/// <summary> /// 实现IConfigurationSectionHandler接口Create方法 /// </summary> /// <param name="parent"></param> /// <param name="configContext"></param> /// <param name="section"></param> /// <returns></returns> public object Create(Object parent, Object configContext, System.Xml.XmlNode section) { Permission P_Mission = new Permission(); XmlNode AppNode = section.SelectSingleNode("ApplicationID"); P_Mission.ApplicationID = Convert.ToInt32(AppNode.InnerText); P_Mission.ApplicationName = AppNode.Attributes["name"].Value; AppNode = section.SelectSingleNode("PageCode"); P_Mission.PageCode = AppNode.InnerText; P_Mission.PageCodeName = AppNode.Attributes["name"].Value; List <string> Files = Common.GetDirFileList("aspx"); XmlNodeList ItemNodes = section.SelectNodes("Item"); foreach (XmlNode Node in ItemNodes) { PermissionItem Item = new PermissionItem(); Item.Item_Name = Node.Attributes["name"].Value; Item.Item_Value = Convert.ToInt32(Node.Attributes["value"].Value); Item.Item_FileList = Node.InnerText.ToLower(); P_Mission.ItemList.Add(Item); if (Item.Item_FileList.Trim() != "") { RemoveFile(Files, Item.Item_FileList.Trim()); } } UpdatePermissionConfig(P_Mission, Files); return(P_Mission); }
private void btnAddPrm_Click(object sender, EventArgs e) { SearchForm srch = new SearchForm(this.console, SearchForm.SearchMode.Permission); srch.ShowDialog(this); //get list of users from the search form. ListView.SelectedListViewItemCollection items = srch.lvMembers.SelectedItems; //for now only one item can be included if (items != null && items.Count > 0) { lvPrm.Items.Clear(); } foreach (ListViewItem li in items) { PermissionItem prm = new PermissionItem(li.Text); prm.ImageIndex = li.ImageIndex; prm.Permission = ((PermissionItem)li).Permission; //this loop should go only once: since only one item can be selected. lvPrm.Items.Add(prm); } UpdateNeeded = UpdateNeeded || (lvPrm.Items != null && lvPrm.Items.Count > 0); btnApply.Enabled = UpdateNeeded; }
private void SendProcessingStatusMail(PermissionItem permission) { try { // Send Mail for moderators. var moderatorPermissionStatusRequest = new ModeratorPermissionStatusRequest(); moderatorPermissionStatusRequest.CommunityID = permission.CommunityID; moderatorPermissionStatusRequest.CommunityName = permission.CommunityName; moderatorPermissionStatusRequest.RequestorID = permission.UserID; moderatorPermissionStatusRequest.RequestorName = permission.Name; moderatorPermissionStatusRequest.ApprovedRole = permission.Role; moderatorPermissionStatusRequest.IsApproved = permission.Approved == true; moderatorPermissionStatusRequest.RequestorLink = string.Format(CultureInfo.InvariantCulture, "{0}Profile/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.UserID); moderatorPermissionStatusRequest.CommunityLink = string.Format(CultureInfo.InvariantCulture, "{0}Community/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.CommunityID); _notificationService.NotifyModeratorPermissionStatus(moderatorPermissionStatusRequest); // Send Mail for moderators. var request = new UserPermissionStatusRequest(); request.CommunityID = permission.CommunityID; request.CommunityName = permission.CommunityName; request.RequestorID = permission.UserID; request.RequestorName = permission.Name; request.IsApproved = permission.Approved == true; request.RequestorLink = string.Format(CultureInfo.InvariantCulture, "{0}Profile/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.UserID); request.CommunityLink = string.Format(CultureInfo.InvariantCulture, "{0}Community/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.CommunityID); _notificationService.NotifyUserRequestPermissionStatus(request); } catch (Exception) { // Ignore all exceptions. } }
public bool IsUserAuthorized(AuthorizationFilterContext actionContext, PermissionItem item, PermissionAction action) { var authHeader = FetchFromHeader(actionContext); //fetch authorization token from header if (authHeader != null) { var auth = new AuthorizationService(); JwtSecurityToken userPayloadToken = GenerateUserClaimFromJWT(authHeader); if (userPayloadToken != null) { //return userPayloadToken.Claims.Any(x => x.Value == CreateClaimCode(item, action)); return(userPayloadToken.Claims.Any(x => x.Value == CreateClaimCode(item, action)) && userPayloadToken.Claims.Any(x => x.Type == "groupsid" && !string.IsNullOrEmpty(x.Value))); //var identity = auth.PopulateUserIdentity(userPayloadToken); //string[] claims = userPayloadToken.Claims.; //var genericPrincipal = new GenericPrincipal(identity, roles); //Thread.CurrentPrincipal = genericPrincipal; //var authenticationIdentity = Thread.CurrentPrincipal.Identity as JWTAuthenticationIdentity; //if (authenticationIdentity != null && !String.IsNullOrEmpty(authenticationIdentity.UserName)) //{ // authenticationIdentity.UserId = identity.UserId; // authenticationIdentity.UserName = identity.UserName; //} //return true; } } return(false); }
public async Task <JsonResult> UpdateUserPermissionRequest(long entityId, long requestorId, UserRole userRole, bool approve) { if (CurrentUserId == 0) { await TryAuthenticateFromHttpContext(); } var permission = new PermissionItem { UserID = requestorId, CommunityID = entityId, Role = userRole, Approved = approve }; var operationStatus = ProfileService.UpdateUserPermissionRequest(permission, CurrentUserId); if (operationStatus.Succeeded) { try { SendProcessingStatusMail(permission); } catch (Exception) { } } return(Json(operationStatus.Succeeded)); }
