imhven
/
abp
mirror of https://github.com/abpframework/abp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Working on permission management

Browse Source
pull/208/head
Halil İbrahim Kalkan 7 years ago
parent 6c6a6d7a21
commit 6c28b87183
16 changed files with 296 additions and 62 deletions
Show Stats Download Patch File Download Diff File

6
src/AbpDesk/AbpDesk.Web.Mvc/AbpDeskWebMvcModule.cs
Unescape View File

@ -4,6 +4,7 @@ using System.Globalization;
using System.IO;
using AbpDesk.EntityFrameworkCore;
using AbpDesk.Web.Mvc.Navigation;
using AbpDesk.Web.Mvc.Permissions;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Localization;
@ -78,6 +79,11 @@ namespace AbpDesk.Web.Mvc
options.MenuContributors.Add(new MainMenuContributor());
});
services.Configure<PermissionOptions>(options =>
{
options.DefinitionProviders.Add<AbpDeskPermissionDefinitionProvider>();
});
//services.Configure<RemoteServiceOptions>(configuration); //Needed when we use Volo.Abp.Identity.HttpApi.Client
var authentication = services.AddAuthentication();

18
src/AbpDesk/AbpDesk.Web.Mvc/Permissions/AbpDeskPermissionDefinitionProvider.cs
Unescape View File

@ -0,0 +1,18 @@
using Volo.Abp.Permissions;
namespace AbpDesk.Web.Mvc.Permissions
{
public class AbpDeskPermissionDefinitionProvider : IPermissionDefinitionProvider
{
public void Define(IPermissionDefinitionContext context)
{
var tickets = context.Add("AbpDesk.Tickets");
tickets.AddChild("AbpDesk.Tickets.Reply");
tickets.AddChild("AbpDesk.Tickets.Close");
var customers = context.Add("AbpDesk.Customers");
customers.AddChild("AbpDesk.Customers.Create");
customers.AddChild("AbpDesk.Customers.Delete");
}
}
}

6
src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpIdentityDomainModule.cs
Unescape View File

@ -11,6 +11,12 @@ namespace Volo.Abp.Identity
{
public override void ConfigureServices(IServiceCollection services)
{
services.Configure<PermissionManagementOptions>(options =>
{
options.ManagementProviders.Add<UserPermissionManagementProvider>();
options.ManagementProviders.Add<RolePermissionManagementProvider>();
});
var identityBuilder = services.AddAbpIdentity();
services.ExecutePreConfiguredActions(identityBuilder);

51
src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/RolePermissionManagementProvider.cs
Unescape View File

@ -0,0 +1,51 @@
using System;
using System.Threading.Tasks;
using Volo.Abp.Permissions;
namespace Volo.Abp.Identity
{
public class RolePermissionManagementProvider : IPermissionManagementProvider
{
public string Name => "Role";
private readonly IIdentityUserRepository _identityUserRepository;
private readonly IPermissionGrantRepository _permissionGrantRepository;
public RolePermissionManagementProvider(
IPermissionGrantRepository permissionGrantRepository,
IIdentityUserRepository identityUserRepository)
{
_permissionGrantRepository = permissionGrantRepository;
_identityUserRepository = identityUserRepository;
}
public async Task<PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName == Name)
{
return new PermissionValueProviderGrantInfo(
await _permissionGrantRepository.FindAsync(name, providerName, providerKey) != null,
providerKey
);
}
if (providerName == "User")
{
var userId = Guid.Parse(providerKey);
var roleNames = await _identityUserRepository.GetRoleNamesAsync(userId);
foreach (var roleName in roleNames)
{
var pg = await _permissionGrantRepository.FindAsync(name, providerName, roleName);
if (pg != null)
{
return new PermissionValueProviderGrantInfo(true, roleName);
}
}
}
return PermissionValueProviderGrantInfo.NonGranted;
}
}
}

31
src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/UserPermissionManagementProvider.cs
Unescape View File

@ -0,0 +1,31 @@
using System.Threading.Tasks;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Permissions;
namespace Volo.Abp.Identity
{
public class UserPermissionManagementProvider : IPermissionManagementProvider, ITransientDependency
{
public string Name => "User";
private readonly IPermissionGrantRepository _permissionGrantRepository;
public UserPermissionManagementProvider(IPermissionGrantRepository permissionGrantRepository)
{
_permissionGrantRepository = permissionGrantRepository;
}
public async Task<PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
{
if (providerName != Name)
{
return PermissionValueProviderGrantInfo.NonGranted;
}
return new PermissionValueProviderGrantInfo(
await _permissionGrantRepository.FindAsync(name, providerName, providerKey) != null,
providerKey
);
}
}
}

