Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Permission grid control, refactor permission string serialization

Browse Source
This commit is contained in:
Shaun Walker
2019-08-30 10:05:13 -04:00
parent 3ce7f1a227
commit 88a08c8863
27 changed files with 460 additions and 216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
Oqtane.Client/Modules/Admin/ModuleSettings/Index.razor
View File

@ -11,59 +11,51 @@
@inject IModuleService ModuleService
@inject IPageModuleService PageModuleService
<table class="form-group">
<tr>
<td>
<label for="Title" class="control-label">Title: </label>
</td>
<td>
<input type="text" name="Title" class="form-control" @bind="@title" />
</td>
</tr>
<tr>
<td>
<label for="Container" class="control-label">Container: </label>
</td>
<td>
<select class="form-control" @bind="@containertype">
<option value="">&lt;Select Container&gt;</option>
@foreach (KeyValuePair<string, string> container in containers)
{
<option value="@container.Key">@container.Value</option>
}
</select>
</td>
</tr>
<tr>
<td>
<label for="ViewPermissions" class="control-label">View Permissions: </label>
</td>
<td>
<input type="text" name="ViewPermissions" class="form-control" @bind="@viewpermissions" />
</td>
</tr>
<tr>
<td>
<label for="EditPermissions" class="control-label">Edit Permissions: </label>
</td>
<td>
<input type="text" name="EditPermissions" class="form-control" @bind="@editpermissions" />
</td>
</tr>
<tr>
<td>
<label for="Page" class="control-label">Page: </label>
</td>
<td>
<select class="form-control" @bind="@pageid">
@foreach (Page p in PageState.Pages)
{
<option value="@p.PageId">@p.Name</option>
}
</select>
</td>
</tr>
</table>
<table class="form-group">
<tr>
<td>
<label for="Title" class="control-label">Title: </label>
</td>
<td>
<input type="text" name="Title" class="form-control" @bind="@title" />
</td>
</tr>
<tr>
<td>
<label for="Container" class="control-label">Container: </label>
</td>
<td>
<select class="form-control" @bind="@containertype">
<option value="">&lt;Select Container&gt;</option>
@foreach (KeyValuePair<string, string> container in containers)
{
<option value="@container.Key">@container.Value</option>
}
</select>
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Permissions: </label>
</td>
<td>
<PermissionGrid EntityName="Module" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
</td>
</tr>
<tr>
<td>
<label for="Page" class="control-label">Page: </label>
</td>
<td>
<select class="form-control" @bind="@pageid">
@foreach (Page p in PageState.Pages)
{
<option value="@p.PageId">@p.Name</option>
}
</select>
</td>
</tr>
</table>
@DynamicComponent
@ -78,10 +70,11 @@
Dictionary<string, string> containers = new Dictionary<string, string>();
string title;
string containertype;
string viewpermissions;
string editpermissions;
string permissions;
string pageid;
PermissionGrid permissiongrid;
RenderFragment DynamicComponent { get; set; }
object settings;
@ -90,8 +83,7 @@
title = ModuleState.Title;
containers = ThemeService.GetContainerTypes(await ThemeService.GetThemesAsync());
containertype = ModuleState.ContainerType;
viewpermissions = UserSecurity.GetPermissions("View", ModuleState.Permissions);
editpermissions = UserSecurity.GetPermissions("Edit", ModuleState.Permissions);
permissions = ModuleState.Permissions;
pageid = ModuleState.PageId.ToString();
DynamicComponent = builder =>
@ -109,7 +101,7 @@
private async Task SaveModule()
{
Module module = ModuleState;
module.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
module.Permissions = permissiongrid.GetPermissions();
await ModuleService.UpdateModuleAsync(module);
PageModule pagemodule = await PageModuleService.GetPageModuleAsync(ModuleState.PageModuleId);

24
Oqtane.Client/Modules/Admin/Pages/Add.razor
View File

@ -99,18 +99,10 @@
</tr>
<tr>
<td>
<label for="Name" class="control-label">View Permissions: </label>
<label for="Name" class="control-label">Permissions: </label>
</td>
<td>
<input class="form-control" @bind="@viewpermissions" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Edit Permissions: </label>
</td>
<td>
<input class="form-control" @bind="@editpermissions" />
<PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
</td>
</tr>
</table>
@ -133,8 +125,9 @@
string themetype;
string layouttype = "";
string icon = "";
string viewpermissions = "All Users";
string editpermissions = "Administrators";
string permissions = ""; // need to set default permissions
PermissionGrid permissiongrid;
protected override void OnInitialized()
{
@ -142,6 +135,11 @@
{
themes = ThemeService.GetThemeTypes(PageState.Themes);
panelayouts = ThemeService.GetPaneLayoutTypes(PageState.Themes);
List<PermissionString> permissionstrings = new List<PermissionString>();
permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AdminRole });
permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
permissions = UserSecurity.SetPermissionStrings(permissionstrings);
}
catch (Exception ex)
{
@ -181,7 +179,7 @@
}
System.Reflection.PropertyInfo property = type.GetProperty("Panes");
page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
page.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
page.Permissions = permissiongrid.GetPermissions();
await PageService.AddPageAsync(page);
PageState.Reload = Constants.ReloadSite;