/// <summary> /// Updates the user roles for the current community. Takes the user roles of the parent community and joins /// with the current community being edited. /// </summary> /// <param name="childCommunity">Child community being edited</param> /// <param name="parentId">Parent community specified</param> public void InheritParentRoles(Community childCommunity, long parentId) { // Make sure childCommunity is not null this.CheckNotNull(() => new { childCommunity }); if (parentId > 0) { var parent = EarthOnlineDbContext.Community.Where((Community c) => c.CommunityID == parentId).FirstOrDefault(); // Make sure parent community is not null this.CheckNotNull(() => new { parent }); // Take all the user roles of parent community which needs to be updated for the current community // and also for their children recursively. foreach (var parentUserCommunities in parent.UserCommunities) { var permissionItem = new PermissionItem(); permissionItem.UserID = parentUserCommunities.UserID; permissionItem.Role = (UserRole)parentUserCommunities.RoleID; permissionItem.IsInherited = true; UpdateCommunityPermission(childCommunity, permissionItem, false); } } else { foreach (var currentUserCommunities in childCommunity.UserCommunities) { currentUserCommunities.IsInherited = false; } } }
/// <summary> /// 获取到所有的角色和对应的api接口 /// </summary> /// <returns></returns> public List <PermissionItem> GetAllApiOfRole() { List <PermissionItem> permissionItems = new List <PermissionItem>(); List <sys_role> sysRoles = _baseSysRoleService.GetModels(a => a.status == false).ToList(); // 获取所有未禁用的角色 List <sys_api> sysApis = _baseService.GetModels(a => a.status == false).ToList(); // 获取所有未禁用的接口 List <sys_role_api> sysRoleApis = _baseSysRoleApiService.GetModels(null).ToList(); foreach (var sysRole in sysRoles) { foreach (var sysRoleApi in sysRoleApis) { if (sysRole.id == sysRoleApi.role_id) { sys_api sysApi = sysApis.SingleOrDefault(a => a.id == sysRoleApi.api_id); if (!string.IsNullOrEmpty(sysApi.url)) { PermissionItem permissionItem = new PermissionItem { Url = sysApi.url, Role = sysRole.role_code }; permissionItems.Add(permissionItem); } } } } return(permissionItems); }
/// <summary> /// 获取当前面页Url所属的PermissionItem /// </summary> /// <param name="List">权限</param> /// <param name="CheckUrlString">需要检测的url</param> /// <param name="checkfilename">过滤检测文件名</param> /// <returns>权限值</returns> public static PermissionItem Get_UrlPermissionItem(List <PermissionItem> List, string CheckUrlString, string checkfilename) { PermissionItem PI = null; foreach (PermissionItem var in List) { if (!string.IsNullOrEmpty(var.Item_FileList)) { foreach (string var1 in var.Item_FileList.Split(',')) { if (!string.IsNullOrEmpty(var1)) { if (string.Compare(var1, checkfilename, true) != 0) { if (CheckUrlString.Contains(var1)) { return(var); } } } } } } return(PI); }
public async Task <string> Join(long communityId, string comments, UserRole userRole) { if (CurrentUserId == 0) { await TryAuthenticateFromHttpContext(); } var ajaxResponse = "Success"; var permission = new PermissionItem { UserID = CurrentUserId, CommunityID = communityId, Role = userRole, Comment = Server.UrlDecode(comments) }; var operationStatus = ProfileService.JoinCommunity(permission); if (operationStatus.Succeeded) { SendJoinCommunityMail(permission); } else if (operationStatus.CustomErrorMessage) { ajaxResponse = operationStatus.ErrorMessage; } return(ajaxResponse); }
private void GetPermissionData() { lvPrm.Items.Clear(); try { //get the group this user belongs to. PermissionStorageView[] permissions = console.Manager.Admon_GetGroupPermissions(console.Credentials, _Group); foreach (PermissionStorageView permission in permissions) { PermissionItem prmItem = new PermissionItem(permission.PermissionName); prmItem.Permission = new PermissionStorageView(permission.PermissionId, permission.PermissionName); prmItem.ImageIndex = 12; lvPrm.Items.Add(prmItem); } } catch (Exception ex) { if (ex is AuthorizationException) { MessageBox.Show("Access denied. You do not have adequate permissions for this operation.", "Authorization Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } else { MessageBox.Show("Could not get group permissions. Error: " + ex.Message, "Console Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } } }
public OperationStatus JoinCommunity(PermissionItem permissionItem) { // Make sure input is not null this.CheckNotNull(() => new { permissionItem }); var operationStatus = new OperationStatus(); try { var permissionRequest = new PermissionRequest(); Mapper.Map(permissionItem, permissionRequest); permissionRequest.RequestedDate = DateTime.UtcNow; _permissionRequestRepository.Add(permissionRequest); _permissionRequestRepository.SaveChanges(); operationStatus.Succeeded = true; } catch (Exception) { // TODO: Add exception handling logic here. operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.UnknownErrorMessage; } return(operationStatus); }
