CS2-123: Renamed permission tables, removed roles from claims, etc

This commit is contained in:
KharchenkoVladimir 2021-11-30 17:22:38 +05:00
parent fd139079a4
commit ad061bbca5
13 changed files with 3232 additions and 143 deletions

View File

@ -1,17 +0,0 @@
using System.Collections.Generic;
using System.Threading;
using System.Threading.Tasks;
using AsbCloudApp.Data;
namespace AsbCloudApp.Services
{
public interface IUserRoleService
{
Task<IEnumerable<UserRoleDto>> GetAllAsync(CancellationToken token);
Task<UserRoleDto> GetAsync(int id, CancellationToken token);
Task<int> InsertAsync(UserRoleDto dto, CancellationToken token = default);
Task UpdateAsync(UserRoleDto dto, CancellationToken token = default);
Task<int> DeleteAsync(IEnumerable<int> ids, CancellationToken token);
}
}

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,214 @@
using System.Collections.Generic;
using Microsoft.EntityFrameworkCore.Migrations;
using Npgsql.EntityFrameworkCore.PostgreSQL.Metadata;
namespace AsbCloudDb.Migrations
{
public partial class Renamed_Permissions_Tables : Migration
{
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropTable(
name: "t_relation_user_role_permission");
migrationBuilder.DropPrimaryKey(
name: "PK_t_permission",
table: "t_permission");
migrationBuilder.DropColumn(
name: "bit_description",
table: "t_permission");
migrationBuilder.DropColumn(
name: "description",
table: "t_permission");
migrationBuilder.DropColumn(
name: "name",
table: "t_permission");
migrationBuilder.RenameColumn(
name: "id",
table: "t_permission",
newName: "permission_value");
migrationBuilder.AlterTable(
name: "t_permission",
comment: "Отношение ролей пользователей и разрешений доступа",
oldComment: "Разрешения на доступ к данным");
migrationBuilder.AlterColumn<int>(
name: "permission_value",
table: "t_permission",
type: "integer",
nullable: false,
oldClrType: typeof(int),
oldType: "integer")
.OldAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.IdentityByDefaultColumn);
migrationBuilder.AddColumn<int>(
name: "id_user_role",
table: "t_permission",
type: "integer",
nullable: false,
defaultValue: 0);
migrationBuilder.AddColumn<int>(
name: "id_permission",
table: "t_permission",
type: "integer",
nullable: false,
defaultValue: 0);
migrationBuilder.AddPrimaryKey(
name: "PK_t_permission",
table: "t_permission",
columns: new[] { "id_user_role", "id_permission" });
migrationBuilder.CreateTable(
name: "t_permission_info",
columns: table => new
{
id = table.Column<int>(type: "integer", nullable: false)
.Annotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.IdentityByDefaultColumn),
name = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: true, comment: "Название"),
description = table.Column<string>(type: "character varying(255)", maxLength: 255, nullable: true, comment: "Краткое описание"),
bit_description = table.Column<IDictionary<int, string>>(type: "jsonb", nullable: true, comment: "Описание каждого бита разрешений")
},
constraints: table =>
{
table.PrimaryKey("PK_t_permission_info", x => x.id);
},
comment: "Разрешения на доступ к данным");
migrationBuilder.CreateIndex(
name: "IX_t_permission_id_permission",
table: "t_permission",
column: "id_permission");
migrationBuilder.AddForeignKey(
