forked from ddrilling/AsbCloudServer
CS2-133: Removed permission mask logic from permissions
This commit is contained in:
Харченко Владимир
parent
888c28cdf8
commit
17db1218cc
@ -3,6 +3,6 @@
|
|||||||
public class PermissionBaseDto
|
public class PermissionBaseDto
|
||||||
{
|
{
|
||||||
public int Id { get; set; }
|
public int Id { get; set; }
|
||||||
public string PermissionName { get; set; }
|
public string Name { get; set; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -10,6 +10,6 @@ namespace AsbCloudApp.Services
|
|||||||
Task<UserRoleDto> GetByNameAsync(string name, CancellationToken token = default);
|
Task<UserRoleDto> GetByNameAsync(string name, CancellationToken token = default);
|
||||||
List<UserRoleDto> GetNestedById(int id, int counter = 10);
|
List<UserRoleDto> GetNestedById(int id, int counter = 10);
|
||||||
IEnumerable<PermissionBaseDto> GetNestedPermissions(IEnumerable<UserRoleDto> roles);
|
IEnumerable<PermissionBaseDto> GetNestedPermissions(IEnumerable<UserRoleDto> roles);
|
||||||
bool HasPermission(IEnumerable<int> rolesIds, string permissionName, int permissionMask = 0);
|
bool HasPermission(IEnumerable<int> rolesIds, string permissionName);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -10,6 +10,6 @@ namespace AsbCloudApp.Services
|
|||||||
IEnumerable<UserRoleDto> GetRolesByIdUser(int idUser);
|
IEnumerable<UserRoleDto> GetRolesByIdUser(int idUser);
|
||||||
bool HasAnyRoleOf(int idUser, IEnumerable<string> roleNames);
|
bool HasAnyRoleOf(int idUser, IEnumerable<string> roleNames);
|
||||||
bool HasAnyRoleOf(int idUser, IEnumerable<int> roleIds);
|
bool HasAnyRoleOf(int idUser, IEnumerable<int> roleIds);
|
||||||
public bool HasPermission(int idUser, string permissionName, int permissionMask = 0);
|
public bool HasPermission(int idUser, string permissionName);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
2969
AsbCloudDb/Migrations/20211216072650_RemovedIdFromPermissionRelations.Designer.cs
generated
Normal file
2969
AsbCloudDb/Migrations/20211216072650_RemovedIdFromPermissionRelations.Designer.cs
generated
Normal file
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,35 @@
|
|||||||
|
using Microsoft.EntityFrameworkCore.Migrations;
|
||||||
|
|
||||||
|
namespace AsbCloudDb.Migrations
|
||||||
|
{
|
||||||
|
public partial class RemovedIdFromPermissionRelations : Migration
|
||||||
|
{
|
||||||
|
protected override void Up(MigrationBuilder migrationBuilder)
|
||||||
|
{
|
||||||
|
migrationBuilder.DropColumn(
|
||||||
|
name: "id",
|
||||||
|
table: "t_relation_user_user_role");
|
||||||
|
|
||||||
|
migrationBuilder.DropColumn(
|
||||||
|
name: "id",
|
||||||
|
table: "t_relation_user_role_permission");
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override void Down(MigrationBuilder migrationBuilder)
|
||||||
|
{
|
||||||
|
migrationBuilder.AddColumn<int>(
|
||||||
|
name: "id",
|
||||||
|
table: "t_relation_user_user_role",
|
||||||
|
type: "integer",
|
||||||
|
nullable: false,
|
||||||
|
defaultValue: 0);
|
||||||
|
|
||||||
|
migrationBuilder.AddColumn<int>(
|
||||||
|
name: "id",
|
||||||
|
table: "t_relation_user_role_permission",
|
||||||
|
type: "integer",
|
||||||
|
nullable: false,
|
||||||
|
defaultValue: 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -739,10 +739,6 @@ namespace AsbCloudDb.Migrations
|
|||||||
.HasColumnType("integer")
|
.HasColumnType("integer")
|
||||||
.HasColumnName("id_permission");
|
.HasColumnName("id_permission");
|
||||||
|
|
||||||
b.Property<int>("Id")
|
|
||||||
.HasColumnType("integer")
|
|
||||||
.HasColumnName("id");
|
|
||||||
|
|
||||||
b.HasKey("IdUserRole", "IdPermission");
|
b.HasKey("IdUserRole", "IdPermission");
|
||||||
|
|
||||||
b.HasIndex("IdPermission");
|
b.HasIndex("IdPermission");
|
||||||
@ -763,10 +759,6 @@ namespace AsbCloudDb.Migrations
|
|||||||
.HasColumnType("integer")
|
.HasColumnType("integer")
