imhven
/
abp
mirror of https://github.com/abpframework/abp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Respect to multitenancy side while getting & setting permissions.

Browse Source
pull/947/head
Halil ibrahim Kalkan 6 years ago
parent 65a2d89b18
commit acf84e5c40
4 changed files with 59 additions and 15 deletions
Show Stats Download Patch File Download Diff File

7
framework/src/Volo.Abp.MultiTenancy/Volo/Abp/MultiTenancy/CurrentTenantExtensions.cs
Unescape View File

@ -16,5 +16,12 @@ namespace Volo.Abp.MultiTenancy
return currentTenant.Id.Value; return currentTenant.Id.Value;
} }
public static MultiTenancySides GetMultiTenancySide(this ICurrentTenant currentTenant)
{
return currentTenant.Id.HasValue
? MultiTenancySides.Tenant
: MultiTenancySides.Host;
}
} }
} }

15
modules/permission-management/src/Volo.Abp.PermissionManagement.Application/Volo/Abp/PermissionManagement/PermissionAppService.cs
Unescape View File

@ -7,6 +7,7 @@ using Microsoft.Extensions.Localization;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
using Volo.Abp.Application.Services; using Volo.Abp.Application.Services;
using Volo.Abp.Authorization.Permissions; using Volo.Abp.Authorization.Permissions;
using Volo.Abp.MultiTenancy;
namespace Volo.Abp.PermissionManagement namespace Volo.Abp.PermissionManagement
{ {
@ -41,6 +42,8 @@ namespace Volo.Abp.PermissionManagement
Groups = new List<PermissionGroupDto>() Groups = new List<PermissionGroupDto>()
}; };
var multiTenancySide = CurrentTenant.GetMultiTenancySide();
foreach (var group in _permissionDefinitionManager.GetGroups()) foreach (var group in _permissionDefinitionManager.GetGroups())
{ {
var groupDto = new PermissionGroupDto var groupDto = new PermissionGroupDto
@ -57,6 +60,11 @@ namespace Volo.Abp.PermissionManagement
continue; continue;
} }
if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
{
continue;
}
var grantInfoDto = new PermissionGrantInfoDto var grantInfoDto = new PermissionGrantInfoDto
{ {
Name = permission.Name, Name = permission.Name,
@ -97,13 +105,6 @@ namespace Volo.Abp.PermissionManagement
foreach (var permissionDto in input.Permissions) foreach (var permissionDto in input.Permissions)
{ {
var permissionDefinition = _permissionDefinitionManager.Get(permissionDto.Name);
if (permissionDefinition.Providers.Any() &&
!permissionDefinition.Providers.Contains(providerName))
{
throw new ApplicationException($"The permission named '{permissionDto.Name}' has not compatible with the provider named '{providerName}'");
}
await _permissionManager.SetAsync(permissionDto.Name, providerName, providerKey, permissionDto.IsGranted); await _permissionManager.SetAsync(permissionDto.Name, providerName, providerKey, permissionDto.IsGranted);
} }
} }

12
modules/permission-management/src/Volo.Abp.PermissionManagement.Domain/Volo/Abp/PermissionManagement/PermissionDataSeedContributor.cs
Unescape View File

@ -3,28 +3,34 @@ using System.Threading.Tasks;
using Volo.Abp.Authorization.Permissions; using Volo.Abp.Authorization.Permissions;
using Volo.Abp.Data; using Volo.Abp.Data;
using Volo.Abp.DependencyInjection; using Volo.Abp.DependencyInjection;
using Volo.Abp.MultiTenancy;
namespace Volo.Abp.PermissionManagement namespace Volo.Abp.PermissionManagement
{ {
public class PermissionDataSeedContributor : IDataSeedContributor, ITransientDependency public class PermissionDataSeedContributor : IDataSeedContributor, ITransientDependency
{ {
protected ICurrentTenant CurrentTenant { get; }
protected IPermissionDefinitionManager PermissionDefinitionManager { get; } protected IPermissionDefinitionManager PermissionDefinitionManager { get; }
protected IPermissionDataSeeder PermissionDataSeeder { get; } protected IPermissionDataSeeder PermissionDataSeeder { get; }
public PermissionDataSeedContributor( public PermissionDataSeedContributor(
IPermissionDefinitionManager permissionDefinitionManager, IPermissionDefinitionManager permissionDefinitionManager,
IPermissionDataSeeder permissionDataSeeder) IPermissionDataSeeder permissionDataSeeder,
ICurrentTenant currentTenant)
{ {
PermissionDefinitionManager = permissionDefinitionManager; PermissionDefinitionManager = permissionDefinitionManager;
PermissionDataSeeder = permissionDataSeeder; PermissionDataSeeder = permissionDataSeeder;
CurrentTenant = currentTenant;
} }
public Task SeedAsync(DataSeedContext context) public virtual Task SeedAsync(DataSeedContext context)
{ {
var multiTenancySide = CurrentTenant.GetMultiTenancySide();
var permissionNames = PermissionDefinitionManager var permissionNames = PermissionDefinitionManager
.GetPermissions() .GetPermissions()
.Where(p => p.MultiTenancySide.HasFlag(multiTenancySide))
.Select(p => p.Name) .Select(p => p.Name)
//TODO: Filter host/tenant permissions!
.ToArray(); .ToArray();
return PermissionDataSeeder.SeedAsync( return PermissionDataSeeder.SeedAsync(