20
Oqtane.Client/Modules/Admin/Pages/Delete.razor
View File

@ -100,18 +100,10 @@
</tr>
<tr>
<td>
<label for="Name" class="control-label">View Permissions: </label>
<label for="Name" class="control-label">Permissions: </label>
</td>
<td>
<input class="form-control" @bind="@viewpermissions" readonly />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Edit Permissions: </label>
</td>
<td>
<input class="form-control" @bind="@editpermissions" readonly />
<PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
</td>
</tr>
</table>
@ -138,13 +130,14 @@
string themetype;
string layouttype;
string icon;
string viewpermissions;
string editpermissions;
string permissions;
string createdby;
DateTime createdon;
string modifiedby;
DateTime modifiedon;
PermissionGrid permissiongrid;
protected override void OnInitialized()
{
try
@ -164,8 +157,7 @@
themetype = page.ThemeType;
layouttype = page.LayoutType;
icon = page.Icon;
viewpermissions = UserSecurity.GetPermissions("View", page.Permissions);
editpermissions = UserSecurity.GetPermissions("Edit", page.Permissions);
permissions = page.Permissions;
createdby = page.CreatedBy;
createdon = page.CreatedOn;
modifiedby = page.ModifiedBy;

22
Oqtane.Client/Modules/Admin/Pages/Edit.razor
View File

@ -100,18 +100,10 @@
</tr>
<tr>
<td>
<label for="Name" class="control-label">View Permissions: </label>
<label for="Name" class="control-label">Permissions: </label>
</td>
<td>
<input class="form-control" @bind="@viewpermissions" />
</td>
</tr>
<tr>
<td>
<label for="Name" class="control-label">Edit Permissions: </label>
</td>
<td>
<input class="form-control" @bind="@editpermissions" />
<PermissionGrid EntityName="Page" Permissions="@permissions" @ref="permissiongrid" @ref:suppressField />
</td>
</tr>
</table>
@ -138,13 +130,14 @@
string themetype;
string layouttype;
string icon;
string viewpermissions;
string editpermissions;
string permissions;
string createdby;
DateTime createdon;
string modifiedby;
DateTime modifiedon;
PermissionGrid permissiongrid;
protected override void OnInitialized()
{
try
@ -171,8 +164,7 @@
themetype = page.ThemeType;
layouttype = page.LayoutType;
icon = page.Icon;
viewpermissions = UserSecurity.GetPermissions("View", page.Permissions);
editpermissions = UserSecurity.GetPermissions("Edit", page.Permissions);
permissions = page.Permissions;
createdby = page.CreatedBy;
createdon = page.CreatedOn;
modifiedby = page.ModifiedBy;
@ -217,7 +209,7 @@
}
System.Reflection.PropertyInfo property = type.GetProperty("Panes");
page.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
page.Permissions = UserSecurity.SetPermissions("View", viewpermissions) + UserSecurity.SetPermissions("Edit", editpermissions);
page.Permissions = permissiongrid.GetPermissions();
await PageService.UpdatePageAsync(page);
PageState.Reload = Constants.ReloadSite;

9
Oqtane.Client/Modules/Admin/Sites/Add.razor
View File

@ -98,13 +98,18 @@ else
p.Path = "";
p.Order = 1;
p.IsNavigation = true;
p.ThemeType = "Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client";
p.ThemeType = "Oqtane.Client.Themes.Theme1.Theme1, Oqtane.Client"; // TODO: should not hardcode
p.LayoutType = "";
p.Icon = "";
Type type = Type.GetType(p.ThemeType);
System.Reflection.PropertyInfo property = type.GetProperty("Panes");
p.Panes = (string)property.GetValue(Activator.CreateInstance(type), null);
p.Permissions = UserSecurity.SetPermissions("View", Constants.AllUsersRole) + UserSecurity.SetPermissions("Edit", Constants.AdminRole);
List<PermissionString> permissionstrings = new List<PermissionString>();
permissionstrings.Add(new PermissionString { PermissionName = "View", Permissions = Constants.AllUsersRole });
permissionstrings.Add(new PermissionString { PermissionName = "Edit", Permissions = Constants.AdminRole });
p.Permissions = UserSecurity.SetPermissionStrings(permissionstrings);
await PageService.AddPageAsync(p);
UriHelper.NavigateTo(url, true);

4
Oqtane.Client/Modules/Controls/ActionLink.razor
View File

@ -77,10 +77,10 @@
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
break;
case SecurityAccessLevel.Host:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.HostRole);
break;
}
}

