MethodInfo methodInfo = filterContext.ActionDescriptor.GetMethodInfo();
Type controllerType = filterContext.ActionDescriptor.ControllerDescriptor.ControllerType;
PermissionModel permission = null;
//
if (ActiveRoleEngine.PermissionDictionaryCache.ContainsKey(methodInfo))
{
permission = ActiveRoleEngine.PermissionDictionaryCache[methodInfo];
}
else if (ActiveRoleEngine.PermissionDictionaryCache.ContainsKey(controllerType))
{
permission = ActiveRoleEngine.PermissionDictionaryCache[controllerType];
}
if (permission == null)
{
// this should not happen, anyway, throw an exception for debugging
string actionNamespace = RoleEngineHelper.GetDebugNamespace(methodInfo);
throw new SystemException($"FATAL ERROR: cannot found the defined permission for '{actionNamespace}'");
}
// to display the permission on error page
this.AuthorizingPermissionId = permission.PermissionId;
switch (permission.PermissionType)
{
case PermissionTypeEnum.AuthorizedOnly:
// ActiveUserEngine.CurrentUser is not null => Authenticated
return(AuthorizeResultEnum.Success);
case PermissionTypeEnum.SuperAdmin:
return(user.IsSystemAdmin ? AuthorizeResultEnum.Success : AuthorizeResultEnum.Failed_SuperAdminOnly);
case PermissionTypeEnum.Permisson:
default:
if (user.Permissions == null || !user.Permissions.Contains(permission.PermissionId))
{
return(AuthorizeResultEnum.Failed_NotAuthorized);
}
return(AuthorizeResultEnum.Success);
}
}
public PermissionController(IUserPermission permissionRepository)
{
_userPermission = permissionRepository;
}