|
||||||
.HasColumnName("id_user_role");
|
.HasColumnName("id_user_role");
|
||||||
|
|
||||||
b.Property<int>("Id")
|
|
||||||
.HasColumnType("integer")
|
|
||||||
.HasColumnName("id");
|
|
||||||
|
|
||||||
b.HasKey("IdUser", "IdUserRole");
|
b.HasKey("IdUser", "IdUserRole");
|
||||||
|
|
||||||
b.HasIndex("IdUserRole");
|
b.HasIndex("IdUserRole");
|
||||||
@ -780,8 +772,7 @@ namespace AsbCloudDb.Migrations
|
|||||||
new
|
new
|
||||||
{
|
{
|
||||||
IdUser = 1,
|
IdUser = 1,
|
||||||
IdUserRole = 2,
|
IdUserRole = 2
|
||||||
Id = 0
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|||||||
@ -7,10 +7,6 @@ namespace AsbCloudDb.Model
|
|||||||
[Table("t_relation_user_role_permission"), Comment("Отношение ролей пользователей и разрешений доступа")]
|
[Table("t_relation_user_role_permission"), Comment("Отношение ролей пользователей и разрешений доступа")]
|
||||||
public class RelationUserRolePermission
|
public class RelationUserRolePermission
|
||||||
{
|
{
|
||||||
[Key]
|
|
||||||
[Column("id")]
|
|
||||||
public int Id { get; set; }
|
|
||||||
|
|
||||||
[Column("id_user_role")]
|
[Column("id_user_role")]
|
||||||
public int IdUserRole { get; set; }
|
public int IdUserRole { get; set; }
|
||||||
|
|
||||||
|
|||||||
@ -7,10 +7,6 @@ namespace AsbCloudDb.Model
|
|||||||
[Table("t_relation_user_user_role"), Comment("Отношение пользователей и ролей")]
|
[Table("t_relation_user_user_role"), Comment("Отношение пользователей и ролей")]
|
||||||
public class RelationUserUserRole
|
public class RelationUserUserRole
|
||||||
{
|
{
|
||||||
[Key]
|
|
||||||
[Column("id")]
|
|
||||||
public int Id { get; set; }
|
|
||||||
|
|
||||||
[Column("id_user")]
|
[Column("id_user")]
|
||||||
public int IdUser { get; set; }
|
public int IdUser { get; set; }
|
||||||
|
|
||||||
|
|||||||
@ -116,7 +116,7 @@ namespace AsbCloudInfrastructure.Services
|
|||||||
new PermissionBaseDto
|
new PermissionBaseDto
|
||||||
{
|
{
|
||||||
Id = newPermission.Id,
|
Id = newPermission.Id,
|
||||||
PermissionName = newPermission.Name ??
|
Name = newPermission.Name ??
|
||||||
cachePermission.FirstOrDefault(p => p.Id == newPermission.Id).Name
|
cachePermission.FirstOrDefault(p => p.Id == newPermission.Id).Name
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@ -137,7 +137,7 @@ namespace AsbCloudInfrastructure.Services
|
|||||||
{
|
{
|
||||||
Id = p.Id,
|
Id = p.Id,
|
||||||
IdUserRole = roleDto.Id,
|
IdUserRole = roleDto.Id,
|
||||||
PermissionName = p.PermissionName
|
Name = p.Name
|
||||||
});
|
});
|
||||||
|
|
||||||
await permissionService.InsertRangeAsync(newPermissions, token)
|
await permissionService.InsertRangeAsync(newPermissions, token)
|
||||||
@ -171,20 +171,17 @@ namespace AsbCloudInfrastructure.Services
|
|||||||
public Task<int> DeleteAsync(IEnumerable<int> ids, CancellationToken token = default)
|
public Task<int> DeleteAsync(IEnumerable<int> ids, CancellationToken token = default)
|
||||||
=> cacheUserRoles.RemoveAsync(r => ids.Contains(r.Id), token);
|
=> cacheUserRoles.RemoveAsync(r => ids.Contains(r.Id), token);
|
||||||
|
|
||||||
public bool HasPermission(IEnumerable<int> rolesIds, string permissionName, int permissionMask = 0)
|
public bool HasPermission(IEnumerable<int> rolesIds, string permissionName)
|
||||||
{
|
{
|
||||||
var permissionInfo = cachePermission.FirstOrDefault(p => p.Name.ToLower() == permissionName.ToLower());
|
var permissionInfo = cachePermission.FirstOrDefault(p => p.Name.ToLower() == permissionName.ToLower());
|
||||||
|
|
||||||
if (permissionInfo is null)
|
if (permissionInfo is null)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if (permissionMask == 0)
|
|
||||||
permissionMask = -1;
|
|
||||||
|
|
||||||
var idPermissionInfo = permissionInfo.Id;
|
var idPermissionInfo = permissionInfo.Id;
|
||||||
var roles = cacheUserRoles.Where(r => rolesIds.Contains(r.Id));
|