name: "FK_t_permission_t_permission_info_id_permission",
table: "t_permission",
column: "id_permission",
principalTable: "t_permission_info",
principalColumn: "id",
onDelete: ReferentialAction.Cascade);
migrationBuilder.AddForeignKey(
name: "FK_t_permission_t_user_role_id_user_role",
table: "t_permission",
column: "id_user_role",
principalTable: "t_user_role",
principalColumn: "id",
onDelete: ReferentialAction.Cascade);
}
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.DropForeignKey(
name: "FK_t_permission_t_permission_info_id_permission",
table: "t_permission");
migrationBuilder.DropForeignKey(
name: "FK_t_permission_t_user_role_id_user_role",
table: "t_permission");
migrationBuilder.DropTable(
name: "t_permission_info");
migrationBuilder.DropPrimaryKey(
name: "PK_t_permission",
table: "t_permission");
migrationBuilder.DropIndex(
name: "IX_t_permission_id_permission",
table: "t_permission");
migrationBuilder.DropColumn(
name: "id_user_role",
table: "t_permission");
migrationBuilder.DropColumn(
name: "id_permission",
table: "t_permission");
migrationBuilder.RenameColumn(
name: "permission_value",
table: "t_permission",
newName: "id");
migrationBuilder.AlterTable(
name: "t_permission",
comment: "Разрешения на доступ к данным",
oldComment: "Отношение ролей пользователей и разрешений доступа");
migrationBuilder.AlterColumn<int>(
name: "id",
table: "t_permission",
type: "integer",
nullable: false,
oldClrType: typeof(int),
oldType: "integer")
.Annotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.IdentityByDefaultColumn);
migrationBuilder.AddColumn<string>(
name: "bit_description",
table: "t_permission",
type: "jsonb",
nullable: true,
comment: "Описание каждого бита разрешений");
migrationBuilder.AddColumn<string>(
name: "description",
table: "t_permission",
type: "character varying(255)",
maxLength: 255,
nullable: true,
comment: "Краткое описание");
migrationBuilder.AddColumn<string>(
name: "name",
table: "t_permission",
type: "character varying(255)",
maxLength: 255,
nullable: true,
comment: "Название");
migrationBuilder.AddPrimaryKey(
name: "PK_t_permission",
table: "t_permission",
column: "id");
migrationBuilder.CreateTable(
name: "t_relation_user_role_permission",
columns: table => new
{
id_user_role = table.Column<int>(type: "integer", nullable: false),
id_permission = table.Column<int>(type: "integer", nullable: false),
permission_value = table.Column<int>(type: "integer", nullable: false)
},
constraints: table =>
{
table.PrimaryKey("PK_t_relation_user_role_permission", x => new { x.id_user_role, x.id_permission });
table.ForeignKey(
name: "FK_t_relation_user_role_permission_t_permission_id_permission",
column: x => x.id_permission,
principalTable: "t_permission",
principalColumn: "id",
onDelete: ReferentialAction.Cascade);
table.ForeignKey(
name: "FK_t_relation_user_role_permission_t_user_role_id_user_role",
column: x => x.id_user_role,
principalTable: "t_user_role",
principalColumn: "id",
onDelete: ReferentialAction.Cascade);
},
comment: "Отношение ролей пользователей и разрешений доступа");
migrationBuilder.CreateIndex(
name: "IX_t_relation_user_role_permission_id_permission",
table: "t_relation_user_role_permission",
column: "id_permission");
}
}
}

