cKey
4 years ago
44 changed files with 692 additions and 25 deletions
@ -0,0 +1,3 @@ |
|||
<Weavers xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="FodyWeavers.xsd"> |
|||
<ConfigureAwait ContinueOnCapturedContext="false" /> |
|||
</Weavers> |
|||
@ -0,0 +1,30 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> |
|||
<!-- This file was generated by Fody. Manual changes to this file will be lost when your project is rebuilt. --> |
|||
<xs:element name="Weavers"> |
|||
<xs:complexType> |
|||
<xs:all> |
|||
<xs:element name="ConfigureAwait" minOccurs="0" maxOccurs="1"> |
|||
<xs:complexType> |
|||
<xs:attribute name="ContinueOnCapturedContext" type="xs:boolean" /> |
|||
</xs:complexType> |
|||
</xs:element> |
|||
</xs:all> |
|||
<xs:attribute name="VerifyAssembly" type="xs:boolean"> |
|||
<xs:annotation> |
|||
<xs:documentation>'true' to run assembly verification (PEVerify) on the target assembly after all weavers have been executed.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
<xs:attribute name="VerifyIgnoreCodes" type="xs:string"> |
|||
<xs:annotation> |
|||
<xs:documentation>A comma-separated list of error codes that can be safely ignored in assembly verification.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
<xs:attribute name="GenerateXsd" type="xs:boolean"> |
|||
<xs:annotation> |
|||
<xs:documentation>'false' to turn off automatic generation of the XML Schema file.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
</xs:complexType> |
|||
</xs:element> |
|||
</xs:schema> |
|||
@ -0,0 +1,15 @@ |
|||
<Project Sdk="Microsoft.NET.Sdk"> |
|||
|
|||
<Import Project="..\..\..\configureawait.props" /> |
|||
<Import Project="..\..\..\common.props" /> |
|||
|
|||
<PropertyGroup> |
|||
<TargetFramework>netstandard2.0</TargetFramework> |
|||
<RootNamespace /> |
|||
</PropertyGroup> |
|||
|
|||
<ItemGroup> |
|||
<PackageReference Include="Volo.Abp.Authorization" Version="$(VoloAbpPackageVersion)" /> |
|||
</ItemGroup> |
|||
|
|||
</Project> |
|||
@ -0,0 +1,18 @@ |
|||
using LINGYUN.Abp.Authorization.Permissions; |
|||
using Volo.Abp.Authorization; |
|||
using Volo.Abp.Authorization.Permissions; |
|||
using Volo.Abp.Modularity; |
|||
|
|||
namespace LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
|
|||
[DependsOn(typeof(AbpAuthorizationModule))] |
|||
public class AbpAuthorizationOrganizationUnitsModule : AbpModule |
|||
{ |
|||
public override void ConfigureServices(ServiceConfigurationContext context) |
|||
{ |
|||
Configure<AbpPermissionOptions>(options => |
|||
{ |
|||
options.ValueProviders.Add<OrganizationUnitPermissionValueProvider>(); |
|||
}); |
|||
} |
|||
} |
|||
@ -0,0 +1,6 @@ |
|||
namespace LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
|
|||
public static class AbpOrganizationUnitClaimTypes |
|||
{ |
|||
public static string OrganizationUnit { get; set; } = "organization_unit"; |
|||
} |
|||
@ -0,0 +1,82 @@ |
|||
using LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Threading.Tasks; |
|||
using Volo.Abp; |
|||
using Volo.Abp.Authorization.Permissions; |
|||
|
|||
namespace LINGYUN.Abp.Authorization.Permissions; |
|||
|
|||
public class OrganizationUnitPermissionValueProvider : PermissionValueProvider |
|||
{ |
|||
public const string ProviderName = "O"; |
|||
|
|||
public override string Name => ProviderName; |
|||
|
|||
public OrganizationUnitPermissionValueProvider( |
|||
IPermissionStore permissionStore) |
|||
: base(permissionStore) |
|||
{ |
|||
} |
|||
|
|||
public async override Task<PermissionGrantResult> CheckAsync(PermissionValueCheckContext context) |
|||
{ |
|||