/// <summary> /// Joins the current user to community for which the invite request token was generated. /// </summary> /// <param name="userId">User who is making the join request</param> /// <param name="inviteRequestToken">Token to be used for joining the community</param> /// <returns>Status of the operation. Success, if succeeded, failure message and exception details in case of exception.</returns> public Task <OperationStatus> JoinCommunity(long userId, Guid inviteRequestToken) { var operationStatus = new OperationStatus(); try { // Find the invite request entity in database. var inviteRequest = _inviteRequestRepository.GetItem(invite => invite.InviteRequestToken == inviteRequestToken, "InviteRequestContent"); if (inviteRequest == null || inviteRequest.IsDeleted == true) { operationStatus = OperationStatus.CreateFailureStatus(Resources.InviteDeletedErrorMessage); } else if (inviteRequest.Used == true) { operationStatus = OperationStatus.CreateFailureStatus(Resources.InviteUsedErrorMessage); } else { var permissionItem = new PermissionItem { UserID = userId, CommunityID = inviteRequest.InviteRequestContent.CommunityID, Role = (UserRole)inviteRequest.InviteRequestContent.RoleID }; // Check if at all the user is already member of the same community. var existingRole = _userCommunitiesRepository.GetItem( userCommunity => userCommunity.UserID == userId && userCommunity.CommunityId == inviteRequest.InviteRequestContent.CommunityID); if (existingRole == null || inviteRequest.InviteRequestContent.RoleID > existingRole.RoleID) { operationStatus = _userCommunitiesRepository.UpdateUserRoles(permissionItem); } else { // Just mark OperationStatus as succeeded so that, the token will be marked as used. operationStatus.Succeeded = true; } if (operationStatus.Succeeded) { inviteRequest.Used = true; inviteRequest.UsedByID = userId; inviteRequest.UsedDate = DateTime.UtcNow; _inviteRequestRepository.Update(inviteRequest); _inviteRequestRepository.SaveChanges(); } } } catch (Exception) { // TODO: Add exception handling logic here. operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.UnknownErrorMessage; } return(Task.FromResult(operationStatus)); }
public BaseAuthorizeAttribute(PermissionItem item) : base(typeof(BaseAuthorizeActionFilter)) { Arguments = new object[] { item }; }
public virtual async Task UpdateAsync(PermissionItem permissionItem, CancellationToken cancellationToken) { if (permissionItem == null) { throw new ArgumentNullException(nameof(permissionItem)); } await Store.UpdateAsync(permissionItem, cancellationToken); }
public RolePermissionDetail(RolePermissionRepository rolePermissionRepository) { this.Id = rolePermissionRepository.Id; this.Roleid = rolePermissionRepository.Roleid; this.Permissionid = rolePermissionRepository.Permissionid; this.Permission = (new PermissionItem(rolePermissionRepository.Permission)); this.Role = (new RoleItem(rolePermissionRepository.Role)); }
/// <summary> /// Updates the user role for all the child communities recursively. /// </summary> /// <param name="community">Current community whose children need to be updated</param> /// <param name="permissionItem">Permission to be set</param> /// <param name="forceUpdate">Update the role even if they are higher, needed for update</param> private void UpdateCommunityPermission(Community community, PermissionItem permissionItem, bool forceUpdate) { // Check if any existing user community role is already there for the user for the same community. var existingUserCommunityRole = community.UserCommunities.Where((UserCommunities uc) => uc.UserID == permissionItem.UserID).FirstOrDefault(); if (permissionItem.Role == UserRole.None && existingUserCommunityRole != null) { // If the role is none, then delete the user role for the community. Delete(existingUserCommunityRole); } else if (permissionItem.Role != UserRole.None) { // Add new user roles only for update roles not for delete roles (UserRole.None). if (existingUserCommunityRole == null) { // If there are no roles for child community, then add the user role mapping for the child community. var userCommunityRole = new UserCommunities(); userCommunityRole.CommunityId = community.CommunityID; userCommunityRole.UserID = permissionItem.UserID; userCommunityRole.RoleID = (int)permissionItem.Role; userCommunityRole.IsInherited = permissionItem.IsInherited; userCommunityRole.CreatedDatetime = DateTime.UtcNow; community.UserCommunities.Add(userCommunityRole); } else if (existingUserCommunityRole.RoleID < (int)permissionItem.Role || forceUpdate) { // If already there is a role assigned to the user and it is lesser than the role being assigned, then // update the role with current higher role. existingUserCommunityRole.RoleID = (int)permissionItem.Role; existingUserCommunityRole.IsInherited = permissionItem.IsInherited; } else if (existingUserCommunityRole.RoleID == (int)permissionItem.Role) { // If already there is a role assigned to the user and it is equal to the role being assigned, then // just set the role as inherited from parent. existingUserCommunityRole.IsInherited = permissionItem.IsInherited; return; } else { // If already there is a role assigned to the user and it is higher than the role being assigned, then // no need to update the role being assigned. return; } } // For each children, update the role. foreach (var childCommunityRelation in community.CommunityRelation) { permissionItem.IsInherited = true; // Continue with other child communities in case if the role is not higher. UpdateCommunityPermission(childCommunityRelation.Community1, permissionItem, forceUpdate); } }
public virtual async Task DeleteAsync(PermissionItem permissionItem, CancellationToken cancellationToken) { if (permissionItem == null) { throw new ArgumentNullException(nameof(permissionItem)); } Store.DeleteAsync(permissionItem, cancellationToken).Wait(); await _PermissionExpansionManager.RemovePermissionAsync(permissionItem.Id); }
public InviteListMessage(Message msg) : base(msg) { if (msg.Parameters.Length >= 5) Invite = new PermissionItem(msg.Parameters[2], Utils.UnixTimeStampToDateTime(int.Parse(msg.Parameters[4])), msg.Parameters[3]); var channel = msg.Client.ChannelFromName(Channel); channel?.AddInvite(msg.Parameters[2]); msg.Client.OnReplyInviteList(this); }
