Scope permissions by SiteId to support entity level authorization as well as improve caching and performance. Optimize GetTenant to use existing cache.
This commit is contained in:
Shaun Walker
@ -28,9 +28,9 @@ namespace Oqtane.Repository
|
||||
|
||||
public IEnumerable<File> GetFiles(int folderId)
|
||||
{
|
||||
IEnumerable<Permission> permissions = _permissions.GetPermissions(EntityNames.Folder, folderId).ToList();
|
||||
IEnumerable<File> files = _db.File.Where(item => item.FolderId == folderId).Include(item => item.Folder);
|
||||
var alias = _tenants.GetAlias();
|
||||
IEnumerable<Permission> permissions = _permissions.GetPermissions(alias.SiteId, EntityNames.Folder, folderId).ToList();
|
||||
IEnumerable<File> files = _db.File.Where(item => item.FolderId == folderId).Include(item => item.Folder);
|
||||
foreach (File file in files)
|
||||
{
|
||||
file.Folder.Permissions = permissions.EncodePermissions();
|
||||
@ -76,7 +76,7 @@ namespace Oqtane.Repository
|
||||
}
|
||||
if (file != null)
|
||||
{
|
||||
IEnumerable<Permission> permissions = _permissions.GetPermissions(EntityNames.Folder, file.FolderId).ToList();
|
||||
IEnumerable<Permission> permissions = _permissions.GetPermissions(file.Folder.SiteId, EntityNames.Folder, file.FolderId).ToList();
|
||||
file.Folder.Permissions = permissions.EncodePermissions();
|
||||
file.Url = GetFileUrl(file, _tenants.GetAlias());
|
||||
}
|
||||
@ -93,7 +93,7 @@ namespace Oqtane.Repository
|
||||
|
||||
if (file != null)
|
||||
{
|
||||
IEnumerable<Permission> permissions = _permissions.GetPermissions(EntityNames.Folder, file.FolderId).ToList();
|
||||
IEnumerable<Permission> permissions = _permissions.GetPermissions(file.Folder.SiteId, EntityNames.Folder, file.FolderId).ToList();
|
||||
file.Folder.Permissions = permissions.EncodePermissions();
|
||||
file.Url = GetFileUrl(file, _tenants.GetAlias());
|
||||
}
|
||||
|
||||
@ -69,7 +69,7 @@ namespace Oqtane.Repository
|
||||
}
|
||||
if (folder != null)
|
||||
{
|
||||
folder.Permissions = _permissions.GetPermissionString(EntityNames.Folder, folder.FolderId);
|
||||
folder.Permissions = _permissions.GetPermissions(folder.SiteId, EntityNames.Folder, folder.FolderId)?.EncodePermissions();
|
||||
}
|
||||
return folder;
|
||||
}
|
||||
@ -79,7 +79,7 @@ namespace Oqtane.Repository
|
||||
Folder folder = _db.Folder.Where(item => item.SiteId == siteId && item.Path == path).FirstOrDefault();
|
||||
if (folder != null)
|
||||
{
|
||||
folder.Permissions = _permissions.GetPermissionString(EntityNames.Folder, folder.FolderId);
|
||||
folder.Permissions = _permissions.GetPermissions(folder.SiteId, EntityNames.Folder, folder.FolderId)?.EncodePermissions();
|
||||
}
|
||||
return folder;
|
||||
}
|
||||
|
||||
@ -8,7 +8,6 @@ namespace Oqtane.Repository
|
||||
IEnumerable<ModuleDefinition> GetModuleDefinitions();
|
||||
IEnumerable<ModuleDefinition> GetModuleDefinitions(int siteId);
|
||||
ModuleDefinition GetModuleDefinition(int moduleDefinitionId, int siteId);
|
||||
ModuleDefinition GetModuleDefinition(int moduleDefinitionId, bool tracking);
|
||||
void UpdateModuleDefinition(ModuleDefinition moduleDefinition);
|
||||
void DeleteModuleDefinition(int moduleDefinitionId);
|
||||
}
|
||||
|
||||
@ -8,13 +8,10 @@ namespace Oqtane.Repository
|
||||
public interface IPermissionRepository
|
||||
{
|
