Complete some permission checks.

6 years ago · 44c9ef9166
3 changed files with 14 additions and 8 deletions
--- a/modules/identity/src/Volo.Abp.Identity.Web/Pages/Identity/Roles/Index.cshtml
+++ b/modules/identity/src/Volo.Abp.Identity.Web/Pages/Identity/Roles/Index.cshtml
@ -1,4 +1,5 @@
@page
+@using Microsoft.AspNetCore.Authorization
@using Microsoft.AspNetCore.Mvc.Localization
@using Volo.Abp.AspNetCore.Mvc.UI.Layout
@using Volo.Abp.Identity.Localization
@ -6,6 +7,7 @@
@using Volo.Abp.Identity.Web.Pages.Identity.Roles
@model IndexModel
@inject IHtmlLocalizer<IdentityResource> L
+@inject IAuthorizationService Authorization
@inject IPageLayout PageLayout
@{
    PageLayout.Content.Title = L["Roles"].Value;
@ -30,7 +32,10 @@
                <abp-card-title>@L["Roles"]</abp-card-title>
            </abp-column>
            <abp-column size-md="_6" class="text-right">
-                <abp-button button-type="Primary" name="CreateRole" text="@L["NewRole"].Value" icon="plus" />
+                @if (await Authorization.IsGrantedAsync(IdentityPermissions.Roles.Create))
+                {
+                    <abp-button button-type="Primary" name="CreateRole" text="@L["NewRole"].Value" icon="plus" />
+                }
            </abp-column>
        </abp-row>
    </abp-card-header>
--- a/modules/tenant-management/src/Volo.Abp.TenantManagement.Web/Pages/TenantManagement/Tenants/Index.cshtml
+++ b/modules/tenant-management/src/Volo.Abp.TenantManagement.Web/Pages/TenantManagement/Tenants/Index.cshtml
@ -1,4 +1,5 @@
@page
+@using Microsoft.AspNetCore.Authorization
@using Microsoft.AspNetCore.Mvc.Localization
@using Volo.Abp.AspNetCore.Mvc.UI.Layout
@using Volo.Abp.TenantManagement.Localization
@ -6,6 +7,7 @@
@using Volo.Abp.TenantManagement.Web.Pages.TenantManagement.Tenants
@model IndexModel
@inject IHtmlLocalizer<AbpTenantManagementResource> L
+@inject IAuthorizationService Authorization
@inject IPageLayout PageLayout
@{
    PageLayout.Content.Title = L["Tenants"].Value;
@ -26,7 +28,10 @@
                <abp-card-title>@L["Tenants"]</abp-card-title>
            </abp-column>
            <abp-column size-md="_6" class="text-right">
-                <abp-button button-type="Primary" name="CreateTenant" icon="plus" text="@L["NewTenant"].Value" />
+                @if (await Authorization.IsGrantedAsync(TenantManagementPermissions.Tenants.Create))
+                {
+                    <abp-button button-type="Primary" name="CreateTenant" icon="plus" text="@L["NewTenant"].Value" />
+                }
            </abp-column>
        </abp-row>
    </abp-card-header>
--- a/samples/MicroserviceDemo/modules/product/src/ProductManagement.Web/Pages/ProductManagement/Products/index.js
+++ b/samples/MicroserviceDemo/modules/product/src/ProductManagement.Web/Pages/ProductManagement/Products/index.js
@ -20,9 +20,7 @@
                        [
                            {
                                text: l('Edit'),
-                                visible: function () {
-                                    return true; //TODO: Check permission
-                                },
+                                visible: abp.auth.isGranted('ProductManagement.Product.Update'),
                                action: function (data) {
                                    _editModal.open({
                                        productId: data.record.id
@ -31,9 +29,7 @@
                            },
                            {
                                text: l('Delete'),
-                                visible: function () {
-                                    return true; //TODO: Check permission
-                                },
+                                visible: abp.auth.isGranted('ProductManagement.Product.Delete'),
                                confirmMessage: function (data) { return l('ProductDeletionWarningMessage'); },
                                action: function (data) {
                                    productManagement.products