13
src/Volo.Abp.Identity.Domain/Volo/Abp/Permissions/UserPermissionManagerExtensions.cs
Unescape View File

@ -11,22 +11,25 @@ namespace Volo.Abp.Permissions
public static Task<bool> IsGrantedForUserAsync(this IPermissionManager permissionManager, [NotNull] string name, Guid userId)
{
return permissionManager.IsGrantedAsync(name, ProviderName, userId.ToString());
throw new NotImplementedException();
//return permissionManager.GetAsync(name, ProviderName, userId.ToString());
}
public static Task<List<string>> GetAllGrantedForUserAsync(this IPermissionManager permissionManager, Guid userId)
public static Task<List<PermissionWithGrantedProviders>> GetAllAsync(this IPermissionManager permissionManager, Guid userId)
{
return permissionManager.GetAllGrantedAsync(ProviderName, userId.ToString());
return permissionManager.GetAllAsync(ProviderName, userId.ToString());
}
public static Task GrantForUserAsync(this IPermissionManager permissionManager, Guid userId, [NotNull] string name)
{
return permissionManager.GrantAsync(name, ProviderName, userId.ToString());
throw new NotImplementedException();
//return permissionManager.GrantAsync(name, ProviderName, userId.ToString());
}
public static Task RevokeForUserAsync(this IPermissionManager permissionManager, Guid userId, [NotNull] string name)
{
return permissionManager.RevokeAsync(name, ProviderName, userId.ToString());
throw new NotImplementedException();
//return permissionManager.RevokeAsync(name, ProviderName, userId.ToString());
}
}
}

2
src/Volo.Abp.Permissions.Application/Volo/Abp/Permissions/PermissionAppService.cs
Unescape View File

@ -21,6 +21,8 @@ namespace Volo.Abp.Permissions
public async Task<GetPermissionListResultDto> GetListAsync(string providerName, string providerKey)
{
var permissionInfos = await _permissionManager.GetAllAsync(providerName, providerKey);
return new GetPermissionListResultDto
{
Groups = new List<PermissionGroupDto>

11
src/Volo.Abp.Permissions.Domain/Volo/Abp/Permissions/IPermissionManagementProvider.cs
Unescape View File

@ -0,0 +1,11 @@
using System.Threading.Tasks;
namespace Volo.Abp.Permissions
{
public interface IPermissionManagementProvider
{
string Name { get; }
Task<PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey);
}
}

8
src/Volo.Abp.Permissions.Domain/Volo/Abp/Permissions/IPermissionManager.cs
Unescape View File

@ -6,12 +6,12 @@ namespace Volo.Abp.Permissions
{
public interface IPermissionManager
{
Task<bool> IsGrantedAsync([NotNull]string name, [NotNull] string providerName, [NotNull] string providerKey);
//Task<PermissionWithGrantedProviders> GetAsync([NotNull]string name, [NotNull] string providerName, [NotNull] string providerKey);
Task<List<string>> GetAllGrantedAsync([NotNull] string providerName, [NotNull] string providerKey);
Task<List<PermissionWithGrantedProviders>> GetAllAsync([NotNull] string providerName, [NotNull] string providerKey);
Task GrantAsync([NotNull] string name, [NotNull] string providerName, [NotNull] string providerKey);
//Task GrantAsync([NotNull] string name, [NotNull] string providerName, [NotNull] string providerKey);
Task RevokeAsync([NotNull] string name, [NotNull] string providerName, [NotNull] string providerKey);
//Task RevokeAsync([NotNull] string name, [NotNull] string providerName, [NotNull] string providerKey);
}
}

14
src/Volo.Abp.Permissions.Domain/Volo/Abp/Permissions/PermissionManagementOptions.cs
Unescape View File

@ -0,0 +1,14 @@
using Volo.Abp.Collections;
namespace Volo.Abp.Permissions
{
public class PermissionManagementOptions
{
public ITypeList<IPermissionManagementProvider> ManagementProviders { get; }
public PermissionManagementOptions()
{
ManagementProviders = new TypeList<IPermissionManagementProvider>();
}
}
}

140
src/Volo.Abp.Permissions.Domain/Volo/Abp/Permissions/PermissionManager.cs
Unescape View File