var roles = cacheUserRoles.Where(r => rolesIds.Contains(r.Id));
|
||||||
foreach (var role in roles)
|
foreach (var role in roles)
|
||||||
if (HasPermission(role, idPermissionInfo, permissionMask))
|
if (HasPermission(role, idPermissionInfo))
|
||||||
return true;
|
return true;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -152,15 +152,14 @@ namespace AsbCloudInfrastructure.Services
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public bool HasPermission(int idUser, string permissionName, int permissionMask = 0)
|
public bool HasPermission(int idUser, string permissionName)
|
||||||
{
|
{
|
||||||
var relationsToRoles = cacheRelationUserToRoles.Where(r=>r.IdUser == idUser);
|
var relationsToRoles = cacheRelationUserToRoles.Where(r=>r.IdUser == idUser);
|
||||||
if (relationsToRoles is null)
|
if (relationsToRoles is null)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
return RoleService.HasPermission(relationsToRoles.Select(r => r.IdUserRole),
|
return RoleService.HasPermission(relationsToRoles.Select(r => r.IdUserRole),
|
||||||
permissionName,
|
permissionName);
|
||||||
permissionMask);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,6 +28,7 @@ namespace AsbCloudWebApi.Controllers
|
|||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
[HttpGet]
|
[HttpGet]
|
||||||
[ProducesResponseType(typeof(IEnumerable<PermissionDto>), (int)System.Net.HttpStatusCode.OK)]
|
[ProducesResponseType(typeof(IEnumerable<PermissionDto>), (int)System.Net.HttpStatusCode.OK)]
|
||||||
|
[Permission]
|
||||||
public async Task<IActionResult> GetByIdRoleAsync(int idRole, CancellationToken token = default)
|
public async Task<IActionResult> GetByIdRoleAsync(int idRole, CancellationToken token = default)
|
||||||
{
|
{
|
||||||
var result = await permissionService.GetByIdRoleAsync(idRole, token);
|
var result = await permissionService.GetByIdRoleAsync(idRole, token);
|
||||||
|
|||||||
@ -43,9 +43,8 @@ namespace AsbCloudWebApi.Middlewares
|
|||||||
?.ControllerName
|
?.ControllerName
|
||||||
.ToLower();
|
.ToLower();
|
||||||
|
|
||||||
var permissionMask = permission.Mask;
|
|
||||||
var userService = context.RequestServices.GetRequiredService<IUserService>();
|
var userService = context.RequestServices.GetRequiredService<IUserService>();
|
||||||
var isAuthorized = userService.HasPermission((int)idUser, permissionName, permissionMask);
|
var isAuthorized = userService.HasPermission((int)idUser, permissionName);
|
||||||
|
|
||||||
if(isAuthorized)
|
if(isAuthorized)
|
||||||
await next?.Invoke(context);
|
await next?.Invoke(context);
|
||||||
|
|||||||
@ -49,7 +49,6 @@ namespace AsbCloudWebApi
|
|||||||
public static SortedSet<string> Registered { get; } = new SortedSet<string>();
|
public static SortedSet<string> Registered { get; } = new SortedSet<string>();
|
||||||
|
|
||||||
public string Name { get; set; }
|
public string Name { get; set; }
|
||||||
public int Mask { get; set; }
|
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Проверка наличия у пользователя разрешения.
|
/// Проверка наличия у пользователя разрешения.
|
||||||
@ -59,7 +58,6 @@ namespace AsbCloudWebApi
|
|||||||
public PermissionAttribute(string name = default, int mask = -1)
|
public PermissionAttribute(string name = default, int mask = -1)
|
||||||
{
|
{
|
||||||
Name = name;
|
Name = name;
|
||||||
Mask = mask;
|
|
||||||
Registered.Add(name);
|
Registered.Add(name);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -19,7 +19,7 @@ namespace ConsoleApp1
|
|||||||
{
|
{
|
||||||
static void Main(/*string[] args*/)
|
static void Main(/*string[] args*/)
|
||||||
{
|
{
|
||||||
ControllerLoadTester.TestControllerRoute();
|
DbDemoDataService.AddDemoData();
|
||||||
//.GetAwaiter().GetResult();
|
//.GetAwaiter().GetResult();
|
||||||
|
|
||||||
Console.WriteLine("End of Test");
|
Console.WriteLine("End of Test");
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user