catalyx/PSTW_CentralizeSystem
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update RBAC

Browse Source
This commit is contained in:
MOHD ARIFF 2025-03-14 11:02:45 +08:00
parent e5e1414826
commit 61f053175f
3 changed files with 178 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
CustomPolicy/RoleModulePolicy.cs
View File

@ -5,6 +5,8 @@ using PSTW_CentralSystem.Models;
using Newtonsoft.Json;
using System.Text.Json;
using System.Data;
using Microsoft.EntityFrameworkCore;
using System.Reflection;
namespace PSTW_CentralSystem.CustomPolicy
{
@ -32,7 +34,7 @@ namespace PSTW_CentralSystem.CustomPolicy
var userRole = await _userManager.GetRolesAsync(currentUser ?? new UserModel());
var moduleName = _httpContextAccessor.HttpContext?.GetRouteData().Values["controller"]?.ToString();
var pageName = _httpContextAccessor.HttpContext?.GetRouteData().Values["action"]?.ToString();
var registeredModule = _authDBContext.ModuleSettings.FirstOrDefault(x => x.ModuleName == moduleName);
var registeredModule = await _authDBContext.ModuleSettings.Where(x => x.ModuleName == moduleName).ToListAsync();
if (checkIfSuperAdmin())
{
@ -83,16 +85,22 @@ namespace PSTW_CentralSystem.CustomPolicy
void checkModuleActiveOrNot()
{
if (registeredModule.ModuleStatus == 0)
foreach (var module in registeredModule)
{
if (module.ModuleStatus == 0)
{
context.Fail();
return;
}
}
}
void checkModuleHaveRoleOrNot()
{
var allowedUserTypes = registeredModule?.AllowedUserType ?? "";
bool isModuleHaveRole = false;
foreach (var module in registeredModule)
{
var allowedUserTypes = module?.AllowedUserType ?? "";
if (allowedUserTypes == "Public" || userRole.Any(role => allowedUserTypes.Contains(role)))
{
context.Succeed(requirement);
@ -100,13 +108,23 @@ namespace PSTW_CentralSystem.CustomPolicy
}
else if (currentUser != null && allowedUserTypes == "Registered User")
{
checkMethodAndRole();
isModuleHaveRole = true;
}
else
{
isModuleHaveRole = false;
}
}
if (!isModuleHaveRole)
{
context.Fail();
return;
}
else
{
checkMethodAndRole();
}
}
void checkMethodAndRole()

