-
Notifications
You must be signed in to change notification settings - Fork 79
Expand file tree
/
Copy pathActionsController.cs
More file actions
83 lines (75 loc) · 3.81 KB
/
ActionsController.cs
File metadata and controls
83 lines (75 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
using DevExpress.Data.Filtering;
using DevExpress.ExpressApp;
using DevExpress.ExpressApp.DC;
using DevExpress.ExpressApp.Security;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.OData.Formatter;
using Microsoft.AspNetCore.OData.Routing.Controllers;
namespace DevExtreme.OData.Controllers {
[Authorize]
[ValidateAntiForgeryToken]
public class ActionsController : ODataController {
readonly IObjectSpaceFactory objectSpaceFactory;
readonly SecurityStrategy security;
readonly ITypesInfo typesInfo;
public ActionsController(ISecurityProvider securityProvider, IObjectSpaceFactory objectSpaceFactory, ITypesInfo typesInfo) {
this.typesInfo = typesInfo;
this.objectSpaceFactory = objectSpaceFactory;
this.security = (SecurityStrategy)securityProvider.GetSecurity();
}
[HttpPost("/GetPermissions")]
public ActionResult GetPermissions(ODataActionParameters parameters) {
if(parameters.ContainsKey("keys") && parameters.ContainsKey("typeName")) {
string typeName = parameters["typeName"].ToString();
ITypeInfo typeInfo = typesInfo.PersistentTypes.FirstOrDefault(t => t.Name == typeName);
if(typeInfo != null) {
Type type = typeInfo.Type;
using IObjectSpace objectSpace = objectSpaceFactory.CreateObjectSpace(type);
IEnumerable<Guid> keys = ((IEnumerable<string>)parameters["keys"]).Select(k => Guid.Parse(k));
IEnumerable<ObjectPermission> objectPermissions = objectSpace
.GetObjects(type, new InOperator(typeInfo.KeyMember.Name, keys))
.Cast<object>()
.Select(entity => CreateObjectPermission(typeInfo, entity, objectSpace))
.ToList();
return Ok(objectPermissions);
}
}
return NoContent();
}
[HttpGet("/GetTypePermissions")]
public ActionResult GetTypePermissions(string typeName) {
ITypeInfo typeInfo = typesInfo.PersistentTypes.FirstOrDefault(t => t.Name == typeName);
if(typeInfo != null) {
Type type = typeInfo.Type;
using IObjectSpace objectSpace = objectSpaceFactory.CreateObjectSpace(type);
var result = new TypePermission {
Key = type.Name,
Create = security.CanCreate(type, objectSpace)
};
foreach(IMemberInfo member in GetPersistentMembers(typeInfo)) {
result.Data.Add(member.Name, security.CanWrite(type, objectSpace, member.Name));
}
return Ok(result);
}
return NoContent();
}
private ObjectPermission CreateObjectPermission(ITypeInfo typeInfo, object entity, IObjectSpace objectSpace) {
var objectPermission = new ObjectPermission {
Key = typeInfo.KeyMember.GetValue(entity).ToString(),
Write = security.CanWrite(objectSpace, entity),
Delete = security.CanDelete(objectSpace, entity)
};
foreach(IMemberInfo member in GetPersistentMembers(typeInfo)) {
objectPermission.Data.Add(member.Name, new MemberPermission {
Read = security.CanRead(objectSpace, entity, member.Name),
Write = security.CanWrite(objectSpace, entity, member.Name)
});
}
return objectPermission;
}
private static IEnumerable<IMemberInfo> GetPersistentMembers(ITypeInfo typeInfo) {
return typeInfo.Members.Where(p => p.IsVisible && p.IsProperty && (p.IsPersistent || p.IsList));
}
}
}