private bool AccessControl(string methodType, ProfileRightModel organizationProfile, UserProfileModel userProfile)
{
var result = false;
if (organizationProfile == null)
{
return(false);
}
if (userProfile != null)
{
organizationProfile.Right = userProfile.Right;
}
switch (methodType)
{
case "GET":
result = organizationProfile.Right.CanRead() || (organizationProfile.SubRight.HasValue && organizationProfile.SubRight.Value.CanRead());
break;
case "POST":
result = organizationProfile.Right.CanWrite() || (organizationProfile.SubRight.HasValue && organizationProfile.SubRight.Value.CanWrite());
break;
case "PUT":
case "PATCH":
result = organizationProfile.Right.CanEdit() || (organizationProfile.SubRight.HasValue && organizationProfile.SubRight.Value.CanEdit());
break;
case "DELETE":
result = organizationProfile.Right.CanDelete() || (organizationProfile.SubRight.HasValue && organizationProfile.SubRight.Value.CanDelete());
break;
}
return(result);
}
private ProfileRightModel GetProfileAccessRight(ClaimsIdentity identity, string controllerName)
{
var claim = identity.Claims.FirstOrDefault(c => c.ValueType.Equals(controllerName));
ProfileRightModel result = null;
if (claim != null)
{
var right = JsonConvert.DeserializeObject <AccessRightClaim>(claim?.Value);
result = right.ToModel();
}
return(result);
}
private ProfileRightModel GetProfileAccessRight(ClaimsPrincipal identity, string controllerName)
{
ProfileRightModel result = null;
var claims = identity.FindAll("Profile").Select(c => c.Value);
foreach (var claim in claims)
{
var c = JsonConvert.DeserializeObject <AccessRightClaim>(claim);
if (c.Name.Equals(controllerName))
{
result = c.ToModel();
break;
}
}
return(result);
}
