@namespace Oqtane.Modules.Controls @using System.Text.Json @inherits ModuleControlBase @inject IRoleService RoleService @inject IUserService UserService @inject IUserRoleService UserRoleService @inject IStringLocalizer Localizer @inject IStringLocalizer SharedLocalizer @if (_permissions != null) {

@foreach (var permissionname in _permissionnames) { } @foreach (Role role in _roles) { @foreach (var permissionname in _permissionnames) { } }

@Localizer["Role"]	@((MarkupString)DisplayPermissionName(permissionname).Replace(" ", " "))
@role.Name

@if (_users.Count != 0) {

@foreach (var permissionname in _permissionnames) { } @foreach (User user in _users) { @foreach (var permissionname in _permissionnames) { } }

@Localizer["User"]	@((MarkupString)DisplayPermissionName(permissionname).Replace(" ", " "))
@user.DisplayName

}

} @code { private List _permissionnames; private List _permissions; private List _roles; private List _users = new List(); private AutoComplete _user; private string _message = string.Empty; [Parameter] public string EntityName { get; set; } [Parameter] public string PermissionNames { get; set; } [Parameter] public string Permissions { get; set; } // deprecated - use PermissionList instead [Parameter] public List PermissionList { get; set; } protected override async Task OnInitializedAsync() { if (!string.IsNullOrEmpty(Permissions)) { PermissionList = JsonSerializer.Deserialize>(Permissions); } _roles = await RoleService.GetRolesAsync(ModuleState.SiteId, true); if (!UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { _roles.RemoveAll(item => item.Name == RoleNames.Host); } // get permission names if (string.IsNullOrEmpty(PermissionNames)) { _permissionnames = new List(); _permissionnames.Add(Shared.PermissionNames.View); _permissionnames.Add(Shared.PermissionNames.Edit); } else { _permissionnames = PermissionNames.Split(',', StringSplitOptions.RemoveEmptyEntries).ToList(); } // initialize permissions _permissions = new List(); if (PermissionList != null && PermissionList.Any()) { foreach (var permission in PermissionList) { _permissions.Add(permission); if (permission.UserId != null) { if (!_users.Any(item => item.UserId == permission.UserId.Value)) { _users.Add(await UserService.GetUserAsync(permission.UserId.Value, ModuleState.SiteId)); } } } } else { foreach (string permissionname in _permissionnames) { // permission names can be in the form of "EntityName:PermissionName:Roles" if (permissionname.Contains(":")) { var segments = permissionname.Split(':'); if (segments.Length == 3) { foreach (var role in segments[2].Split(';')) { _permissions.Add(new Permission(ModuleState.SiteId, segments[0], segments[1], role, null, true)); } // ensure admin access if (!_permissions.Any(item => item.EntityName == segments[0] && item.PermissionName == segments[1] && item.RoleName == RoleNames.Admin)) { _permissions.Add(new Permission(ModuleState.SiteId, segments[0], segments[1], RoleNames.Admin, null, true)); } } } else { _permissions.Add(new Permission(ModuleState.SiteId, EntityName, permissionname, RoleNames.Admin, null, true)); } } } } private string GetPermissionName(string permissionName) { return (permissionName.Contains(":")) ? permissionName.Split(':')[1] : permissionName; } private string GetEntityName(string permissionName) { return (permissionName.Contains(":")) ? permissionName.Split(':')[0] : EntityName; } private string DisplayPermissionName(string permissionName) { var name = Localizer[GetPermissionName(permissionName)].ToString(); name += " " + Localizer[GetEntityName(permissionName)].ToString(); return name; } private bool? GetPermissionValue(string permissionName, string roleName, int userId) { bool? isauthorized = null; if (roleName != "") { var permission = _permissions.FirstOrDefault(item => item.EntityName == GetEntityName(permissionName) && item.PermissionName == GetPermissionName(permissionName) && item.RoleName == roleName); if (permission != null) { isauthorized = permission.IsAuthorized; } } else { var permission = _permissions.FirstOrDefault(item => item.EntityName == GetEntityName(permissionName) && item.PermissionName == GetPermissionName(permissionName) && item.UserId == userId); if (permission != null) { isauthorized = permission.IsAuthorized; } } return isauthorized; } private bool GetPermissionDisabled(string permissionName, string roleName) { if (roleName == RoleNames.Admin && !UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { return true; } else { if (GetEntityName(permissionName) != EntityName && !UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin)) { return true; } else { return false; } } } private void PermissionChanged(bool? value, string permissionName, string roleName, int userId) { if (roleName != "") { var permission = _permissions.FirstOrDefault(item => item.EntityName == GetEntityName(permissionName) && item.PermissionName == GetPermissionName(permissionName) && item.RoleName == roleName); if (permission != null) { _permissions.Remove(permission); } if (value != null) { _permissions.Add(new Permission(ModuleState.SiteId, GetEntityName(permissionName), GetPermissionName(permissionName), roleName, null, value.Value)); } } else { var permission = _permissions.FirstOrDefault(item => item.EntityName == GetEntityName(permissionName) && item.PermissionName == GetPermissionName(permissionName) && item.UserId == userId); if (permission != null) { _permissions.Remove(permission); } if (value != null) { _permissions.Add(new Permission(ModuleState.SiteId, GetEntityName(permissionName), GetPermissionName(permissionName), null, userId, value.Value)); } } } private async Task> GetUsers(string filter) { var users = await UserRoleService.GetUserRolesAsync(PageState.Site.SiteId, RoleNames.Registered); return users.Where(item => item.User.DisplayName.Contains(filter, StringComparison.OrdinalIgnoreCase)) .ToDictionary(item => item.UserId.ToString(), item => item.User.DisplayName); } private async Task AddUser() { if (!string.IsNullOrEmpty(_user.Key)) { var user = await UserService.GetUserAsync(int.Parse(_user.Key), ModuleState.SiteId); if (user != null && !_users.Any(item => item.UserId == user.UserId)) { _users.Add(user); } } else { _message = Localizer["Message.Username.DontExist"]; } _user.Clear(); } public string GetPermissions() { ValidatePermissions(); return JsonSerializer.Serialize(_permissions); } public List GetPermissionList() { ValidatePermissions(); return _permissions; } private void ValidatePermissions() { // remove deny all users, unauthenticated, and registered users var permissions = _permissions.Where(item => !item.IsAuthorized && (item.RoleName == RoleNames.Everyone || item.RoleName == RoleNames.Unauthenticated || item.RoleName == RoleNames.Registered)).ToList(); foreach (var permission in permissions) { _permissions.Remove(permission); } if (UserSecurity.IsAuthorized(PageState.User, RoleNames.Host)) { // remove deny administrators and host users permissions = _permissions.Where(item => !item.IsAuthorized && (item.RoleName == RoleNames.Admin || item.RoleName == RoleNames.Host)).ToList(); foreach (var permission in permissions) { _permissions.Remove(permission); } foreach (var permissionname in _permissionnames) { // add administrators role if neither host or administrator is assigned if (!_permissions.Any(item => item.EntityName == GetEntityName(permissionname) && item.PermissionName == GetPermissionName(permissionname) && (item.RoleName == RoleNames.Admin || item.RoleName == RoleNames.Host))) { _permissions.Add(new Permission(ModuleState.SiteId, GetEntityName(permissionname), GetPermissionName(permissionname), RoleNames.Admin, null, true)); } } } } }