private EGMSPermissionRM CreateEGMSPermission(Commands.V1.EGMSPermission.Create cmd) { if (_repository.PermissionExists(cmd.PermissionName)) { throw new InvalidOperationException($"Permission with name {cmd.PermissionName} already exists"); } EGMSPermission permission = EGMSPermission.Create(_permissions++, PermissionName.Create(cmd.PermissionName), PermissionDescription.Create(cmd.PermissionDescription), cmd.IsActive); _repository.AddPermission(permission); return(Conversions.GetEGMSPermissionRM(permission)); }
/// <summary> /// 检查是否符合授权 /// </summary> /// <param name="auth"></param> /// <param name="permission">需要何授权</param> /// <param name="operation">进行何操作</param> /// <param name="targetCompany">被授权方使用何单位,为空表示需要root授权</param> /// <param name="description"></param> private User CheckPermission(GoogleAuthDataModel auth, PermissionDescription permission = null, Operation operation = Operation.Update, string targetCompany = "", string description = null) { var authUser = auth.AuthUser(googleAuthService, usersService, currentUserService.CurrentUser?.Id); if (authUser == null) { throw new ActionStatusMessageException(ActionStatusMessage.UserMessage.NotExist); } if (permission == null) { permission = DictionaryAllPermission.Grade.Subject; } if (!userActionServices.Permission(authUser.Application.Permission, permission, operation, authUser.Id, targetCompany, description)) { throw new ActionStatusMessageException(auth.PermitDenied()); } return(authUser); }
public async Task <bool> PermissionAsync(Permissions permissions, PermissionDescription key, Operation operation, string permissionUserName, string targetUserCompanyCode, string description = null) { var a = await LogAsync(UserOperation.Permission, permissionUserName, $"授权到{targetUserCompanyCode}执行{key?.Name} {key?.Description}@{operation} {description}", false, ActionRank.Danger); if (permissions.Check(key, operation, targetUserCompanyCode)) { Status(a, true, "直接权限"); return(true); } var u = usersService.GetById(permissionUserName); if (u != null) { var uc = u.CompanyInfo; var ud = uc.Duties.IsMajorManager; var ucmp = uc.CompanyCode; if (targetUserCompanyCode == null || (targetUserCompanyCode.Length >= ucmp.Length && targetUserCompanyCode.StartsWith(ucmp)) && ud) { Status(a, true, $"单位主官"); return(true); } else { var results = userServiceDetail.InMyManage(u).Result; if (targetUserCompanyCode == null && results.Item2 > 0) { return(true); // 如果无授权对象,则有任意单位权限即可 } else if (results.Item2 > 0 && results.Item1.Any(c => targetUserCompanyCode.Length >= c.Code.Length && targetUserCompanyCode.StartsWith(c.Code))) { Status(a, true, $"单位管理"); return(true); } } } //throw new ActionStatusMessageException(ActionStatusMessage.Account.Auth.Invalid.Default); return(false); }
public bool Permission(Permissions permissions, PermissionDescription key, Operation operation, string permissionUserName, string targetUserCompanyCode, string description = null) => PermissionAsync(permissions, key, operation, permissionUserName, targetUserCompanyCode, description).Result;
public static EGMSPermission Create(int permissionId, PermissionName permissionName, PermissionDescription permissionDescription, bool isActive) { return(new EGMSPermission { Id = permissionId, PermissionName = permissionName, PermissionDescription = permissionDescription, IsActive = isActive }); }