var organizationUnits = context.Principal?.FindAll(AbpOrganizationUnitClaimTypes.OrganizationUnit).Select(c => c.Value).ToArray(); |
|||
|
|||
if (organizationUnits == null || !organizationUnits.Any()) |
|||
{ |
|||
return PermissionGrantResult.Undefined; |
|||
} |
|||
|
|||
foreach (var organizationUnit in organizationUnits.Distinct()) |
|||
{ |
|||
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, organizationUnit)) |
|||
{ |
|||
return PermissionGrantResult.Granted; |
|||
} |
|||
} |
|||
|
|||
return PermissionGrantResult.Undefined; |
|||
} |
|||
|
|||
public async override Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context) |
|||
{ |
|||
var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToList(); |
|||
Check.NotNullOrEmpty(permissionNames, nameof(permissionNames)); |
|||
|
|||
var result = new MultiplePermissionGrantResult(permissionNames.ToArray()); |
|||
|
|||
var organizationUnits = context.Principal?.FindAll(AbpOrganizationUnitClaimTypes.OrganizationUnit).Select(c => c.Value).ToArray(); |
|||
if (organizationUnits == null || !organizationUnits.Any()) |
|||
{ |
|||
return result; |
|||
} |
|||
|
|||
foreach (var organizationUnit in organizationUnits.Distinct()) |
|||
{ |
|||
var multipleResult = await PermissionStore.IsGrantedAsync(permissionNames.ToArray(), Name, organizationUnit); |
|||
|
|||
foreach (var grantResult in multipleResult.Result.Where(grantResult => |
|||
result.Result.ContainsKey(grantResult.Key) && |
|||
result.Result[grantResult.Key] == PermissionGrantResult.Undefined && |
|||
grantResult.Value != PermissionGrantResult.Undefined)) |
|||
{ |
|||
result.Result[grantResult.Key] = grantResult.Value; |
|||
permissionNames.RemoveAll(x => x == grantResult.Key); |
|||
} |
|||
|
|||
if (result.AllGranted || result.AllProhibited) |
|||
{ |
|||
break; |
|||
} |
|||
|
|||
if (permissionNames.IsNullOrEmpty()) |
|||
{ |
|||
break; |
|||
} |
|||
} |
|||
|
|||
return result; |
|||
} |
|||
} |
|||
@ -0,0 +1,34 @@ |
|||
using JetBrains.Annotations; |
|||
using LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Security.Claims; |
|||
using Volo.Abp; |
|||
|
|||
namespace System.Security.Principal; |
|||
|
|||
public static class AbpClaimOrganizationUnitsExtensions |
|||
{ |
|||
public static Guid[] FindOrganizationUnits([NotNull] this ClaimsPrincipal principal) |
|||
{ |
|||
Check.NotNull(principal, nameof(principal)); |
|||
|
|||
var userOusOrNull = principal.Claims?.Where(c => c.Type == AbpOrganizationUnitClaimTypes.OrganizationUnit); |
|||
if (userOusOrNull == null || !userOusOrNull.Any()) |
|||
{ |
|||
return new Guid[0]; |
|||
} |
|||
|
|||
var userOus = new List<Guid>(); |
|||
|
|||
foreach (var userOusClaim in userOusOrNull) |
|||
{ |
|||
if (Guid.TryParse(userOusClaim.Value, out var guid)) |
|||
{ |
|||
userOus.Add(guid); |
|||
} |
|||
} |
|||
|
|||
return userOus.ToArray(); |
|||
} |
|||
} |
|||
@ -0,0 +1,30 @@ |
|||
using JetBrains.Annotations; |
|||
using LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
using System; |
|||
using System.Collections.Generic; |
|||
|
|||
namespace Volo.Abp.Users; |
|||
|
|||
public static class CurrentUserOrganizationUnitsExtensions |
|||
{ |
|||
public static Guid[] FindOrganizationUnits([NotNull] this ICurrentUser currentUser) |
|||
{ |
|||
var organizationUnits = currentUser.FindClaims(AbpOrganizationUnitClaimTypes.OrganizationUnit); |
|||
if (organizationUnits.IsNullOrEmpty()) |
|||
{ |
|||
return new Guid[0]; |
|||
} |
|||
|
|||
var userOus = new List<Guid>(); |
|||
|
|||
foreach (var userOusClaim in organizationUnits) |
|||
{ |
|||
if (Guid.TryParse(userOusClaim.Value, out var guid)) |
|||
{ |
|||
