Enhance multiple permission checks.

5 years ago · 432d414b3e
4 changed files with 27 additions and 7 deletions
--- a/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/ClientPermissionValueProvider.cs
+++ b/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/ClientPermissionValueProvider.cs
@ -1,4 +1,5 @@
-using System.Threading.Tasks;
+using System.Collections.Generic;
+using System.Threading.Tasks;
 using Volo.Abp.MultiTenancy;
 using System.Linq;
 using Volo.Abp.Security.Claims;
@ -38,7 +39,8 @@ namespace Volo.Abp.Authorization.Permissions

        public override async Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
        {
-            var permissionNames = context.Permissions.Select(x => x.Name).ToArray();
+            var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToArray();
+            Check.NotNullOrEmpty(permissionNames, nameof(permissionNames));

            var clientId = context.Principal?.FindFirst(AbpClaimTypes.ClientId)?.Value;
            if (clientId == null)
--- a/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/PermissionChecker.cs
+++ b/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/PermissionChecker.cs
@ -121,8 +121,17 @@ namespace Volo.Abp.Authorization.Permissions

            foreach (var provider in PermissionValueProviderManager.ValueProviders)
            {
+                var permissions = permissionDefinitions
+                    .Where(x => !x.Providers.Any() || x.Providers.Contains(provider.Name))
+                    .ToList();
+
+                if (permissions.IsNullOrEmpty())
+                {
+                    break;
+                }
+
                var context = new PermissionValuesCheckContext(
-                    permissionDefinitions.Where(x => !x.Providers.Any() || x.Providers.Contains(provider.Name)).ToList(),
+                    permissions,
                    claimsPrincipal);

                var multipleResult = await provider.CheckAsync(context);
--- a/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/RolePermissionValueProvider.cs
+++ b/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/RolePermissionValueProvider.cs
@ -39,8 +39,10 @@ namespace Volo.Abp.Authorization.Permissions

        public override async Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
        {
-            var permissionNames = context.Permissions.Select(x => x.Name).ToList();
-            var result = new MultiplePermissionGrantResult(permissionNames.ToArray());
+            var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToArray();
+            Check.NotNullOrEmpty(permissionNames, nameof(permissionNames));
+
+            var result = new MultiplePermissionGrantResult(permissionNames);

            var roles = context.Principal?.FindAll(AbpClaimTypes.Role).Select(c => c.Value).ToArray();
            if (roles == null || !roles.Any())
@ -50,7 +52,8 @@ namespace Volo.Abp.Authorization.Permissions

            foreach (var role in roles)
            {
-                var multipleResult = await PermissionStore.IsGrantedAsync(permissionNames.ToArray(), Name, role);
+                var multipleResult = await PermissionStore.IsGrantedAsync(permissionNames, Name, role);
+
                foreach (var grantResult in multipleResult.Result.Where(grantResult =>
                    result.Result.ContainsKey(grantResult.Key) &&
                    result.Result[grantResult.Key] == PermissionGrantResult.Undefined &&
@ -64,6 +67,11 @@ namespace Volo.Abp.Authorization.Permissions
                {
                    break;
                }
+
+                if (permissionNames.IsNullOrEmpty())
+                {
+                    break;
+                }
            }

            return result;
--- a/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/UserPermissionValueProvider.cs
+++ b/framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/Permissions/UserPermissionValueProvider.cs
@ -32,7 +32,8 @@ namespace Volo.Abp.Authorization.Permissions

        public override async Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context)
        {
-            var permissionNames = context.Permissions.Select(x => x.Name).ToArray();
+            var permissionNames = context.Permissions.Select(x => x.Name).Distinct().ToArray();
+            Check.NotNullOrEmpty(permissionNames, nameof(permissionNames));

            var userId = context.Principal?.FindFirst(AbpClaimTypes.UserId)?.Value;
            if (userId == null)