@ -1,6 +1,9 @@
using System.Collections.Generic;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids;
@ -9,77 +12,120 @@ namespace Volo.Abp.Permissions
public class PermissionManager : IPermissionManager, ISingletonDependency
{
protected IPermissionGrantRepository PermissionGrantRepository { get; }
protected IPermissionDefinitionManager PermissionDefinitionManager { get; }
protected IGuidGenerator GuidGenerator { get; }
protected IReadOnlyList<IPermissionManagementProvider> ManagementProviders => _lazyProviders.Value;
protected PermissionManagementOptions Options { get; }
private readonly Lazy<List<IPermissionManagementProvider>> _lazyProviders;
public PermissionManager(
IPermissionDefinitionManager permissionDefinitionManager,
IPermissionGrantRepository permissionGrantRepository,
IGuidGenerator guidGenerator)
IServiceProvider serviceProvider,
IGuidGenerator guidGenerator,
IOptions<PermissionManagementOptions> options)
{
GuidGenerator = guidGenerator;
PermissionGrantRepository = permissionGrantRepository;
PermissionDefinitionManager = permissionDefinitionManager;
Options = options.Value;
_lazyProviders = new Lazy<List<IPermissionManagementProvider>>(
() => Options
.ManagementProviders
.Select(c => serviceProvider.GetRequiredService(c) as IPermissionManagementProvider)
.ToList(),
true
);
}
public async Task<bool> IsGrantedAsync(string providerName, string providerKey, string name)
{
Check.NotNull(providerName, nameof(providerName));
Check.NotNull(providerKey, nameof(providerKey));
Check.NotNull(name, nameof(name));
//public async Task<bool> IsGrantedAsync(string providerName, string providerKey, string name)
//{
// Check.NotNull(providerName, nameof(providerName));
// Check.NotNull(providerKey, nameof(providerKey));
// Check.NotNull(name, nameof(name));
return await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null;
}
// return await PermissionGrantRepository.FindAsync(name, providerName, providerKey) != null;
//}
public async Task<List<string>> GetAllGrantedAsync(string providerName, string providerKey)
{
Check.NotNull(providerName, nameof(providerName));
Check.NotNull(providerKey, nameof(providerKey));
//public async Task<List<string>> GetAllGrantedAsync(string providerName, string providerKey)
//{
// Check.NotNull(providerName, nameof(providerName));
// Check.NotNull(providerKey, nameof(providerKey));
return (await PermissionGrantRepository.GetListAsync(providerName, providerKey))
.Select(p => p.Name)
.ToList();
}
// return (await PermissionGrantRepository.GetListAsync(providerName, providerKey))
// .Select(p => p.Name)
// .ToList();
//}
public async Task GrantAsync(string name, string providerName, string providerKey)
{
Check.NotNull(name, nameof(name));
Check.NotNull(providerName, nameof(providerName));
Check.NotNull(providerKey, nameof(providerKey));
//public async Task GrantAsync(string name, string providerName, string providerKey)
//{
// Check.NotNull(name, nameof(name));
// Check.NotNull(providerName, nameof(providerName));
// Check.NotNull(providerKey, nameof(providerKey));
if (await IsGrantedAsync(providerName, providerKey, name))
{
return;
}
// if (await IsGrantedAsync(providerName, providerKey, name))
// {
// return;
// }
await PermissionGrantRepository.InsertAsync(
new PermissionGrant(
GuidGenerator.Create(),
name,
providerName,
providerKey
)
);
}
// await PermissionGrantRepository.InsertAsync(
// new PermissionGrant(
// GuidGenerator.Create(),
// name,
// providerName,
// providerKey
// )
// );
//}
//public async Task RevokeAsync(string providerName, string providerKey, string name)
//{
// Check.NotNull(providerName, nameof(providerName));
// Check.NotNull(providerKey, nameof(providerKey));
// Check.NotNull(name, nameof(name));
// if (await IsGrantedAsync(providerName, providerKey, name))
// {
// return;
// }
public async Task RevokeAsync(string providerName, string providerKey, string name)
// var grant = await PermissionGrantRepository.FindAsync(name, providerName, providerKey);
// if (grant == null)
// {
// return;
// }
// await PermissionGrantRepository.DeleteAsync(grant);
//}
public async Task<List<PermissionWithGrantedProviders>> GetAllAsync(string providerName, string providerKey)
{
Check.NotNull(providerName, nameof(providerName));
Check.NotNull(providerKey, nameof(providerKey));
Check.NotNull(name, nameof(name));
var results = new List<PermissionWithGrantedProviders>();
if (await IsGrantedAsync(providerName, providerKey, name))
foreach (var permissionDefinition in PermissionDefinitionManager.GetAll())
{
return;
}
var result = new PermissionWithGrantedProviders(permissionDefinition.Name, false);
var grant = await PermissionGrantRepository.FindAsync(name, providerName, providerKey);
if (grant == null)
{
return;
foreach (var provider in ManagementProviders)
{
var providerResult = await provider.CheckAsync(permissionDefinition.Name, providerName, providerKey);
if (providerResult.IsGranted)
{
result.IsGranted = true;
result.Providers.Add(new PermissionValueProviderInfo(provider.Name, providerResult.ProviderKey));
}
}
results.Add(result);
}
await PermissionGrantRepository.DeleteAsync(grant);
return results;
}
}
}