public ActionResult Data(string ownerGuid, ExecutorTypes ownerType) { NameValueCollection nvc = this.Request.Form; Dictionary <Guid, PermissionItem> changedPermissionItems = new Dictionary <Guid, PermissionItem>(); //获取选中的radio值 for (int i = 0; i < nvc.Count; i++) { string currentKey = nvc.AllKeys[i]; string currentValue = nvc[i]; if (currentKey.StartsWith(SystemConst.PermissionItemValuePrefix) && currentKey.EndsWith("||0")) { string settingName = currentKey.Substring(0, currentKey.Length - 1); int guidStartPos = SystemConst.PermissionItemValuePrefix.Length; int seperatorPos = currentKey.LastIndexOf(SystemConst.PermissionItemGuidValueSeperator); int valueStarPos = seperatorPos + SystemConst.PermissionItemGuidValueSeperator.Length; string settingKeyString = currentKey.Substring(guidStartPos, seperatorPos - guidStartPos); Guid settingkeyGuid = new Guid(settingKeyString); string settingValue = nvc[settingName]; if (string.IsNullOrWhiteSpace(settingValue) == false) { int permissionItemValue; bool isSuccessful = int.TryParse(settingValue, out permissionItemValue); if (isSuccessful == true) { //changedPermissionItems[settingKey] = permissionItemValue; if (changedPermissionItems.ContainsKey(settingkeyGuid)) { changedPermissionItems[settingkeyGuid].PermissionItemValue = permissionItemValue; } else { PermissionItem permissionItem = new PermissionItem(settingkeyGuid, permissionItemValue, BusinessUserBLL.CurrentUser.UserGuid, BusinessUserBLL.CurrentUser.UserType, Logics.False); changedPermissionItems.Add(settingkeyGuid, permissionItem); } } } } } foreach (var permissionItem in changedPermissionItems) { BusinessPermission currentItem = new BusinessPermission(permissionItem.Value); currentItem.OwnerKey = ownerGuid.ToString(); currentItem.OwnerType = ownerType; currentItem.PermissionMode = PermissionModes.Allow; currentItem.PermissionKind = PermissionKinds.Data; BusinessPermissionBLL.Instance.CreateOrUpdate(currentItem); } return(Json(new LogicStatusInfo(true, "保存权限成功"))); }
public InviteListMessage(Message msg) : base(msg) { if (msg.Parameters.Length >= 5) { Invite = new PermissionItem(msg.Parameters[2], Utils.UnixTimeStampToDateTime(int.Parse(msg.Parameters[4])), msg.Parameters[3]); } var channel = msg.Client.ChannelFromName(Channel); channel?.AddInvite(msg.Parameters[2]); msg.Client.OnReplyInviteList(this); }
public async Task <PermissionItem> CreateAsync(PermissionItem permissionItem, CancellationToken cancellationToken) { if (permissionItem == null) { throw new ArgumentNullException(nameof(permissionItem)); } Context.Add(permissionItem); await Context.SaveChangesAsync(cancellationToken); return(permissionItem); }
public static bool Authorize(string userName, Permission permission) { using (CommonContext db = new CommonContext()) { bool changeDbFlag = false; User user = db.Users.Include("Roles.PermissionItems").FirstOrDefault(c => c.UserName == userName); if (user == null) { //user = new GKFX.Models.Common.User { UserName = userName }; //db.Users.Add(user); //changeDbFlag = true; return(false); } else if (user.IsAdministrator.HasValue && user.IsAdministrator.Value) { //user is admin so can se every where return(true); } PermissionItem permissionItem = db.PermissionItems.FirstOrDefault(c => c.Name == permission.Name); if (permissionItem == null) { permissionItem = new PermissionItem { Name = permission.Name, DisplayName = permission.DisplayName, Group = permission.Group }; db.PermissionItems.Add(permissionItem); changeDbFlag = true; } else if (permissionItem.RequiredAdministrator) { //Resource needs admin permission and user is not admin. return(false); } if (changeDbFlag) { db.SaveChanges(); } if (user.Roles != null) { if (user.Roles.Any(c => c.PermissionItems.Any(d => d.Name == permission.Name))) { return(true); } else { return(false); } } return(false); } }
public static PermissionItem NewItem(string accid, string resid, string restype, PermissionType type) { PermissionItem p = new PermissionItem(); p.Id = GuidGen.NewGUID(); p.AccountId = accid; p.ResId = resid; p.ResType = restype; p.Permission = (byte)type; return(p); }
/// <summary> /// Gets the user requests for the given community and for the given page. User should have moderator /// or owner/site admin permission on the community to get user request. /// </summary> /// <param name="userId">User who is reading the requests</param> /// <param name="communityId">Community for which requests are fetched</param> /// <param name="pageDetails">Page for which requests are fetched</param> /// <returns>List of user role requests</returns> public Task <PermissionDetails> GetUserPemissionRequests(long userId, long?communityId, PageDetails pageDetails) { this.CheckNotNull(() => new { pageDetails }); // Condition to get all the pending requests irrespective of community. Expression <Func <PermissionRequest, bool> > condition = (PermissionRequest pr) => pr.Approved == null; Func <PermissionRequest, object> orderBy = (PermissionRequest c) => c.RoleID; if (communityId.HasValue) { // If community is specified, get all the pending requests of the specified community. condition = (PermissionRequest pr) => pr.Approved == null && pr.CommunityID == communityId.Value; } else { // If no community id is specified, get all the community ids to which user is given role of moderator or // higher and get their pending requests. var userCommunityIds = _userRepository.GetUserCommunitiesForRole(userId, UserRole.Moderator, false); condition = (PermissionRequest pr) => pr.Approved == null && userCommunityIds.Contains(pr.CommunityID); } // Gets the total items satisfying the condition pageDetails.TotalCount = _permissionRequestRepository.GetItemsCount(condition); pageDetails.TotalPages = (pageDetails.TotalCount / pageDetails.ItemsPerPage) + ((pageDetails.TotalCount % pageDetails.ItemsPerPage == 0) ? 