Permissions & Authorization for Users #24

Initial Release; Includes Database and MVC refactoring
2013-10-10 19:13:16 +11:00
parent 172ce5524a
commit a099d68915
458 changed files with 40221 additions and 12130 deletions
@@ -5,16 +5,94 @@ using System.Text;
 using Disco.Models.BI.Job;
 using Disco.Models.Repository;
 using Disco.Data.Repository;
+using Disco.Services.Users;
+using Disco.Services.Authorization;

 namespace Disco.BI.Extensions
 {
    public static class JobTableExtensions
    {
+        private static List<string> FilterAllowedTypes(AuthorizationToken Authorization)
+        {
+            if (!Authorization.HasAll(Claims.Job.Types.ShowHMisc, Claims.Job.Types.ShowHNWar, Claims.Job.Types.ShowHWar, Claims.Job.Types.ShowSApp, Claims.Job.Types.ShowSImg, Claims.Job.Types.ShowSOS, Claims.Job.Types.ShowUMgmt))
+            {
+                // Must Filter
+                List<string> allowedTypes = new List<string>(6);
+                if (Authorization.Has(Claims.Job.Types.ShowHMisc))
+                    allowedTypes.Add(JobType.JobTypeIds.HMisc);
+                if (Authorization.Has(Claims.Job.Types.ShowHNWar))
+                    allowedTypes.Add(JobType.JobTypeIds.HNWar);
+                if (Authorization.Has(Claims.Job.Types.ShowHWar))
+                    allowedTypes.Add(JobType.JobTypeIds.HWar);
+                if (Authorization.Has(Claims.Job.Types.ShowSApp))
+                    allowedTypes.Add(JobType.JobTypeIds.SApp);
+                if (Authorization.Has(Claims.Job.Types.ShowSImg))
+                    allowedTypes.Add(JobType.JobTypeIds.SImg);
+                if (Authorization.Has(Claims.Job.Types.ShowSOS))
+                    allowedTypes.Add(JobType.JobTypeIds.SOS);
+                if (Authorization.Has(Claims.Job.Types.ShowUMgmt))
+                    allowedTypes.Add(JobType.JobTypeIds.UMgmt);

-        public static List<JobTableModel.JobTableItemModel> DetermineItems(this JobTableModel model, DiscoDataContext dbContext, IQueryable<Job> Jobs)
+                return allowedTypes;
+            }
+            return null;
+        }
+
+        public static IQueryable<Job> FilterPermissions(this JobTableModel model, IQueryable<Job> Jobs, AuthorizationToken Authorization)
+        {
+            var allowedTypes = FilterAllowedTypes(Authorization);
+
+            if (allowedTypes != null)
+            {
+                return Jobs.Where(j => allowedTypes.Contains(j.JobTypeId));
+            }
+
+            return Jobs;
+        }
+
+        public static List<JobTableModel.JobTableItemModel> PermissionsFiltered(this List<JobTableModel.JobTableItemModel> Items, AuthorizationToken Authorization)
+        {
+            if (Items != null && Items.Count > 0)
+            {
+                var allowedTypes = FilterAllowedTypes(Authorization);
+
+                if (allowedTypes != null)
+                {
+                    return Items.Where(j => allowedTypes.Contains(j.TypeId)).ToList();
+                }
+            }
+
+            return Items;
+        }
+
+        public static List<JobTableModel.JobTableItemModel> DetermineItems(this JobTableModel model, DiscoDataContext Database, IQueryable<Job> Jobs)
        {
            List<JobTableModel.JobTableItemModel> items;

+            // Permissions
+            var auth = UserService.CurrentAuthorization;
+            if (!auth.HasAll(Claims.Job.Types.ShowHMisc, Claims.Job.Types.ShowHNWar, Claims.Job.Types.ShowHWar, Claims.Job.Types.ShowSApp, Claims.Job.Types.ShowSImg, Claims.Job.Types.ShowSOS, Claims.Job.Types.ShowUMgmt))
+            {
+                // Must Filter
+                List<string> allowedTypes = new List<string>(6);
+                if (auth.Has(Claims.Job.Types.ShowHMisc))
+                    allowedTypes.Add(JobType.JobTypeIds.HMisc);
+                if (auth.Has(Claims.Job.Types.ShowHNWar))
+                    allowedTypes.Add(JobType.JobTypeIds.HNWar);
+                if (auth.Has(Claims.Job.Types.ShowHWar))
+                    allowedTypes.Add(JobType.JobTypeIds.HWar);
+                if (auth.Has(Claims.Job.Types.ShowSApp))
+                    allowedTypes.Add(JobType.JobTypeIds.SApp);
+                if (auth.Has(Claims.Job.Types.ShowSImg))
+                    allowedTypes.Add(JobType.JobTypeIds.SImg);
+                if (auth.Has(Claims.Job.Types.ShowSOS))
+                    allowedTypes.Add(JobType.JobTypeIds.SOS);
+                if (auth.Has(Claims.Job.Types.ShowUMgmt))
+                    allowedTypes.Add(JobType.JobTypeIds.UMgmt);
+
+                Jobs = Jobs.Where(j => allowedTypes.Contains(j.JobTypeId));
+            }
+
            if (model.ShowStatus)
            {

@@ -86,18 +164,18 @@ namespace Disco.BI.Extensions
            }

            if (!model.ShowDeviceAddress.HasValue)
-                model.ShowDeviceAddress = dbContext.DiscoConfiguration.MultiSiteMode;
+                model.ShowDeviceAddress = Database.DiscoConfiguration.MultiSiteMode;

            foreach (var j in items)
                if (j.DeviceAddressId.HasValue)
-                    j.DeviceAddress = dbContext.DiscoConfiguration.OrganisationAddresses.GetAddress(j.DeviceAddressId.Value).Name;
+                    j.DeviceAddress = Database.DiscoConfiguration.OrganisationAddresses.GetAddress(j.DeviceAddressId.Value).Name;

            return items;
        }

-        public static void Fill(this JobTableModel model, DiscoDataContext dbContext, IQueryable<Job> Jobs)
+        public static void Fill(this JobTableModel model, DiscoDataContext Database, IQueryable<Job> Jobs)
        {
-            model.Items = model.DetermineItems(dbContext, Jobs);
+            model.Items = model.DetermineItems(Database, Jobs);
        }
    }
 }