userOus.Add(guid); |
|||
} |
|||
} |
|||
|
|||
return userOus.ToArray(); |
|||
} |
|||
} |
|||
@ -0,0 +1,3 @@ |
|||
<Weavers xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="FodyWeavers.xsd"> |
|||
<ConfigureAwait ContinueOnCapturedContext="false" /> |
|||
</Weavers> |
|||
@ -0,0 +1,30 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> |
|||
<!-- This file was generated by Fody. Manual changes to this file will be lost when your project is rebuilt. --> |
|||
<xs:element name="Weavers"> |
|||
<xs:complexType> |
|||
<xs:all> |
|||
<xs:element name="ConfigureAwait" minOccurs="0" maxOccurs="1"> |
|||
<xs:complexType> |
|||
<xs:attribute name="ContinueOnCapturedContext" type="xs:boolean" /> |
|||
</xs:complexType> |
|||
</xs:element> |
|||
</xs:all> |
|||
<xs:attribute name="VerifyAssembly" type="xs:boolean"> |
|||
<xs:annotation> |
|||
<xs:documentation>'true' to run assembly verification (PEVerify) on the target assembly after all weavers have been executed.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
<xs:attribute name="VerifyIgnoreCodes" type="xs:string"> |
|||
<xs:annotation> |
|||
<xs:documentation>A comma-separated list of error codes that can be safely ignored in assembly verification.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
<xs:attribute name="GenerateXsd" type="xs:boolean"> |
|||
<xs:annotation> |
|||
<xs:documentation>'false' to turn off automatic generation of the XML Schema file.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
</xs:complexType> |
|||
</xs:element> |
|||
</xs:schema> |
|||
@ -0,0 +1,16 @@ |
|||
<Project Sdk="Microsoft.NET.Sdk"> |
|||
|
|||
<Import Project="..\..\..\configureawait.props" /> |
|||
<Import Project="..\..\..\common.props" /> |
|||
|
|||
<PropertyGroup> |
|||
<TargetFramework>netstandard2.0</TargetFramework> |
|||
<RootNamespace /> |
|||
</PropertyGroup> |
|||
|
|||
<ItemGroup> |
|||
<ProjectReference Include="..\..\identity\LINGYUN.Abp.Identity.Domain\LINGYUN.Abp.Identity.Domain.csproj" /> |
|||
<ProjectReference Include="..\LINGYUN.Abp.Authorization.OrganizationUnits\LINGYUN.Abp.Authorization.OrganizationUnits.csproj" /> |
|||
</ItemGroup> |
|||
|
|||
</Project> |
|||
@ -0,0 +1,11 @@ |
|||
using LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
using Volo.Abp.Modularity; |
|||
|
|||
namespace LINGYUN.Abp.Identity.OrganizaztionUnits; |
|||
|
|||
[DependsOn(typeof(AbpIdentityDomainModule))] |
|||
[DependsOn(typeof(AbpAuthorizationOrganizationUnitsModule))] |
|||
public class AbpIdentityOrganizaztionUnitsModule : AbpModule |
|||
{ |
|||
|
|||
} |
|||
@ -0,0 +1,57 @@ |
|||
using LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
using System.Linq; |
|||
using System.Security.Claims; |
|||
using System.Security.Principal; |
|||
using System.Threading.Tasks; |
|||
using Volo.Abp.DependencyInjection; |
|||
using Volo.Abp.Security.Claims; |
|||
|
|||
namespace LINGYUN.Abp.Identity.OrganizationUnits; |
|||
|
|||
public class OrganizationUnitClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency |
|||
{ |
|||
// https://github.com/dotnet/aspnetcore/blob/v5.0.0/src/Identity/Extensions.Core/src/UserClaimsPrincipalFactory.cs#L79
|
|||
private static string IdentityAuthenticationType => "Identity.Application"; |
|||
|
|||
private readonly IIdentityUserRepository _identityUserRepository; |
|||
private readonly IIdentityRoleRepository _identityRoleRepository; |
|||
|
|||
public OrganizationUnitClaimsPrincipalContributor( |
|||
IIdentityUserRepository identityUserRepository, |
|||
IIdentityRoleRepository identityRoleRepository) |
|||
{ |
|||
_identityUserRepository = identityUserRepository; |