0 : 1); var permissionDetails = new PermissionDetails(); foreach (var item in _permissionRequestRepository.GetItems(condition, orderBy, true, (pageDetails.CurrentPage - 1) * pageDetails.ItemsPerPage, pageDetails.ItemsPerPage)) { var userRole = _userRepository.GetUserRole(userId, item.CommunityID); // 1. User has to be at least Moderator to know the permission request details of the community. // 2. In case of profile page, user might be moderator for few communities and not for others. So, need to send only the requests // of community to which user is moderator or higher. if (userRole >= UserRole.Moderator) { var permissionItem = new PermissionItem(); Mapper.Map(item, permissionItem); permissionItem.CurrentUserRole = userRole; permissionDetails.PermissionItemList.Add(permissionItem); permissionDetails.CurrentUserPermission = userRole.GetPermission(); } else if (communityId.HasValue) { // If user is not having contributor or higher role, he will get item not found or don't have permission exception page. // This message to be shown only in case of permissions page not for profile page. permissionDetails = null; } } return(Task.FromResult(permissionDetails)); }
/// <summary> /// 获取当前面页所属的PermissionItem /// </summary> /// <param name="List">权限列表</param> /// <returns></returns> public static PermissionItem Get_PermissionItem(List <PermissionItem> List) { PermissionItem PI = null; foreach (PermissionItem var in List) { if (var.Item_FileList.IndexOf(Get_Script_Name.ToLower()) >= 0) { return(var); } } return(PI); }
/// <summary> /// Approves or declines a permission request of a user for a community and adds the user role of the community /// to the user communities table. /// </summary> /// <param name="permissionItem">Permission item with details about the request</param> /// <param name="updatedById">User who is updating the permission request</param> public OperationStatus UpdateUserPermissionRequest(PermissionItem permissionItem, long updatedById) { var operationStatus = OperationStatus.CreateSuccessStatus(); var permissionRequest = EarthOnlineDbContext.PermissionRequest.Where((PermissionRequest pr) => pr.UserID == permissionItem.UserID && pr.CommunityID == permissionItem.CommunityID && pr.Approved == null).FirstOrDefault(); // Make sure permissionRequest is not null this.CheckNotNull(() => new { permissionRequest }); // Update the status of the permission request as approved or rejected. permissionRequest.Approved = permissionItem.Approved; permissionRequest.RespondedByID = updatedById; permissionRequest.RespondedDate = DateTime.UtcNow; // Check if any existing user community role is already there for the user for the same community. var existingUserCommunityRole = DbSet.Where((UserCommunities uc) => uc.UserID == permissionItem.UserID && uc.CommunityId == permissionItem.CommunityID).FirstOrDefault(); // If the request is approved and also there are no roles for the same community and same user (not approved by anyone else) or // the new role is higher than the existing role, // only then add the user and his role for the community in user communities list. if (permissionItem.Approved == true) { if (existingUserCommunityRole != null && existingUserCommunityRole.Role.RoleID >= (int)permissionItem.Role) { operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.MembershipExistsErrorMessage; // Note that changes to permission request is not saved to the DB. return(operationStatus); } else { permissionItem.IsInherited = false; // Take the request which is being approved as only User Role which needs to be updated for the community // whose request is getting approved and also for their children recursively. UpdateCommunityPermission(permissionRequest.Community, permissionItem, false); } } else { // To update the permission request. Update(permissionRequest.Community.UserCommunities.FirstOrDefault()); } SaveChanges(); return(operationStatus); }
public ActionResult Index(string ownerGuid, ExecutorTypes ownerType, PermissionModes permissionMode) { NameValueCollection nvc = this.Request.Form; Dictionary <Guid, PermissionItem> changedPermissionItems = new Dictionary <Guid, PermissionItem>(); //获取选中的checkbox for (int i = 0; i < nvc.Count; i++) { string currentKey = nvc.AllKeys[i]; string currentValue = nvc[i]; if (currentKey.StartsWith(SystemConst.PermissionItemValuePrefix) && currentValue.ToLower() == "on") { int guidStartPos = SystemConst.PermissionItemValuePrefix.Length; int seperatorPos = currentKey.LastIndexOf(SystemConst.PermissionItemGuidValueSeperator); int valueStarPos = seperatorPos + SystemConst.PermissionItemGuidValueSeperator.Length; string permissionItemGuidString = currentKey.Substring(guidStartPos, seperatorPos - guidStartPos); Guid permissionItemGuid = new Guid(permissionItemGuidString); string permissionItemValueString = currentKey.Substring(valueStarPos); int permissionItemValue = 0; bool isSuccessful = int.TryParse(permissionItemValueString, out permissionItemValue); if (isSuccessful == true) { if (changedPermissionItems.ContainsKey(permissionItemGuid)) { changedPermissionItems[permissionItemGuid].PermissionItemValue |= permissionItemValue; } else { PermissionItem permissionItem = new PermissionItem(permissionItemGuid, permissionItemValue, BusinessUserBLL.CurrentUser.UserGuid, BusinessUserBLL.CurrentUser.UserType, Logics.False); changedPermissionItems.Add(permissionItemGuid, permissionItem); } } } } foreach (var permissionItem in changedPermissionItems) { BusinessPermission currentItem = new BusinessPermission(permissionItem.Value); currentItem.OwnerKey = ownerGuid.ToString(); currentItem.OwnerType = ownerType; currentItem.PermissionMode = permissionMode; currentItem.PermissionKind = PermissionKinds.Operating; BusinessPermissionBLL.Instance.CreateOrUpdate(currentItem); } return(Json(new LogicStatusInfo(true, "保存权限成功"))); }