20
src/Volo.Abp.Permissions.Domain/Volo/Abp/Permissions/PermissionValueProviderInfo.cs
Unescape View File

@ -0,0 +1,20 @@
using JetBrains.Annotations;
namespace Volo.Abp.Permissions
{
public class PermissionValueProviderInfo
{
public string Name { get; }
public string Key { get; }
public PermissionValueProviderInfo([NotNull]string name, [NotNull]string key)
{
Check.NotNull(name, nameof(name));
Check.NotNull(key, nameof(key));
Name = name;
Key = key;
}
}
}

24
src/Volo.Abp.Permissions.Domain/Volo/Abp/Permissions/PermissionWithGrantedProviders.cs
Unescape View File

@ -0,0 +1,24 @@
using System.Collections.Generic;
using JetBrains.Annotations;
namespace Volo.Abp.Permissions
{
public class PermissionWithGrantedProviders
{
public string Name { get; }
public bool IsGranted { get; set; }
public List<PermissionValueProviderInfo> Providers { get; set; }
public PermissionWithGrantedProviders([NotNull] string name, bool isGranted)
{
Check.NotNull(name, nameof(name));
Name = name;
IsGranted = isGranted;
Providers = new List<PermissionValueProviderInfo>();
}
}
}

3
src/Volo.Abp.Permissions/Volo/Abp/Permissions/IPermissionValueProvider.cs
Unescape View File

@ -1,8 +1,9 @@
using System.Threading.Tasks;
using Volo.Abp.DependencyInjection;
namespace Volo.Abp.Permissions
{
public interface IPermissionValueProvider
public interface IPermissionValueProvider : ISingletonDependency
{
string Name { get; }

8
src/Volo.Abp.Permissions/Volo/Abp/Permissions/PermissionChecker.cs
Unescape View File

@ -12,11 +12,12 @@ namespace Volo.Abp.Permissions
{
protected IPermissionDefinitionManager PermissionDefinitionManager { get; }
protected List<IPermissionValueProvider> Providers => _lazyProviders.Value;
private readonly Lazy<List<IPermissionValueProvider>> _lazyProviders;
protected IReadOnlyList<IPermissionValueProvider> ValueProviders => _lazyProviders.Value;
protected PermissionOptions Options { get; }
private readonly Lazy<List<IPermissionValueProvider>> _lazyProviders;
public PermissionChecker(
IOptions<PermissionOptions> options,
IServiceProvider serviceProvider,
@ -34,6 +35,7 @@ namespace Volo.Abp.Permissions
);
}
public Task<PermissionGrantInfo> CheckAsync(string name)
{
var permission = PermissionDefinitionManager.Get(name);
@ -43,7 +45,7 @@ namespace Volo.Abp.Permissions
protected virtual async Task<PermissionGrantInfo> GetPermissionGrantInfo(PermissionDefinition permission)
{
foreach (var provider in Providers)
foreach (var provider in ValueProviders)
{
var result = await provider.CheckAsync(permission);
if (result.IsGranted)

3
src/Volo.Abp.Permissions/Volo/Abp/Permissions/PermissionValueProvider.cs
Unescape View File

@ -1,9 +1,8 @@
using System.Threading.Tasks;
using Volo.Abp.DependencyInjection;
namespace Volo.Abp.Permissions
{
public abstract class PermissionValueProvider : IPermissionValueProvider, ISingletonDependency
public abstract class PermissionValueProvider : IPermissionValueProvider
{
public abstract string Name { get; }

Write Preview
Loading…
Cancel
Save