View File

@ -682,6 +682,30 @@ namespace AsbCloudDb.Migrations
});
modelBuilder.Entity("AsbCloudDb.Model.Permission", b =>
{
b.Property<int>("IdRole")
.HasColumnType("integer")
.HasColumnName("id_user_role");
b.Property<int>("IdPermission")
.HasColumnType("integer")
.HasColumnName("id_permission");
b.Property<int>("PermissionValue")
.HasColumnType("integer")
.HasColumnName("permission_value");
b.HasKey("IdRole", "IdPermission");
b.HasIndex("IdPermission");
b.ToTable("t_permission");
b
.HasComment("Отношение ролей пользователей и разрешений доступа");
});
modelBuilder.Entity("AsbCloudDb.Model.PermissionInfo", b =>
{
b.Property<int>("Id")
.ValueGeneratedOnAdd()
@ -689,7 +713,7 @@ namespace AsbCloudDb.Migrations
.HasColumnName("id")
.HasAnnotation("Npgsql:ValueGenerationStrategy", NpgsqlValueGenerationStrategy.IdentityByDefaultColumn);
b.Property<string>("BitDescription")
b.Property<IDictionary<int, string>>("BitDescription")
.HasColumnType("jsonb")
.HasColumnName("bit_description")
.HasComment("Описание каждого бита разрешений");
@ -708,7 +732,7 @@ namespace AsbCloudDb.Migrations
b.HasKey("Id");
b.ToTable("t_permission");
b.ToTable("t_permission_info");
b
.HasComment("Разрешения на доступ к данным");
@ -734,30 +758,6 @@ namespace AsbCloudDb.Migrations
.HasComment("отношение скважин и компаний");
});
modelBuilder.Entity("AsbCloudDb.Model.RelationRolePermission", b =>
{
b.Property<int>("IdRole")
.HasColumnType("integer")
.HasColumnName("id_user_role");
b.Property<int>("IdPermission")
.HasColumnType("integer")
.HasColumnName("id_permission");
b.Property<int>("PermissionValue")
.HasColumnType("integer")
.HasColumnName("permission_value");
b.HasKey("IdRole", "IdPermission");
b.HasIndex("IdPermission");
b.ToTable("t_relation_user_role_permission");
b
.HasComment("Отношение ролей пользователей и разрешений доступа");
});
modelBuilder.Entity("AsbCloudDb.Model.RelationUserUserRole", b =>
{
b.Property<int>("IdUser")
@ -2535,6 +2535,25 @@ namespace AsbCloudDb.Migrations
b.Navigation("Well");
});
modelBuilder.Entity("AsbCloudDb.Model.Permission", b =>
{
b.HasOne("AsbCloudDb.Model.PermissionInfo", "PermissionInfo")
.WithMany("RelationUserRolesPermissions")
.HasForeignKey("IdPermission")
.OnDelete(DeleteBehavior.Cascade)
.IsRequired();
b.HasOne("AsbCloudDb.Model.UserRole", "UserRole")
.WithMany("RelationUserRolesPermissions")
.HasForeignKey("IdRole")
.OnDelete(DeleteBehavior.Cascade)
.IsRequired();
b.Navigation("PermissionInfo");
b.Navigation("UserRole");
});
modelBuilder.Entity("AsbCloudDb.Model.RelationCompanyWell", b =>
{
b.HasOne("AsbCloudDb.Model.Company", "Company")
@ -2556,25 +2575,6 @@ namespace AsbCloudDb.Migrations
b.Navigation("Well");
});
modelBuilder.Entity("AsbCloudDb.Model.RelationRolePermission", b =>
{
b.HasOne("AsbCloudDb.Model.Permission", "Permission")
.WithMany("RelationUserRolesPermissions")
.HasForeignKey("IdPermission")
.OnDelete(DeleteBehavior.Cascade)
.IsRequired();
b.HasOne("AsbCloudDb.Model.UserRole", "UserRole")
.WithMany("RelationUserRolesPermissions")
.HasForeignKey("IdRole")
.OnDelete(DeleteBehavior.Cascade)
.IsRequired();
b.Navigation("Permission");
b.Navigation("UserRole");
});
modelBuilder.Entity("AsbCloudDb.Model.RelationUserUserRole", b =>
{
b.HasOne("AsbCloudDb.Model.User", "User")
@ -2818,7 +2818,7 @@ namespace AsbCloudDb.Migrations
b.Navigation("Measures");
});
modelBuilder.Entity("AsbCloudDb.Model.Permission", b =>
modelBuilder.Entity("AsbCloudDb.Model.PermissionInfo", b =>
{
b.Navigation("RelationUserRolesPermissions");
});