private void SetData(ConsoleNode console, SearchMode mode) { try { lvMembers.Items.Clear(); if (mode == SearchMode.User) { lbMembers.Text = "&Users:"; this.Text = "Users"; UserStorageView[] users = console.Manager.Admon_GetUserList(console.Credentials); foreach (UserStorageView user in users) { UserItem ui = new UserItem(user.Username); ui.ImageIndex = 3; ui.User = user; lvMembers.Items.Add(ui); } } else if (mode == SearchMode.Group) { lbMembers.Text = "&Groups:"; this.Text = "Groups"; GroupStorageView[] groups = console.Manager.Admon_GetGroups(console.Credentials); foreach (GroupStorageView group in groups) { GroupItem gi = new GroupItem(group.GroupName); gi.ImageIndex = 2; gi.GroupView = group; lvMembers.Items.Add(gi); } } else if (mode == SearchMode.Permission) { lbMembers.Text = "&Permissions:"; this.Text = "Permissions"; PermissionStorageView[] permissions = console.Manager.Admon_GetPermissions(console.Credentials); foreach (PermissionStorageView permission in permissions) { PermissionItem prm = new PermissionItem(permission.PermissionName); prm.ImageIndex = 12; prm.Permission = new PermissionStorageView(permission.PermissionId, permission.PermissionName); lvMembers.Items.Add(prm); } } } catch (Exception ex) { MessageBox.Show("Error filling search list:" + ex.Message, "Search Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } }
/// <summary> /// 更新权限配置文件表 /// </summary> /// <param name="P_Mission">权限配置</param> /// <param name="Files">文件名</param> private void UpdatePermissionConfig(Permission P_Mission, List <string> Files) { if (Files.Count > 0) { PermissionItem Item = new PermissionItem(); Item.Item_Value = 2; Item.Item_Name = "Look"; Item.Item_FileList = ""; foreach (string var in Files) { Item.Item_FileList = string.Format(",{0}{1}", var, Item.Item_FileList); } Item.Item_FileList = Item.Item_FileList + ","; P_Mission.ItemList.Add(Item); } }
public async Task UpdateAsync(PermissionItem permissionItem, CancellationToken cancellationToken) { if (permissionItem == null) { throw new ArgumentNullException(nameof(permissionItem)); } Context.Attach(permissionItem); Context.Update(permissionItem); try { await Context.SaveChangesAsync(cancellationToken); } catch (DbUpdateConcurrencyException) { } }
public bool Check(long userId, PermissionItem item, PermissionAction[] actions) { var actionsList = actions.Select(x => x.ToString().ToLower()).ToList(); using (var connection = _connector.GetConnection()) { var userIsAdmin = _permissionReader.UserIsAdmin(connection, userId); if (userIsAdmin) { return(true); } var permissions = _permissionReader.GetUserPermissions(connection, userId, item.ToString().ToLower()); var result = permissions.Where(x => actionsList.Contains(x.Action.ToLower())).Any(); return(result); } }
private void SendChangedUserRoleMail(PermissionItem permission) { try { // Send Mail. var request = new UserPermissionChangedRequest(); request.CommunityID = permission.CommunityID; request.CommunityName = permission.CommunityName; request.CommunityLink = string.Format(CultureInfo.InvariantCulture, "{0}Community/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.CommunityID); request.UserID = permission.UserID; request.UserLink = string.Format(CultureInfo.InvariantCulture, "{0}Profile/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.UserID); request.UserName = permission.Name; request.Role = permission.Role; request.ModeratorID = CurrentUserId; request.ModeratorLink = string.Format(CultureInfo.InvariantCulture, "{0}Profile/Index/{1}", HttpContext.Request.Url.GetServerLink(), request.ModeratorID); _notificationService.NotifyUserPermissionChangedStatus(request); } catch (Exception) { // Ignore all exceptions. } }
private void SendRemoveUserMail(PermissionItem permission) { try { // Send Mail. var request = new RemoveUserRequest(); request.CommunityID = permission.CommunityID; request.CommunityName = permission.CommunityName; request.CommunityLink = string.Format(CultureInfo.InvariantCulture, "{0}Community/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.CommunityID); request.UserID = permission.UserID; request.UserLink = string.Format(CultureInfo.InvariantCulture, "{0}Profile/Index/{1}", HttpContext.Request.Url.GetServerLink(), permission.UserID); request.UserName = permission.Name; _notificationService.NotifyRemoveUser(request); } catch (Exception) { // Ignore all exceptions. } }
public async Task<JsonResult> UpdateUserPermissionRequest(long entityId, long requestorId, UserRole userRole, bool approve) { if (CurrentUserId == 0) { await TryAuthenticateFromHttpContext(_communityService, _notificationService); } var permission = new PermissionItem { UserID = requestorId, CommunityID = entityId, Role = userRole, Approved = approve }; var operationStatus = ProfileService.UpdateUserPermissionRequest(permission, CurrentUserId); if (operationStatus.Succeeded) { try { SendProcessingStatusMail(permission); } catch (Exception) { } } return Json(operationStatus.Succeeded); }