|||
_identityRoleRepository = identityRoleRepository; |
|||
} |
|||
|
|||
public async virtual Task ContributeAsync(AbpClaimsPrincipalContributorContext context) |
|||
{ |
|||
var claimsIdentity = context.ClaimsPrincipal.Identities.First(x => x.AuthenticationType == IdentityAuthenticationType); |
|||
|
|||
var userId = claimsIdentity.FindUserId(); |
|||
if (!userId.HasValue) |
|||
{ |
|||
return; |
|||
} |
|||
|
|||
var userOus = await _identityUserRepository.GetOrganizationUnitsAsync(userId.Value); |
|||
|
|||
foreach (var userOu in userOus) |
|||
{ |
|||
claimsIdentity.AddClaim(new Claim(AbpOrganizationUnitClaimTypes.OrganizationUnit, userOu.Id.ToString())); |
|||
} |
|||
|
|||
var userRoles = claimsIdentity |
|||
.FindAll(x => x.Type == AbpClaimTypes.Role) |
|||
.Select(x => x.Value) |
|||
.Distinct(); |
|||
|
|||
var roleOus = await _identityRoleRepository.GetOrganizationUnitsAsync(userRoles); |
|||
foreach (var roleOu in roleOus) |
|||
{ |
|||
claimsIdentity.AddClaim(new Claim(AbpOrganizationUnitClaimTypes.OrganizationUnit, roleOu.Id.ToString())); |
|||
} |
|||
|
|||
context.ClaimsPrincipal.AddIdentityIfNotContains(claimsIdentity); |
|||
} |
|||
} |
|||
@ -0,0 +1,3 @@ |
|||
<Weavers xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="FodyWeavers.xsd"> |
|||
<ConfigureAwait ContinueOnCapturedContext="false" /> |
|||
</Weavers> |
|||
@ -0,0 +1,30 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> |
|||
<!-- This file was generated by Fody. Manual changes to this file will be lost when your project is rebuilt. --> |
|||
<xs:element name="Weavers"> |
|||
<xs:complexType> |
|||
<xs:all> |
|||
<xs:element name="ConfigureAwait" minOccurs="0" maxOccurs="1"> |
|||
<xs:complexType> |
|||
<xs:attribute name="ContinueOnCapturedContext" type="xs:boolean" /> |
|||
</xs:complexType> |
|||
</xs:element> |
|||
</xs:all> |
|||
<xs:attribute name="VerifyAssembly" type="xs:boolean"> |
|||
<xs:annotation> |
|||
<xs:documentation>'true' to run assembly verification (PEVerify) on the target assembly after all weavers have been executed.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
<xs:attribute name="VerifyIgnoreCodes" type="xs:string"> |
|||
<xs:annotation> |
|||
<xs:documentation>A comma-separated list of error codes that can be safely ignored in assembly verification.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
<xs:attribute name="GenerateXsd" type="xs:boolean"> |
|||
<xs:annotation> |
|||
<xs:documentation>'false' to turn off automatic generation of the XML Schema file.</xs:documentation> |
|||
</xs:annotation> |
|||
</xs:attribute> |
|||
</xs:complexType> |
|||
</xs:element> |
|||
</xs:schema> |
|||
@ -0,0 +1,20 @@ |
|||
<Project Sdk="Microsoft.NET.Sdk"> |
|||
|
|||
<Import Project="..\..\..\configureawait.props" /> |
|||
<Import Project="..\..\..\common.props" /> |
|||
|
|||
<PropertyGroup> |
|||
<TargetFramework>netstandard2.0</TargetFramework> |
|||
<RootNamespace /> |
|||
</PropertyGroup> |
|||
|
|||
<ItemGroup> |
|||
<PackageReference Include="Volo.Abp.PermissionManagement.Domain" Version="$(VoloAbpPackageVersion)" /> |
|||
</ItemGroup> |
|||
|
|||
<ItemGroup> |
|||
<ProjectReference Include="..\..\authorization\LINGYUN.Abp.Authorization.OrganizationUnits\LINGYUN.Abp.Authorization.OrganizationUnits.csproj" /> |
|||
<ProjectReference Include="..\..\identity\LINGYUN.Abp.Identity.Domain\LINGYUN.Abp.Identity.Domain.csproj" /> |
|||
</ItemGroup> |
|||
|
|||
</Project> |
|||
@ -0,0 +1,25 @@ |
|||
using LINGYUN.Abp.Authorization.OrganizationUnits; |
|||
using LINGYUN.Abp.Authorization.Permissions; |
|||
using LINGYUN.Abp.Identity; |
|||