View File

@ -39,8 +39,8 @@ namespace AsbCloudDb.Model
public virtual DbSet<DrillParams> DrillParams { get; set; }
public virtual DbSet<DrillFlowChart> DrillFlowChart { get; set; }
public virtual DbSet<RelationUserUserRole> RelationUserUserRoles { get; set; }
public virtual DbSet<RelationRolePermission> RelationUserRolesPermissions { get; set; }
public virtual DbSet<Permission> Permissions { get; set; }
public virtual DbSet<Permission> RelationUserRolesPermissions { get; set; }
public virtual DbSet<PermissionInfo> Permissions { get; set; }
//var options = new DbContextOptionsBuilder<AsbCloudDbContext>()
// .UseNpgsql("Host=localhost;Database=postgres;Username=postgres;Password=q;Persist Security Info=True")
@ -253,7 +253,7 @@ namespace AsbCloudDb.Model
entity.HasKey(e => new { e.IdUser, e.IdUserRole });
});
modelBuilder.Entity<RelationRolePermission>(entity =>
modelBuilder.Entity<Permission>(entity =>
{
entity.HasKey(e => new { e.IdRole, e.IdPermission });
});

View File

@ -37,8 +37,8 @@ namespace AsbCloudDb.Model
DbSet<DrillParams> DrillParams { get; set; }
DbSet<DrillFlowChart> DrillFlowChart { get; set; }
DbSet<RelationUserUserRole> RelationUserUserRoles { get; set; }
DbSet<RelationRolePermission> RelationUserRolesPermissions { get; set; }
DbSet<Permission> Permissions { get; set; }
DbSet<Permission> RelationUserRolesPermissions { get; set; }
DbSet<PermissionInfo> Permissions { get; set; }
DatabaseFacade Database { get; }

View File

@ -1,29 +1,27 @@
using Microsoft.EntityFrameworkCore;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.ComponentModel.DataAnnotations.Schema;
using System.ComponentModel.DataAnnotations;
namespace AsbCloudDb.Model
{
[Table("t_permission"), Comment("Разрешения на доступ к данным")]
[Table("t_permission"), Comment("Отношение ролей пользователей и разрешений доступа")]
public class Permission
{
[Key]
[Column("id")]
public int Id { get; set; }
[Column("id_user_role")]
public int IdRole { get; set; }
[Column("id_permission")]
public int IdPermission { get; set; }
[Column("name"), Comment("Название")]
[StringLength(255)]
public string Name { get; set; }
[Column("description"), Comment("Краткое описание")]
[StringLength(255)]
public string Description { get; set; }
[Column("bit_description", TypeName = "jsonb"), Comment("Описание каждого бита разрешений")]
public string BitDescription { get; set; }
[InverseProperty(nameof(RelationRolePermission.Permission))]
public virtual ICollection<RelationRolePermission> RelationUserRolesPermissions { get; set; }
[Column("permission_value")]
public int PermissionValue { get; set; }
[ForeignKey(nameof(IdRole))]
[InverseProperty(nameof(Model.UserRole.Permissions))]
public virtual UserRole UserRole { get; set; }
[ForeignKey(nameof(IdPermission))]
[InverseProperty(nameof(Model.PermissionInfo.Permissions))]
public virtual PermissionInfo PermissionInfo { get; set; }
}
}

View File

@ -0,0 +1,29 @@
using Microsoft.EntityFrameworkCore;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.ComponentModel.DataAnnotations.Schema;
namespace AsbCloudDb.Model
{
[Table("t_permission_info"), Comment("Разрешения на доступ к данным")]
public class PermissionInfo
{
[Key]
[Column("id")]
public int Id { get; set; }
[Column("name"), Comment("Название")]
[StringLength(255)]
public string Name { get; set; }
[Column("description"), Comment("Краткое описание")]
[StringLength(255)]
public string Description { get; set; }
[Column("bit_description", TypeName = "jsonb"), Comment("Описание каждого бита разрешений")]
public IDictionary<int, string> BitDescription { get; set; }
[InverseProperty(nameof(Permission.PermissionInfo))]
public virtual ICollection<Permission> Permissions { get; set; }
}
}