public async Task<string> Join(long communityId, string comments, UserRole userRole) { if (CurrentUserId == 0) { await TryAuthenticateFromHttpContext(_communityService, _notificationService); } var ajaxResponse = "Success"; var permission = new PermissionItem { UserID = CurrentUserId, CommunityID = communityId, Role = userRole, Comment = Server.UrlDecode(comments) }; var operationStatus = ProfileService.JoinCommunity(permission); if (operationStatus.Succeeded) { SendJoinCommunityMail(permission); } else if (operationStatus.CustomErrorMessage) { ajaxResponse = operationStatus.ErrorMessage; } return ajaxResponse; }
private void GetPermissionData() { lvPrm.Items.Clear(); try { //get the group this user belongs to. PermissionStorageView[] permissions = console.Manager.Admon_GetGroupPermissions(console.Credentials, _Group); foreach (PermissionStorageView permission in permissions) { PermissionItem prmItem = new PermissionItem(permission.PermissionName); prmItem.Permission = new PermissionStorageView(permission.PermissionId, permission.PermissionName); prmItem.ImageIndex = 12; lvPrm.Items.Add(prmItem); } } catch (Exception ex) { if (ex is AuthorizationException) { MessageBox.Show("Access denied. You do not have adequate permissions for this operation.","Authorization Error",MessageBoxButtons.OK, MessageBoxIcon.Error); } else { MessageBox.Show("Could not get group permissions. Error: "+ex.Message,"Console Error", MessageBoxButtons.OK, MessageBoxIcon.Error); } } }
private void btnAddPrm_Click(object sender, EventArgs e) { SearchForm srch = new SearchForm(this.console, SearchForm.SearchMode.Permission); srch.ShowDialog(this); //get list of users from the search form. ListView.SelectedListViewItemCollection items = srch.lvMembers.SelectedItems; //for now only one item can be included if (items!=null && items.Count>0) lvPrm.Items.Clear(); foreach (ListViewItem li in items) { PermissionItem prm = new PermissionItem(li.Text); prm.ImageIndex = li.ImageIndex; prm.Permission = ((PermissionItem)li).Permission; //this loop should go only once: since only one item can be selected. lvPrm.Items.Add(prm); } UpdateNeeded = UpdateNeeded || (lvPrm.Items!=null && lvPrm.Items.Count>0); btnApply.Enabled = UpdateNeeded; }
/// <summary> /// Gets the user permissions for the given community and for the given page. User should have at least /// contributor permission on the community to get user permissions. /// </summary> /// <param name="userId">User who is reading the permissions</param> /// <param name="communityId">Community for which permissions are fetched</param> /// <param name="pageDetails">Page for which permissions are fetched</param> /// <returns>List of permissions/user roles</returns> public async Task<PermissionDetails> GetUserPemissions(long userId, long communityId, PageDetails pageDetails) { this.CheckNotNull(() => new { pageDetails }); Expression<Func<UserCommunities, bool>> condition = c => c.CommunityId == communityId; Func<UserCommunities, object> orderBy = c => c.RoleID; // Gets the total items satisfying the condition pageDetails.TotalCount = _userCommunitiesRepository.GetItemsCount(condition); pageDetails.TotalPages = (pageDetails.TotalCount / pageDetails.ItemsPerPage) + ((pageDetails.TotalCount % pageDetails.ItemsPerPage == 0) ? 0 : 1); // TODO: Passing the condition in a variable doesn't add the WHERE clause in SQL server. Need to work on this later. var items = _userCommunitiesRepository.GetItems(condition, orderBy, true, (pageDetails.CurrentPage - 1) * pageDetails.ItemsPerPage, pageDetails.ItemsPerPage); var permissionDetails = new PermissionDetails(); if (items != null && items.Any()) { var userRole = _userRepository.GetUserRole(userId, communityId); // User has to be at least contributor to know the permission details of the community. if (userRole >= UserRole.Contributor) { permissionDetails.CurrentUserPermission = userRole.GetPermission(); foreach (var item in items) { var permissionItem = new PermissionItem(); Mapper.Map(item, permissionItem); permissionItem.CurrentUserRole = userRole; permissionDetails.PermissionItemList.Add(permissionItem); } } else { // If user is not having contributor or higher role, he will get item not found or don't have permission exception page. permissionDetails = null; } } return permissionDetails; }
/// <summary> /// Gets the user requests for the given community and for the given page. User should have moderator /// or owner/site admin permission on the community to get user request. /// </summary> /// <param name="userId">User who is reading the requests</param> /// <param name="communityId">Community for which requests are fetched</param> /// <param name="pageDetails">Page for which requests are fetched</param> /// <returns>List of user role requests</returns> public async Task<PermissionDetails> GetUserPemissionRequests(long userId, long? communityId, PageDetails pageDetails) { this.CheckNotNull(() => new { pageDetails }); // Condition to get all the pending requests irrespective of community. Expression<Func<PermissionRequest, bool>> condition = (PermissionRequest pr) => pr.Approved == null; Func<PermissionRequest, object> orderBy = (PermissionRequest c) => c.RoleID; if (communityId.HasValue) { // If community is specified, get all the pending requests of the specified community. condition = (PermissionRequest pr) => pr.Approved == null && pr.CommunityID == communityId.Value; } else { // If no community id is specified, get all the community ids to which user is given role of moderator or // higher and get their pending requests. var userCommunityIds = _userRepository.GetUserCommunitiesForRole(userId, UserRole.Moderator, false); condition = (PermissionRequest pr) => pr.Approved == null && userCommunityIds.Contains(pr.CommunityID); } // Gets the total items satisfying the condition pageDetails.TotalCount = _permissionRequestRepository.GetItemsCount(condition); pageDetails.TotalPages = (pageDetails.TotalCount / pageDetails.ItemsPerPage) + ((pageDetails.TotalCount % pageDetails.ItemsPerPage == 0) ? 