using Volo.Abp.Modularity; |
|||
using Volo.Abp.PermissionManagement; |
|||
|
|||
namespace LINGYUN.Abp.PermissionManagement.OrganizationUnits; |
|||
|
|||
[DependsOn( |
|||
typeof(AbpIdentityDomainModule), |
|||
typeof(AbpPermissionManagementDomainModule), |
|||
typeof(AbpAuthorizationOrganizationUnitsModule) |
|||
)] |
|||
public class AbpPermissionManagementDomainOrganizationUnitsModule : AbpModule |
|||
{ |
|||
public override void ConfigureServices(ServiceConfigurationContext context) |
|||
{ |
|||
Configure<PermissionManagementOptions>(options => |
|||
{ |
|||
options.ManagementProviders.Add<OrganizationUnitPermissionManagementProvider>(); |
|||
|
|||
options.ProviderPolicies[OrganizationUnitPermissionValueProvider.ProviderName] = "AbpIdentity.OrganizationUnits.ManagePermissions"; |
|||
}); |
|||
} |
|||
} |
|||
@ -0,0 +1,26 @@ |
|||
using LINGYUN.Abp.Authorization.Permissions; |
|||
using System.Threading.Tasks; |
|||
using Volo.Abp.DependencyInjection; |
|||
using Volo.Abp.Domain.Entities.Events.Distributed; |
|||
using Volo.Abp.EventBus.Distributed; |
|||
using Volo.Abp.Identity; |
|||
using Volo.Abp.PermissionManagement; |
|||
|
|||
namespace LINGYUN.Abp.PermissionManagement.OrganizationUnits; |
|||
|
|||
public class OrganizationUnitDeletedEventHandler : |
|||
IDistributedEventHandler<EntityDeletedEto<OrganizationUnitEto>>, |
|||
ITransientDependency |
|||
{ |
|||
protected IPermissionManager PermissionManager { get; } |
|||
|
|||
public OrganizationUnitDeletedEventHandler(IPermissionManager permissionManager) |
|||
{ |
|||
PermissionManager = permissionManager; |
|||
} |
|||
|
|||
public async Task HandleEventAsync(EntityDeletedEto<OrganizationUnitEto> eventData) |
|||
{ |
|||
await PermissionManager.DeleteAsync(OrganizationUnitPermissionValueProvider.ProviderName, eventData.Entity.Id.ToString()); |
|||
} |
|||
} |
|||
@ -0,0 +1,96 @@ |
|||
using LINGYUN.Abp.Authorization.Permissions; |
|||
using LINGYUN.Abp.Identity; |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Threading.Tasks; |
|||
using Volo.Abp.Authorization.Permissions; |
|||
using Volo.Abp.Guids; |
|||
using Volo.Abp.MultiTenancy; |
|||
using Volo.Abp.PermissionManagement; |
|||
using UserManager = Volo.Abp.Identity.IdentityUserManager; |
|||
|
|||
namespace LINGYUN.Abp.PermissionManagement.OrganizationUnits; |
|||
public class OrganizationUnitPermissionManagementProvider : PermissionManagementProvider |
|||
{ |
|||
public override string Name => OrganizationUnitPermissionValueProvider.ProviderName; |
|||
|
|||
protected UserManager UserManager { get; } |
|||
protected IIdentityUserRepository IdentityUserRepository { get; } |
|||
protected IIdentityRoleRepository IdentityRoleRepository { get; } |
|||
|
|||
public OrganizationUnitPermissionManagementProvider( |
|||
IPermissionGrantRepository permissionGrantRepository, |
|||
IIdentityUserRepository identityUserRepository, |
|||
IIdentityRoleRepository identityRoleRepository, |
|||
UserManager userManager, |
|||
IGuidGenerator guidGenerator, |
|||
ICurrentTenant currentTenant) |
|||
: base( |
|||
permissionGrantRepository, |
|||
guidGenerator, |
|||
currentTenant) |
|||
{ |
|||
UserManager = userManager; |
|||
IdentityUserRepository = identityUserRepository; |
|||
IdentityRoleRepository = identityRoleRepository; |
|||
} |
|||
|
|||
public override async Task<PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey) |
|||
{ |
|||
var multipleGrantInfo = await CheckAsync(new[] { name }, providerName, providerKey); |
|||
|
|||
return multipleGrantInfo.Result.Values.First(); |
|||
} |
|||
|
|||