||||
IEnumerable<Permission> GetPermissions(int siteId, string entityName);
|
||||
IEnumerable<Permission> GetPermissions(string entityName, int entityId);
|
||||
IEnumerable<Permission> GetPermissions(string entityName, int entityId, string permissionName);
|
||||
|
||||
string GetPermissionString(int siteId, string entityName);
|
||||
string GetPermissionString(string entityName, int entityId);
|
||||
string GetPermissionString(string entityName, int entityId, string permissionName);
|
||||
|
||||
IEnumerable<Permission> GetPermissions(int siteId, string entityName, string permissionName);
|
||||
IEnumerable<Permission> GetPermissions(int siteId, string entityName, int entityId);
|
||||
IEnumerable<Permission> GetPermissions(int siteId, string entityName, int entityId, string permissionName);
|
||||
|
||||
Permission AddPermission(Permission permission);
|
||||
Permission UpdatePermission(Permission permission);
|
||||
void UpdatePermissions(int siteId, string entityName, int entityId, string permissionStrings);
|
||||
|
||||
@ -42,24 +42,6 @@ namespace Oqtane.Repository
|
||||
return moduledefinitions.Find(item => item.ModuleDefinitionId == moduleDefinitionId);
|
||||
}
|
||||
|
||||
public ModuleDefinition GetModuleDefinition(int moduleDefinitionId, bool tracking)
|
||||
{
|
||||
ModuleDefinition moduledefinition;
|
||||
if (tracking)
|
||||
{
|
||||
moduledefinition = _db.ModuleDefinition.Find(moduleDefinitionId);
|
||||
}
|
||||
else
|
||||
{
|
||||
moduledefinition = _db.ModuleDefinition.AsNoTracking().FirstOrDefault(item => item.ModuleDefinitionId == moduleDefinitionId);
|
||||
}
|
||||
if (moduledefinition != null)
|
||||
{
|
||||
moduledefinition.Permissions = _permissions.GetPermissionString(EntityNames.ModuleDefinition, moduledefinition.ModuleDefinitionId);
|
||||
}
|
||||
return moduledefinition;
|
||||
}
|
||||
|
||||
public void UpdateModuleDefinition(ModuleDefinition moduleDefinition)
|
||||
{
|
||||
_db.Entry(moduleDefinition).State = EntityState.Modified;
|
||||
|
||||
@ -4,6 +4,7 @@ using System.Linq;
|
||||
using System.Text.Json;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Oqtane.Extensions;
|
||||
using Oqtane.Models;
|
||||
using Oqtane.Modules;
|
||||
using Oqtane.Shared;
|
||||
@ -67,7 +68,7 @@ namespace Oqtane.Repository
|
||||
}
|
||||
if (module != null)
|
||||
{
|
||||
module.Permissions = _permissions.GetPermissionString(EntityNames.Module, module.ModuleId);
|
||||
module.Permissions = _permissions.GetPermissions(module.SiteId, EntityNames.Module, module.ModuleId)?.EncodePermissions();
|
||||
}
|
||||
return module;
|
||||
}
|
||||
|
||||
@ -89,7 +89,7 @@ namespace Oqtane.Repository
|
||||
}
|
||||
if (pagemodule != null)
|
||||
{
|
||||
pagemodule.Module.Permissions = _permissions.GetPermissionString(EntityNames.Module, pagemodule.ModuleId);
|
||||
pagemodule.Module.Permissions = _permissions.GetPermissions(pagemodule.Module.SiteId, EntityNames.Module, pagemodule.ModuleId)?.EncodePermissions();
|
||||
}
|
||||
return pagemodule;
|
||||
}
|
||||
@ -100,7 +100,7 @@ namespace Oqtane.Repository
|
||||
.SingleOrDefault(item => item.PageId == pageId && item.ModuleId == moduleId);
|
||||
if (pagemodule != null)
|
||||
{
|
||||
pagemodule.Module.Permissions = _permissions.GetPermissionString(EntityNames.Module, pagemodule.ModuleId);
|
||||