0 : 1); var permissionDetails = new PermissionDetails(); foreach (var item in _permissionRequestRepository.GetItems(condition, orderBy, true, (pageDetails.CurrentPage - 1) * pageDetails.ItemsPerPage, pageDetails.ItemsPerPage)) { var userRole = _userRepository.GetUserRole(userId, item.CommunityID); // 1. User has to be at least Moderator to know the permission request details of the community. // 2. In case of profile page, user might be moderator for few communities and not for others. So, need to send only the requests // of community to which user is moderator or higher. if (userRole >= UserRole.Moderator) { var permissionItem = new PermissionItem(); Mapper.Map(item, permissionItem); permissionItem.CurrentUserRole = userRole; permissionDetails.PermissionItemList.Add(permissionItem); permissionDetails.CurrentUserPermission = userRole.GetPermission(); } else if (communityId.HasValue) { // If user is not having contributor or higher role, he will get item not found or don't have permission exception page. // This message to be shown only in case of permissions page not for profile page. permissionDetails = null; } } return permissionDetails; }
public OperationStatus JoinCommunity(PermissionItem permissionItem) { // Make sure input is not null this.CheckNotNull(() => new { permissionItem }); var operationStatus = new OperationStatus(); try { var permissionRequest = new PermissionRequest(); Mapper.Map(permissionItem, permissionRequest); permissionRequest.RequestedDate = DateTime.UtcNow; _permissionRequestRepository.Add(permissionRequest); _permissionRequestRepository.SaveChanges(); operationStatus.Succeeded = true; } catch (Exception) { // TODO: Add exception handling logic here. operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.UnknownErrorMessage; } return operationStatus; }
/// <summary> /// Joins the current user to community for which the invite request token was generated. /// </summary> /// <param name="userId">User who is making the join request</param> /// <param name="inviteRequestToken">Token to be used for joining the community</param> /// <returns>Status of the operation. Success, if succeeded, failure message and exception details in case of exception.</returns> public async Task<OperationStatus> JoinCommunity(long userId, Guid inviteRequestToken) { var operationStatus = new OperationStatus(); try { // Find the invite request entity in database. var inviteRequest = _inviteRequestRepository.GetItem(invite => invite.InviteRequestToken == inviteRequestToken, "InviteRequestContent"); if (inviteRequest == null || inviteRequest.IsDeleted == true) { operationStatus = OperationStatus.CreateFailureStatus(Resources.InviteDeletedErrorMessage); } else if (inviteRequest.Used == true) { operationStatus = OperationStatus.CreateFailureStatus(Resources.InviteUsedErrorMessage); } else { var permissionItem = new PermissionItem { UserID = userId, CommunityID = inviteRequest.InviteRequestContent.CommunityID, Role = (UserRole) inviteRequest.InviteRequestContent.RoleID }; // Check if at all the user is already member of the same community. var existingRole = _userCommunitiesRepository.GetItem( userCommunity => userCommunity.UserID == userId && userCommunity.CommunityId == inviteRequest.InviteRequestContent.CommunityID); if (existingRole == null || inviteRequest.InviteRequestContent.RoleID > existingRole.RoleID) { operationStatus = _userCommunitiesRepository.UpdateUserRoles(permissionItem); } else { // Just mark OperationStatus as succeeded so that, the token will be marked as used. operationStatus.Succeeded = true; } if (operationStatus.Succeeded) { inviteRequest.Used = true; inviteRequest.UsedByID = userId; inviteRequest.UsedDate = DateTime.UtcNow; _inviteRequestRepository.Update(inviteRequest); _inviteRequestRepository.SaveChanges(); } } } catch (Exception) { // TODO: Add exception handling logic here. operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.UnknownErrorMessage; } return operationStatus; }
public OperationStatus UpdateUserRoles(PermissionItem permissionItem, long updatedById) { var operationStatus = new OperationStatus(); // Make sure input is not null this.CheckNotNull(() => new { permissionItem }); try { // Need to check the current user role before updating the request. var currentUserRole = _userRepository.GetUserRole(updatedById, permissionItem.CommunityID); // 1. Leave community should check for user role. // 2. User should be having moderator role or higher. // 3. If the permission being assigned in Owner, then only owners or site administrators can update the permission. if (permissionItem.Role != UserRole.None && ( currentUserRole < UserRole.Moderator || (permissionItem.Role == UserRole.Owner && currentUserRole != UserRole.Owner && currentUserRole != UserRole.SiteAdmin))) { operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.NoPermissionsErrorMessage; } else { operationStatus = _userCommunitiesRepository.UpdateUserRoles(permissionItem); } } catch (Exception) { // TODO: Add exception handling logic here. operationStatus.Succeeded = false; operationStatus.CustomErrorMessage = true; operationStatus.ErrorMessage = Resources.UnknownErrorMessage; } return operationStatus; }