public override async Task<MultiplePermissionValueProviderGrantInfo> CheckAsync(string[] names, string providerName, string providerKey) |
|||
{ |
|||
var multiplePermissionValueProviderGrantInfo = new MultiplePermissionValueProviderGrantInfo(names); |
|||
var permissionGrants = new List<PermissionGrant>(); |
|||
|
|||
if (providerName == Name) |
|||
{ |
|||
permissionGrants.AddRange(await PermissionGrantRepository.GetListAsync(names, providerName, providerKey)); |
|||
|
|||
} |
|||
|
|||
if (providerName == RolePermissionValueProvider.ProviderName) |
|||
{ |
|||
var role = await IdentityRoleRepository.FindByNormalizedNameAsync(UserManager.NormalizeName(providerKey)); |
|||
var organizationUnits = await IdentityRoleRepository.GetOrganizationUnitsAsync(role.Id); |
|||
|
|||
foreach (var organizationUnit in organizationUnits) |
|||
{ |
|||
permissionGrants.AddRange(await PermissionGrantRepository.GetListAsync(names, Name, organizationUnit.Id.ToString())); |
|||
} |
|||
} |
|||
|
|||
if (providerName == UserPermissionValueProvider.ProviderName) |
|||
{ |
|||
var userId = Guid.Parse(providerKey); |
|||
var organizationUnits = await IdentityUserRepository.GetOrganizationUnitsAsync(userId); |
|||
|
|||
foreach (var organizationUnit in organizationUnits) |
|||
{ |
|||
permissionGrants.AddRange(await PermissionGrantRepository.GetListAsync(names, Name, organizationUnit.Id.ToString())); |
|||
} |
|||
} |
|||
|
|||
permissionGrants = permissionGrants.Distinct().ToList(); |
|||
if (!permissionGrants.Any()) |
|||
{ |
|||
return multiplePermissionValueProviderGrantInfo; |
|||
} |
|||
|
|||
foreach (var permissionName in names) |
|||
{ |
|||
var permissionGrant = permissionGrants.FirstOrDefault(x => x.Name == permissionName); |
|||
if (permissionGrant != null) |
|||
{ |
|||
multiplePermissionValueProviderGrantInfo.Result[permissionName] = new PermissionValueProviderGrantInfo(true, permissionGrant.ProviderKey); |
|||
} |
|||
} |
|||
|
|||
return multiplePermissionValueProviderGrantInfo; |
|||
} |
|||
} |
|||
@ -0,0 +1,40 @@ |
|||
using JetBrains.Annotations; |
|||
using LINGYUN.Abp.Authorization.Permissions; |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Threading.Tasks; |
|||
|
|||
namespace Volo.Abp.PermissionManagement; |
|||
|
|||
public static class OrganizationUnitPermissionManagerExtensions |
|||
{ |
|||
public static Task<PermissionWithGrantedProviders> GetForOrganizationUnitAsync( |
|||
[NotNull] this IPermissionManager permissionManager, |
|||
Guid organizationUnitId, |
|||
string permissionName) |
|||
{ |
|||
Check.NotNull(permissionManager, nameof(permissionManager)); |
|||
|
|||
return permissionManager.GetAsync(permissionName, OrganizationUnitPermissionValueProvider.ProviderName, organizationUnitId.ToString()); |
|||
} |
|||
|
|||
public static Task<List<PermissionWithGrantedProviders>> GetAllForOrganizationUnitAsync( |
|||
[NotNull] this IPermissionManager permissionManager, |
|||
Guid organizationUnitId) |
|||
{ |
|||
Check.NotNull(permissionManager, nameof(permissionManager)); |
|||
|
|||
return permissionManager.GetAllAsync(OrganizationUnitPermissionValueProvider.ProviderName, organizationUnitId.ToString()); |
|||
} |
|||
|
|||
public static Task SetForOrganizationUnitAsync( |
|||
[NotNull] this IPermissionManager permissionManager, |
|||
Guid organizationUnitId, |
|||
[NotNull] string permissionName, |
|||
bool isGranted) |
|||
{ |
|||
Check.NotNull(permissionManager, nameof(permissionManager)); |
|||
|
|||
return permissionManager.SetAsync(permissionName, OrganizationUnitPermissionValueProvider.ProviderName, organizationUnitId.ToString(), isGranted); |
|||
} |
|||
} |
|||
Loading…
Reference in new issue