pagemodule.Module.Permissions = _permissions.GetPermissions(pagemodule.Module.SiteId, EntityNames.Module, pagemodule.ModuleId)?.EncodePermissions();
|
||||
}
|
||||
return pagemodule;
|
||||
}
|
||||
|
||||
@ -66,7 +66,7 @@ namespace Oqtane.Repository
|
||||
}
|
||||
if (page != null)
|
||||
{
|
||||
page.Permissions = _permissions.GetPermissionString(EntityNames.Page, page.PageId);
|
||||
page.Permissions = _permissions.GetPermissions(page.SiteId, EntityNames.Page, page.PageId)?.EncodePermissions();
|
||||
}
|
||||
return page;
|
||||
}
|
||||
@ -81,7 +81,7 @@ namespace Oqtane.Repository
|
||||
{
|
||||
page = personalized;
|
||||
}
|
||||
page.Permissions = _permissions.GetPermissionString(EntityNames.Page, page.PageId);
|
||||
page.Permissions = _permissions.GetPermissions(page.SiteId, EntityNames.Page, page.PageId)?.EncodePermissions();
|
||||
}
|
||||
return page;
|
||||
}
|
||||
@ -91,7 +91,7 @@ namespace Oqtane.Repository
|
||||
Page page = _db.Page.FirstOrDefault(item => item.Path == path && item.SiteId == siteId);
|
||||
if (page != null)
|
||||
{
|
||||
page.Permissions = _permissions.GetPermissionString(EntityNames.Page, page.PageId);
|
||||
page.Permissions = _permissions.GetPermissions(page.SiteId, EntityNames.Page, page.PageId)?.EncodePermissions();
|
||||
}
|
||||
return page;
|
||||
}
|
||||
|
||||
@ -4,7 +4,6 @@ using System.Linq;
|
||||
using System.Text;
|
||||
using System.Text.Json;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Oqtane.Extensions;
|
||||
using Oqtane.Models;
|
||||
using Microsoft.Extensions.Caching.Memory;
|
||||
using Oqtane.Infrastructure;
|
||||
@ -29,58 +28,44 @@ namespace Oqtane.Repository
|
||||
public IEnumerable<Permission> GetPermissions(int siteId, string entityName)
|
||||
{
|
||||
var alias = _siteState?.Alias;
|
||||
if (alias != null && alias.SiteId != -1)
|
||||
if (alias != null)
|
||||
{
|
||||
return _cache.GetOrCreate($"permissions:{alias.SiteKey}:{entityName}", entry =>
|
||||
return _cache.GetOrCreate($"permissions:{alias.TenantId}:{siteId}:{entityName}", entry =>
|
||||
{
|
||||
entry.SlidingExpiration = TimeSpan.FromMinutes(30);
|
||||
return _db.Permission.Where(item => item.SiteId == alias.SiteId)
|
||||
return _db.Permission.Where(item => item.SiteId == siteId)
|
||||
.Where(item => item.EntityName == entityName)
|
||||
.Include(item => item.Role).ToList(); // eager load roles
|
||||
});
|
||||
}
|
||||
else
|
||||
{
|
||||
return _db.Permission.Where(item => item.SiteId == siteId || siteId == -1)
|
||||
.Where(item => item.EntityName == entityName)
|
||||
.Include(item => item.Role).ToList(); // eager load roles
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public IEnumerable<Permission> GetPermissions(string entityName, int entityId)
|
||||
public IEnumerable<Permission> GetPermissions(int siteId, string entityName, string permissionName)
|
||||
{
|
||||
var permissions = GetPermissions(-1, entityName);
|
||||
var permissions = GetPermissions(siteId, entityName);
|
||||
return permissions.Where(item => item.PermissionName == permissionName);
|
||||
}
|
||||
|
||||
public IEnumerable<Permission> GetPermissions(int siteId, string entityName, int entityId)
|
||||
{
|
||||
var permissions = GetPermissions(siteId, entityName);
|
||||
return permissions.Where(item => item.EntityId == entityId);
|
||||
}
|
||||
|
||||