146
CustomPolicy/RoleModulePolicy_Backup.cs Normal file
View File

@ -0,0 +1,146 @@
//using Microsoft.AspNetCore.Authorization;
//using Microsoft.AspNetCore.Identity;
//using PSTW_CentralSystem.DBContext;
//using PSTW_CentralSystem.Models;
//using Newtonsoft.Json;
//using System.Text.Json;
//using System.Data;
//namespace PSTW_CentralSystem.CustomPolicy
//{
// public class RoleModulePolicy : IAuthorizationRequirement
// {
// }
// public class RoleModuleHandler : AuthorizationHandler<RoleModulePolicy>
// {
// private readonly CentralSystemContext _authDBContext;
// private readonly UserManager<UserModel> _userManager;
// private readonly RoleManager<RoleModel> _roleManager;
// private readonly IHttpContextAccessor _httpContextAccessor;
// public RoleModuleHandler( CentralSystemContext authDBContext, UserManager<UserModel> userManager, RoleManager<RoleModel> roleManager, IHttpContextAccessor httpContextAccessor)
// {
// _authDBContext = authDBContext;
// _userManager = userManager;
// _roleManager = roleManager;
// _httpContextAccessor = httpContextAccessor;
// }
// protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleModulePolicy requirement)
// {
// // Get the current user
// var currentUser = await _userManager.GetUserAsync(context.User);
// var userRole = await _userManager.GetRolesAsync(currentUser ?? new UserModel());
// var moduleName = _httpContextAccessor.HttpContext?.GetRouteData().Values["controller"]?.ToString();
// var pageName = _httpContextAccessor.HttpContext?.GetRouteData().Values["action"]?.ToString();
// var registeredModule = _authDBContext.ModuleSettings.FirstOrDefault(x => x.ModuleName == moduleName);
// if (checkIfSuperAdmin())
// {
// context.Succeed(requirement);
// return;
// }
// else {
// checkModuleExistOrNot();
// checkModuleHaveRoleOrNot();
// }
// bool checkIfSuperAdmin()
// {
// var superAdminRole = _authDBContext.Roles.Where(r => r.Name == "SuperAdmin").FirstOrDefault();
// var sysAdminRole = _authDBContext.Roles.Where(r => r.Name == "SystemAdmin").FirstOrDefault();
// if (userRole.ToString() != null && userRole.Contains("SuperAdmin") && superAdminRole?.Id == 1)
// {
// return true;
// }
// else if (userRole.ToString() != null && userRole.Contains("SystemAdmin") && sysAdminRole?.Id == 2)
// {
// return true;
// }
// else
// {
// return false;
// }
// }
// void checkModuleExistOrNot()
// {
// if ( moduleName == "Admin")
// {
// context.Fail();
// return;
// }
// else if (registeredModule == null)
// {
// context.Fail();
// return;
// }
// else
// {
// checkModuleActiveOrNot();
// }
// }
// void checkModuleActiveOrNot()
// {
// if (registeredModule.ModuleStatus == 0)
// {
// context.Fail();
// return;
// }
// }
// void checkModuleHaveRoleOrNot()
// {
// var allowedUserTypes = registeredModule?.AllowedUserType ?? "";
// if (allowedUserTypes == "Public" || userRole.Any(role => allowedUserTypes.Contains(role)))
// {
// context.Succeed(requirement);
// return;
// }
// else if (currentUser != null && allowedUserTypes == "Registered User" )
// {
// checkMethodAndRole();
// }
// else
// {
// context.Fail();
// return;
// }
// }
// void checkMethodAndRole()
// {
// // Load all ModuleSettings and process them in memory
// var moduleSettings = _authDBContext.ModuleSettings.AsEnumerable();
// // Check if the method exists in the module settings
// var isMethodExist = moduleSettings.FirstOrDefault(m => m.MethodAllowedUserType?.Any(mt => mt.MethodName == pageName) == true);
// if (isMethodExist != null) // Check if the method exists which means method is registered
// {
// var registeredMethod = moduleSettings.Where(m => m.MethodAllowedUserType != null && m.MethodAllowedUserType.Any(mt => mt.MethodName == pageName)).FirstOrDefault();
// var allowedUserTypes = registeredMethod?.MethodAllowedUserType?.Where(mt => mt.MethodName == pageName).Select(mt => mt.AllowedUserTypesArray).FirstOrDefault() ?? Array.Empty<string>();
// if (userRole.Any(role => allowedUserTypes.Contains(role)) || allowedUserTypes.Contains("All")) // Check if the user role is allowed, allowing only registered user to access.
// {
// context.Succeed(requirement);
// return;
// }
// else
// {
// context.Fail();
// return;
// }
// }
// else // No method is registered to allow all method to be accessed
// {
// context.Succeed(requirement);
// return;
// }
// }
// }
// }
//}

2
appsettings.json
View File

@ -3,7 +3,7 @@
//"DefaultConnection": "Server=localhost;uid=root;Password='';Database=web_interface;"
//"DefaultConnection": "server=175.136.244.102;user id=root;password=tw_mysql_root;port=3306;database=web_interface"
//"CentralConnnection": "Server=192.168.12.12;Port=3306;uid=installer;password='pstw_mysql_installer';database=pstw_cs;", //DB_dev Local connection
"CentralConnnection": "Server=219.92.7.60;Port=3307;uid=installer;password='pstw_mysql_installer';database=pstw_cs;" //DB_dev Public connection
"CentralConnnection": "Server=219.92.7.60;Port=3307;uid=installer;password='pstw_mysql_installer';database=pstw_cs_prod;" //DB_dev Public connection
//"InventoryConnection": "Server=219.92.7.60;Port=3307;uid=installer;password='pstw_mysql_installer';database=pstw_cs_inventory;" //DB_dev connection
//"DefaultConnection": "Server=219.92.7.60;Port=3307;uid=intern;password='intern_mysql_acct';database=web_interface;"//DB_dev connection
},