40
modules/permission-management/src/Volo.Abp.PermissionManagement.Domain/Volo/Abp/PermissionManagement/PermissionManager.cs
Unescape View File

@ -7,6 +7,7 @@ using Microsoft.Extensions.Options;
using Volo.Abp.Authorization.Permissions; using Volo.Abp.Authorization.Permissions;
using Volo.Abp.DependencyInjection; using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids; using Volo.Abp.Guids;
using Volo.Abp.MultiTenancy;
namespace Volo.Abp.PermissionManagement namespace Volo.Abp.PermissionManagement
{ {
@ -18,6 +19,8 @@ namespace Volo.Abp.PermissionManagement
protected IGuidGenerator GuidGenerator { get; } protected IGuidGenerator GuidGenerator { get; }
protected ICurrentTenant CurrentTenant { get; }
protected IReadOnlyList<IPermissionManagementProvider> ManagementProviders => _lazyProviders.Value; protected IReadOnlyList<IPermissionManagementProvider> ManagementProviders => _lazyProviders.Value;
protected PermissionManagementOptions Options { get; } protected PermissionManagementOptions Options { get; }
@ -29,9 +32,11 @@ namespace Volo.Abp.PermissionManagement
IPermissionGrantRepository permissionGrantRepository, IPermissionGrantRepository permissionGrantRepository,
IServiceProvider serviceProvider, IServiceProvider serviceProvider,
IGuidGenerator guidGenerator, IGuidGenerator guidGenerator,
IOptions<PermissionManagementOptions> options) IOptions<PermissionManagementOptions> options,
ICurrentTenant currentTenant)
{ {
GuidGenerator = guidGenerator; GuidGenerator = guidGenerator;
CurrentTenant = currentTenant;
PermissionGrantRepository = permissionGrantRepository; PermissionGrantRepository = permissionGrantRepository;
PermissionDefinitionManager = permissionDefinitionManager; PermissionDefinitionManager = permissionDefinitionManager;
Options = options.Value; Options = options.Value;
@ -64,7 +69,21 @@ namespace Volo.Abp.PermissionManagement
public async Task SetAsync(string permissionName, string providerName, string providerKey, bool isGranted) public async Task SetAsync(string permissionName, string providerName, string providerKey, bool isGranted)
{ {
var currentGrantInfo = await GetAsync(permissionName, providerName, providerKey); var permission = PermissionDefinitionManager.Get(permissionName);
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
//TODO: BusinessException
throw new ApplicationException($"The permission named '{permission.Name}' has not compatible with the provider named '{providerName}'");
}
if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
{
//TODO: BusinessException
throw new ApplicationException($"The permission named '{permission.Name}' has multitenancy side '{permission.MultiTenancySide}' which is not compatible with the current multitenancy side '{CurrentTenant.GetMultiTenancySide()}'");
}
var currentGrantInfo = await GetInternalAsync(permission, providerName, providerKey);
if (currentGrantInfo.IsGranted == isGranted) if (currentGrantInfo.IsGranted == isGranted)
{ {
return; return;
@ -73,19 +92,30 @@ namespace Volo.Abp.PermissionManagement
var provider = ManagementProviders.FirstOrDefault(m => m.Name == providerName); var provider = ManagementProviders.FirstOrDefault(m => m.Name == providerName);
if (provider == null) if (provider == null)
{ {
//TODO: BusinessException
throw new AbpException("Unknown permission management provider: " + providerName); throw new AbpException("Unknown permission management provider: " + providerName);
} }
await provider.SetAsync(permissionName, providerKey, isGranted); await provider.SetAsync(permissionName, providerKey, isGranted);
} }
protected virtual async Task<PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permissionDefinition, string providerName, string providerKey) protected virtual async Task<PermissionWithGrantedProviders> GetInternalAsync(PermissionDefinition permission, string providerName, string providerKey)
{ {
var result = new PermissionWithGrantedProviders(permissionDefinition.Name, false); var result = new PermissionWithGrantedProviders(permission.Name, false);
if (!permission.MultiTenancySide.HasFlag(CurrentTenant.GetMultiTenancySide()))
{
return result;
}
if (permission.Providers.Any() && !permission.Providers.Contains(providerName))
{
return result;
}
foreach (var provider in ManagementProviders) foreach (var provider in ManagementProviders)
{ {
var providerResult = await provider.CheckAsync(permissionDefinition.Name, providerName, providerKey); var providerResult = await provider.CheckAsync(permission.Name, providerName, providerKey);
if (providerResult.IsGranted) if (providerResult.IsGranted)
{ {
result.IsGranted = true; result.IsGranted = true;

Write Preview
Loading…
Cancel
Save