From f81dcf2a46dfef076cb98ca67c8dd6290d68fdcb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=A4=D1=80=D0=BE=D0=BB=D0=BE=D0=B2?=
 <nikita.grigorevich@gmail.com>
Date: Thu, 13 Jan 2022 17:08:07 +0500
Subject: [PATCH] PermissionsMiddlware Add auto generate permissionsName

---
 AsbCloudApp/Data/UserRoleDto.cs               |  2 -
 .../Middlewares/PermissionsMiddlware.cs       | 27 +++++++---
 AsbCloudWebApi/PermissionAttribute.cs         | 52 ++++---------------
 3 files changed, 28 insertions(+), 53 deletions(-)

diff --git a/AsbCloudApp/Data/UserRoleDto.cs b/AsbCloudApp/Data/UserRoleDto.cs
index 02ddd6d8..b7a06039 100644
--- a/AsbCloudApp/Data/UserRoleDto.cs
+++ b/AsbCloudApp/Data/UserRoleDto.cs
@@ -9,8 +9,6 @@ namespace AsbCloudApp.Data
         public string Caption { get; set; }
         public int IdType { get; set; }
         public IEnumerable<PermissionDto> Permissions { get; set; }
-
-        [JsonIgnore]
         public virtual ICollection<UserRoleDto> Roles { get; set; }
         
         [JsonIgnore]
diff --git a/AsbCloudWebApi/Middlewares/PermissionsMiddlware.cs b/AsbCloudWebApi/Middlewares/PermissionsMiddlware.cs
index 2644c2da..67694436 100644
--- a/AsbCloudWebApi/Middlewares/PermissionsMiddlware.cs
+++ b/AsbCloudWebApi/Middlewares/PermissionsMiddlware.cs
@@ -1,11 +1,7 @@
 using AsbCloudApp.Services;
 using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.DependencyInjection;
-using System;
-using System.Collections.Generic;
-using System.Linq;
 using System.Threading.Tasks;
 
 namespace AsbCloudWebApi.Middlewares
@@ -38,11 +34,26 @@ namespace AsbCloudWebApi.Middlewares
 
             var permissionName = permission.Name;
             if (string.IsNullOrEmpty(permissionName))
-                permissionName = endpoint.Metadata
+            {
+                var controller = endpoint.Metadata
                     .GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
-                    ?.ControllerName
-                    .ToLower();
-            
+                    ?.ControllerName;
+
+                var httpMethod = endpoint.Metadata
+                    .GetMetadata<Microsoft.AspNetCore.Routing.HttpMethodMetadata>()
+                    .HttpMethods[0];
+                permissionName = $"{controller}.{httpMethod.ToLower()}";
+                PermissionAttribute.Registered.Add(permissionName);
+            }
+            else if(permissionName.Contains("[controller]"))
+            {
+                var controller = endpoint.Metadata
+                    .GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
+                    ?.ControllerName;
+                permissionName = permissionName.Replace("[controller]", controller);
+                PermissionAttribute.Registered.Add(permissionName);
+            }
+
             var userService = context.RequestServices.GetRequiredService<IUserService>();
             var isAuthorized = userService.HasPermission((int)idUser, permissionName);
 
diff --git a/AsbCloudWebApi/PermissionAttribute.cs b/AsbCloudWebApi/PermissionAttribute.cs
index 97eaddb5..7eeff776 100644
--- a/AsbCloudWebApi/PermissionAttribute.cs
+++ b/AsbCloudWebApi/PermissionAttribute.cs
@@ -3,46 +3,6 @@ using System.Collections.Generic;
 
 namespace AsbCloudWebApi
 {
-    public static class CommonMasks
-    {
-        public const int Get = 1;
-        public const int Edit = 1 << 1;
-        public const int Delete = 1 << 15;
-        public const int Any = -1;
-        public const int Bit_00 = 1;
-        public const int Bit_01 = 1 << 1;
-        public const int Bit_02 = 1 << 2;
-        public const int Bit_03 = 1 << 3;
-        public const int Bit_04 = 1 << 4;
-        public const int Bit_05 = 1 << 5;
-        public const int Bit_06 = 1 << 6;
-        public const int Bit_07 = 1 << 7;
-        public const int Bit_08 = 1 << 8;
-        public const int Bit_09 = 1 << 9;
-        public const int Bit_10 = 1 << 10;
-        public const int Bit_11 = 1 << 11;
-        public const int Bit_12 = 1 << 12;
-        public const int Bit_13 = 1 << 13;
-        public const int Bit_14 = 1 << 14;
-        public const int Bit_15 = 1 << 15;
-        public const int Bit_16 = 1 << 16;
-        public const int Bit_17 = 1 << 17;
-        public const int Bit_18 = 1 << 18;
-        public const int Bit_19 = 1 << 19;
-        public const int Bit_20 = 1 << 20;
-        public const int Bit_21 = 1 << 21;
-        public const int Bit_22 = 1 << 22;
-        public const int Bit_23 = 1 << 23;
-        public const int Bit_24 = 1 << 24;
-        public const int Bit_25 = 1 << 25;
-        public const int Bit_26 = 1 << 26;
-        public const int Bit_27 = 1 << 27;
-        public const int Bit_28 = 1 << 28;
-        public const int Bit_29 = 1 << 29;
-        public const int Bit_30 = 1 << 30;
-        public const int Bit_31 = 1 << 31;
-    }
-
     [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
     public class PermissionAttribute : Attribute
     {
@@ -51,10 +11,16 @@ namespace AsbCloudWebApi
         public string Name { get; set; }
 
         /// <summary>
-        /// Проверка наличия у пользователя разрешения.
+        /// Проверка наличия у пользователя разрешения с именем "{ControllerName}.{http_method}".
+        /// Пример автоматической генерации имени: "Message.get", где "Message" - имя контроллера MessageController.
         /// </summary>
-        /// <param name="name">Имя разрешения (default = controllerName)</param>
-        public PermissionAttribute(string name = default)
+        public PermissionAttribute() { }
+
+        /// <summary>
+        /// Проверка наличия у пользователя указанного разрешения.
+        /// </summary>
+        /// <param name="name">Имя разрешения (default = ControllerName.http_method)</param>
+        public PermissionAttribute(string name)
         {
             Name = name;
             Registered.Add(name);