luticate2
/
luticate2-api
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 19 Wiki Attività
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
99 Commit
4 Rami (Branch)
Albero (Tree): bd2d2f596e
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'bd2d2f596e'
${ noResults }
luticate2-api/Luticate2.Auth/Middlewares/LuPermissionMiddleware.cs

LuPermissionMiddleware.cs 2.5KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 
  1. using System;

  2. using System.Reflection;

  3. using Luticate2.Auth.Attributes;

  4. using Luticate2.Auth.Interfaces.Permissions;

  5. using Luticate2.Auth.Interfaces.Users;

  6. using Luticate2.Utils.Controllers;

  7. using Luticate2.Utils.Dbo.Result;

  8. using Microsoft.AspNetCore.Mvc.Controllers;

  9. using Microsoft.AspNetCore.Mvc.Filters;

  10. using Microsoft.Extensions.DependencyInjection;

  11. 

  12. namespace Luticate2.Auth.Middlewares

  13. {

  14.     public class LuPermissionMiddleware : IActionFilter

  15.     {

  16.         private readonly IServiceProvider _serviceProvider;

  17.         private readonly ILuPermissionsBusiness _luPermissionsBusiness;

  18. 

  19.         public LuPermissionMiddleware(IServiceProvider serviceProvider, ILuPermissionsBusiness luPermissionsBusiness)

  20.         {

  21.             _serviceProvider = serviceProvider;

  22.             _luPermissionsBusiness = luPermissionsBusiness;

  23.         }

  24. 

  25.         public void OnActionExecuting(ActionExecutingContext context)

  26.         {

  27.             var actionDescriptor = context.ActionDescriptor as ControllerActionDescriptor;

  28.             if (actionDescriptor != null)

  29.             {

  30.                 var attributes = actionDescriptor.MethodInfo.GetCustomAttributes<LuPermissionAttribute>();

  31.                 foreach (var attribute in attributes)

  32.                 {

  33.                     var srcAccessor = _serviceProvider.GetService(attribute.SrcEntityAccessor) as ILuAttrEntityAccessor;

  34.                     var dstAccessor = _serviceProvider.GetService(attribute.DstEntityAccessor) as ILuAttrEntityAccessor;

  35.                     var srcEntity = srcAccessor?.GetEntity(context, attribute.Id);

  36.                     var dstEntity = dstAccessor?.GetEntity(context, attribute.Id);

  37.                     var permissionValue = _luPermissionsBusiness.GetPermissionEffectiveValue(attribute.PermissionName,

  38.                         attribute.SrcEntityType, srcEntity, attribute.DstEntityType, dstEntity);

  39.                     if (!permissionValue)

  40.                     {

  41.                         throw new LuResultException(permissionValue.To<object>());

  42.                     }

  43.                     if (!permissionValue.Data)

  44.                     {

  45.                         var user = _serviceProvider.GetService<ILuLoggedUserAccessor>().GetLoggedUser();

  46.                         throw new LuResultException(LuResult<object>.Error(LuStatus.PermissionError,

  47.                             $"user: {user?.Id} {user?.Username}", "Permission denied"));

  48.                     }

  49.                 }

  50.             }

  51.         }

  52. 

  53.         public void OnActionExecuted(ActionExecutedContext context)

  54.         {

  55.         }

  56.     }

  57. }