View File

@ -1,27 +0,0 @@
using Microsoft.EntityFrameworkCore;
using System.ComponentModel.DataAnnotations.Schema;
using System.ComponentModel.DataAnnotations;
namespace AsbCloudDb.Model
{
[Table("t_relation_user_role_permission"), Comment("Отношение ролей пользователей и разрешений доступа")]
public class RelationRolePermission
{
[Column("id_user_role")]
public int IdRole { get; set; }
[Column("id_permission")]
public int IdPermission { get; set; }
[Column("permission_value")]
public int PermissionValue { get; set; }
[ForeignKey(nameof(IdRole))]
[InverseProperty(nameof(Model.UserRole.RelationUserRolesPermissions))]
public virtual UserRole UserRole { get; set; }
[ForeignKey(nameof(IdPermission))]
[InverseProperty(nameof(Model.Permission.RelationUserRolesPermissions))]
public virtual Permission Permission { get; set; }
}
}

View File

@ -27,7 +27,7 @@ namespace AsbCloudDb.Model
[InverseProperty(nameof(RelationUserUserRole.UserRole))]
public virtual ICollection<RelationUserUserRole> RelationUsersUserRoles { get; set; }
[InverseProperty(nameof(RelationRolePermission.UserRole))]
public virtual ICollection<RelationRolePermission> RelationUserRolesPermissions { get; set; }
[InverseProperty(nameof(Permission.UserRole))]
public virtual ICollection<Permission> Permissions { get; set; }
}
}

View File

@ -170,30 +170,30 @@ namespace AsbCloudDevOperations
);
demoContext.Permissions.AddRange(
new Permission()
new PermissionInfo()
{
Id = 1,
Name = "test permission",
Description = "some description",
BitDescription = "{\"0\": \"some zero bit description\"}"
BitDescription = new Dictionary<int, string>() {{0, "some zero bit description"}}
},
new Permission()
new PermissionInfo()
{
Id = 2,
Name = "second test permission",
Description = "some second description",
BitDescription = "{\"1\": \"some first bit description\"}"
BitDescription = new Dictionary<int, string>() {{1, "some first bit description"}}
}
);
demoContext.RelationUserRolesPermissions.AddRange(
new RelationRolePermission()
new Permission()
{
IdRole = 2,
IdPermission = 1,
PermissionValue = 143
},
new RelationRolePermission()
new Permission()
{
IdRole = 2,
IdPermission = 2,

View File

@ -21,8 +21,8 @@ namespace AsbCloudInfrastructure.Services
private readonly IAsbCloudDbContext db;
private readonly CacheTable<UserRole> cacheUserRoles;
private readonly CacheTable<RelationUserUserRole> cacheUsersUserRoles;
private readonly CacheTable<Permission> cachePermissions;
private readonly CacheTable<RelationRolePermission> cacheUserRolesPermissions;
private readonly CacheTable<PermissionInfo> cachePermissions;
private readonly CacheTable<Permission> cacheUserRolesPermissions;
public const string issuer = "a";
public const string audience = "a";
@ -42,8 +42,8 @@ namespace AsbCloudInfrastructure.Services
this.db = db;
cacheUserRoles = cacheDb.GetCachedTable<UserRole>((AsbCloudDbContext)db);
cacheUsersUserRoles = cacheDb.GetCachedTable<RelationUserUserRole>((AsbCloudDbContext)db);
cachePermissions = cacheDb.GetCachedTable<Permission>((AsbCloudDbContext)db);
cacheUserRolesPermissions = cacheDb.GetCachedTable<RelationRolePermission>((AsbCloudDbContext)db);
cachePermissions = cacheDb.GetCachedTable<PermissionInfo>((AsbCloudDbContext)db);
cacheUserRolesPermissions = cacheDb.GetCachedTable<Permission>((AsbCloudDbContext)db);
hashAlgoritm = SHA384.Create();
rnd = new Random((int)(DateTime.Now.Ticks % 2147480161));
}
@ -223,8 +223,6 @@ namespace AsbCloudInfrastructure.Services
new Claim(ClaimsIdentity.DefaultNameClaimType, user.Login),
new Claim(claimNameidCompany, user.IdCompany.ToString()),
};
claims.AddRange(userRolesNames.Select(roleName => new Claim(ClaimsIdentity.DefaultRoleClaimType, roleName)));
var claimsIdentity = new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
return (claimsIdentity, user);