public IEnumerable<Permission> GetPermissions(string entityName, int entityId, string permissionName)
|
||||
public IEnumerable<Permission> GetPermissions(int siteId, string entityName, int entityId, string permissionName)
|
||||
{
|
||||
var permissions = GetPermissions(-1, entityName);
|
||||
var permissions = GetPermissions(siteId, entityName);
|
||||
return permissions.Where(item => item.EntityId == entityId)
|
||||
.Where(item => item.PermissionName == permissionName);
|
||||
}
|
||||
|
||||
public string GetPermissionString(int siteId, string entityName)
|
||||
{
|
||||
return GetPermissions(siteId, entityName)?.EncodePermissions();
|
||||
}
|
||||
|
||||
public string GetPermissionString(string entityName, int entityId)
|
||||
{
|
||||
return GetPermissions(entityName, entityId)?.EncodePermissions();
|
||||
}
|
||||
|
||||
public string GetPermissionString(string entityName, int entityId, string permissionName)
|
||||
{
|
||||
return GetPermissions(entityName, entityId, permissionName)?.EncodePermissions();
|
||||
}
|
||||
|
||||
|
||||
public Permission AddPermission(Permission permission)
|
||||
{
|
||||
_db.Permission.Add(permission);
|
||||
_db.SaveChanges();
|
||||
ClearCache(permission.EntityName);
|
||||
ClearCache(permission.SiteId, permission.EntityName);
|
||||
return permission;
|
||||
}
|
||||
|
||||
@ -88,7 +73,7 @@ namespace Oqtane.Repository
|
||||
{
|
||||
_db.Entry(permission).State = EntityState.Modified;
|
||||
_db.SaveChanges();
|
||||
ClearCache(permission.EntityName);
|
||||
ClearCache(permission.SiteId, permission.EntityName);
|
||||
return permission;
|
||||
}
|
||||
|
||||
@ -110,7 +95,7 @@ namespace Oqtane.Repository
|
||||
_db.Permission.Add(permission);
|
||||
}
|
||||
_db.SaveChanges();
|
||||
ClearCache(entityName);
|
||||
ClearCache(siteId, entityName);
|
||||
}
|
||||
|
||||
public Permission GetPermission(int permissionId)
|
||||
@ -123,7 +108,7 @@ namespace Oqtane.Repository
|
||||
Permission permission = _db.Permission.Find(permissionId);
|
||||
_db.Permission.Remove(permission);
|
||||
_db.SaveChanges();
|
||||
ClearCache(permission.EntityName);
|
||||
ClearCache(permission.SiteId, permission.EntityName);
|
||||
}
|
||||
|
||||
public void DeletePermissions(int siteId, string entityName, int entityId)
|
||||
@ -137,15 +122,15 @@ namespace Oqtane.Repository
|
||||
_db.Permission.Remove(permission);
|
||||
}
|
||||
_db.SaveChanges();
|
||||
ClearCache(entityName);
|
||||
ClearCache(siteId, entityName);
|
||||
}
|
||||
|
||||
private void ClearCache(string entityName)
|
||||
private void ClearCache(int siteId, string entityName)
|
||||
{
|
||||
var alias = _siteState?.Alias;
|
||||
if (alias != null && alias.SiteId != -1)
|
||||
if (alias != null)
|
||||
{
|
||||
_cache.Remove($"permissions:{alias.SiteKey}:{entityName}");
|
||||
_cache.Remove($"permissions:{alias.TenantId}:{siteId}:{entityName}");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
using System;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
@ -53,7 +53,7 @@ namespace Oqtane.Repository
|
||||
|
||||
public Tenant GetTenant(int tenantId)
|
||||
{
|
||||
return _db.Tenant.Find(tenantId);
|
||||
return GetTenants().FirstOrDefault(item => item.TenantId == tenantId);
|
||||
}
|
||||
|
||||
public void DeleteTenant(int tenantId)
|
||||
|
||||
Reference in New Issue
Block a user