196
Oqtane.Client/Modules/Controls/PermissionGrid.razor Normal file
View File

@ -0,0 +1,196 @@
@using Oqtane.Services
@using Oqtane.Modules
@using Oqtane.Models
@using Oqtane.Security
@using Oqtane.Shared
@inherits ModuleBase
@inject IRoleService RoleService
@inject IUserService UserService
@if (roles != null)
{
<br />
<div class="container">
<div class="form-group">
<table class="table">
<tbody>
<tr>
<th>Role</th>
@foreach (PermissionString permission in permissions)
{
<th>@permission.PermissionName @EntityName</th>
}
</tr>
@foreach (Role role in roles)
{
<tr>
<td>@role.Name</td>
@foreach (PermissionString permission in permissions)
{
var p = permission;
<td align="center"><input type="checkbox" class="form-check-input" checked=@GetPermissionValue(p.Permissions, role.Name) disabled=@GetPermissionDisabled(role.Name) @onchange="@(e => PermissionChanged(e, p.PermissionName, role.Name))" /></td>
}
</tr>
}
</tbody>
</table>
</div>
@if (@users.Count != 0)
{
<div class="form-group">
<table class="table">
<thead>
<tr>
<th>User</th>
@foreach (PermissionString permission in permissions)
{
<th>@permission.PermissionName @EntityName</th>
}
</tr>
</thead>
<tbody>
@foreach (User user in users)
{
<tr>
<td>@user.DisplayName</td>
@foreach (PermissionString permission in permissions)
{
var p = permission;
<td align="center"><input type="checkbox" class="form-check-input" checked=@GetPermissionValue(p.Permissions, "[" + user.UserId.ToString() + "]") @onchange="@(e => PermissionChanged(e, p.PermissionName, "[" + user.UserId.ToString() + "]"))" /></td>
}
</tr>
}
</tbody>
</table>
</div>
}
<div style="white-space:nowrap;">
<label for="Username" class="control-label" style="display:inline-block;">User: </label>
<input type="text" name="Username" class="form-control" style="display:inline-block; width: auto !important;" placeholder="Enter Username" @bind="@username" />
<button type="button" class="btn btn-primary" style="display:inline-block;" @onclick="@AddUser">Add</button>
</div>
<br />
<ModuleMessage Type="MessageType.Error" Message="@message" />
</div>
}
@code {
[Parameter]
public string EntityName { get; set; }
[Parameter]
public string Permissions { get; set; }
[Parameter]
public string PermissionNames { get; set; } // optional - can be used to specify permissions order or add custom permissions
List<Role> roles;
List<PermissionString> permissions = new List<PermissionString>();
List<User> users = new List<User>();
string username = "";
string message = "";
protected override async Task OnInitializedAsync()
{
if (string.IsNullOrEmpty(PermissionNames))
{
PermissionNames = "View,Edit";
}
roles = await RoleService.GetRolesAsync(ModuleState.SiteId);
roles.Insert(0, new Role { Name = Constants.AllUsersRole });
foreach (string permissionname in PermissionNames.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries))
{
permissions.Add(new PermissionString { PermissionName = permissionname, Permissions = "" });
}
foreach (PermissionString permissionstring in UserSecurity.GetPermissionStrings(Permissions))
{
if (permissions.Find(item => item.PermissionName == permissionstring.PermissionName) != null)
{
permissions[permissions.FindIndex(item => item.PermissionName == permissionstring.PermissionName)].Permissions = permissionstring.Permissions;
}
if (permissionstring.Permissions.Contains("["))
{
foreach (string user in permissionstring.Permissions.Split(new char[] { '[' }, StringSplitOptions.RemoveEmptyEntries))
{
if (user.Contains("]"))
{
int userid = int.Parse(user.Substring(0, user.IndexOf("]")));
if (users.Where(item => item.UserId == userid).FirstOrDefault() == null)
{
users.Add(await UserService.GetUserAsync(userid, ModuleState.SiteId));
}
}
}
}
}
}
private bool GetPermissionValue(string Permissions, string SecurityKey)
{
if ((";" + Permissions + ";").Contains(";" + SecurityKey + ";"))
{
return true;
}
else
{
return false;
}
}
private bool GetPermissionDisabled(string RoleName)
{
if (RoleName == Constants.AdminRole)
{
return true;
}
else
{
return false;
}
}
private async Task AddUser()
{
if (users.Where(item => item.Username == username).FirstOrDefault() == null)
{
try
{
User user = await UserService.GetUserAsync(username, ModuleState.SiteId);
if (user != null)
{
users.Add(user);
}
}
catch
{
message = "Username Does Not Exist";
}
}
username = "";
}
private void PermissionChanged(UIChangeEventArgs e, string PermissionName, string SecurityId)
{
bool selected = (bool)e.Value;
PermissionString permission = permissions.Find(item => item.PermissionName == PermissionName);
if (permission != null)
{
List<string> ids = permission.Permissions.Split(';').ToList();
if (selected)
{
ids.Add(SecurityId);
}
else
{
ids.Remove(SecurityId);
}
permissions[permissions.FindIndex(item => item.PermissionName == PermissionName)].Permissions = string.Join(";", ids.ToArray());
}
}
public string GetPermissions()
{
return UserSecurity.SetPermissionStrings(permissions);
}
}

4
Oqtane.Client/Shared/Pane.razor
View File

@ -67,10 +67,10 @@
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", module.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.AdminRole);
break;
case SecurityAccessLevel.Host:
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
authorized = UserSecurity.IsAuthorized(PageState.User, Constants.HostRole);
break;
}
if (authorized)