View File

@ -13,16 +13,16 @@ namespace AsbCloudInfrastructure.Services
public class UserRoleService : CrudServiceBase<UserRoleDto, UserRole>
{
private readonly CacheTable<UserRole> cacheUserRoles;
private readonly CacheTable<Permission> cachePermissions;
private readonly CacheTable<RelationRolePermission> cacheUserRolesPermissions;
private readonly CacheTable<PermissionInfo> cachePermissions;
private readonly CacheTable<Permission> cacheUserRolesPermissions;
private int counter = 0;
public UserRoleService(IAsbCloudDbContext context, CacheDb cacheDb) : base(context)
{
cacheUserRoles = cacheDb.GetCachedTable<UserRole>((AsbCloudDbContext)context);
cachePermissions = cacheDb.GetCachedTable<Permission>((AsbCloudDbContext)context);
cachePermissions = cacheDb.GetCachedTable<PermissionInfo>((AsbCloudDbContext)context);
cacheUserRolesPermissions =
cacheDb.GetCachedTable<RelationRolePermission>((AsbCloudDbContext)context);
cacheDb.GetCachedTable<Permission>((AsbCloudDbContext)context);
}
public override async Task<PaginationContainer<UserRoleDto>> GetPageAsync(int skip = 0,
@ -47,7 +47,7 @@ namespace AsbCloudInfrastructure.Services
public override async Task<int> InsertAsync(UserRoleDto dto, CancellationToken token = default)
{
dto.PermissionIds = GetAncestorsPermissionIds(dto, ref counter);
dto.PermissionIds = GetAncestorsPermissionIds(dto.Id, dto.PermissionIds, dto.IdParent, ref counter);
var newRoleId = await base.InsertAsync(dto, token);
@ -56,7 +56,7 @@ namespace AsbCloudInfrastructure.Services
foreach (var pId in dto.PermissionIds)
{
var relation = new RelationRolePermission()
var relation = new Permission()
{
IdRole = newRoleId,
IdPermission = pId
@ -78,7 +78,7 @@ namespace AsbCloudInfrastructure.Services
await cacheUserRolesPermissions.RemoveAsync(r => r.IdRole == item.Id, token)
.ConfigureAwait(false);
var newRelations = item.PermissionIds.Select(p => new RelationRolePermission()
var newRelations = item.PermissionIds.Select(p => new Permission()
{
IdRole = item.Id,
IdPermission = p
@ -98,29 +98,30 @@ namespace AsbCloudInfrastructure.Services
return roleDto;
}
private IEnumerable<int> GetAncestorsPermissionIds(UserRoleDto userRoleDto, ref int counter)
private IEnumerable<int> GetAncestorsPermissionIds(int idRole, IEnumerable<int> currentPermissionsIds,
int? idParent, ref int counter)
{
var idParent = userRoleDto.IdParent;
var resultPermissionsIds = userRoleDto.PermissionIds ?? new List<int>();
//var currentPermissionsIds = userRoleDto.PermissionIds ?? new List<int>();
if (idParent == default)
return resultPermissionsIds;
return currentPermissionsIds;
if (counter > 10)
{
Trace.WriteLine($"User role with id: {userRoleDto.Id} has more than 10 nested parents");
return resultPermissionsIds;
Trace.WriteLine($"User role with id: {idRole} has more than 10 nested parents");
return currentPermissionsIds;
}
var parentRole = cacheUserRoles.FirstOrDefault(r => r.Id == idParent)
.Adapt<UserRoleDto>();
var parentRolePermissionsIds = cacheUserRolesPermissions.Where(p =>
p.IdRole == parentRole.Id).Select(perm => perm.IdPermission);
parentRole.PermissionIds = resultPermissionsIds.Union(parentRolePermissionsIds);
var resultPermissions = currentPermissionsIds.Union(parentRolePermissionsIds);
counter++;
return GetAncestorsPermissionIds(parentRole, ref counter);
return GetAncestorsPermissionIds(parentRole.Id, resultPermissions,
parentRole.IdParent, ref counter);
}
}
}