admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

directoryAdmin, directoryManager, and directoryUser are hard-coded in the helper class. Instead of hard-coding, we can create a static class and use it across the application.

Browse Source 
Ref: https://redmine.marcoaiot.com/issues/387
This commit is contained in:
Vikas Nale 2025-07-08 15:12:36 +05:30
parent bc0ef0b88b
commit 5c1dcd89b5
2 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Marco.Pms.Model/Entitlements/PermissionsMaster.cs Normal file
View File

@ -0,0 +1,10 @@
namespace Marco.Pms.Model.Entitlements
{
public static class PermissionsMaster
{
public static readonly Guid DirectoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
public static readonly Guid DirectoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
public static readonly Guid DirectoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
}
}

53
Marco.Pms.Services/Helpers/DirectoryHelper.cs
View File

@ -1,6 +1,7 @@
using Marco.Pms.DataAccess.Data; using Marco.Pms.DataAccess.Data;
using Marco.Pms.Model.Directory; using Marco.Pms.Model.Directory;
using Marco.Pms.Model.Dtos.Directory; using Marco.Pms.Model.Dtos.Directory;
using Marco.Pms.Model.Entitlements;
using Marco.Pms.Model.Mapper; using Marco.Pms.Model.Mapper;
using Marco.Pms.Model.Projects; using Marco.Pms.Model.Projects;
using Marco.Pms.Model.Utilities; using Marco.Pms.Model.Utilities;
@ -20,9 +21,6 @@ namespace Marco.Pms.Services.Helpers
private readonly ILoggingService _logger; private readonly ILoggingService _logger;
private readonly UserHelper _userHelper; private readonly UserHelper _userHelper;
private readonly PermissionServices _permissionServices; private readonly PermissionServices _permissionServices;
private readonly Guid directoryAdmin;
private readonly Guid directoryManager;
private readonly Guid directoryUser;
public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices) public DirectoryHelper(ApplicationDbContext context, ILoggingService logger, UserHelper userHelper, PermissionServices permissionServices)
{ {
@ -30,13 +28,8 @@ namespace Marco.Pms.Services.Helpers
_logger = logger; _logger = logger;
_userHelper = userHelper; _userHelper = userHelper;
_permissionServices = permissionServices; _permissionServices = permissionServices;
directoryAdmin = Guid.Parse("4286a13b-bb40-4879-8c6d-18e9e393beda");
directoryManager = Guid.Parse("62668630-13ce-4f52-a0f0-db38af2230c5");
directoryUser = Guid.Parse("0f919170-92d4-4337-abd3-49b66fc871bb");
} }
public async Task<ApiResponse<object>> GetListOfContacts(string? search, bool active, ContactFilterDto? filterDto, Guid? projectId) public async Task<ApiResponse<object>> GetListOfContacts(string? search, bool active, ContactFilterDto? filterDto, Guid? projectId)
{ {
Guid tenantId = _userHelper.GetTenantId(); Guid tenantId = _userHelper.GetTenantId();
@ -45,12 +38,12 @@ namespace Marco.Pms.Services.Helpers
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync(); List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList(); List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
bucketIds = buckets.Select(b => b.Id).ToList(); bucketIds = buckets.Select(b => b.Id).ToList();
} }
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
var createdBucketIds = buckets.Select(b => b.Id).ToList(); var createdBucketIds = buckets.Select(b => b.Id).ToList();
@ -199,11 +192,11 @@ namespace Marco.Pms.Services.Helpers
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
EmployeeBucketMapping? employeeBucket = null; EmployeeBucketMapping? employeeBucket = null;
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
employeeBucket = employeeBuckets.FirstOrDefault(); employeeBucket = employeeBuckets.FirstOrDefault();
} }
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id); employeeBucket = employeeBuckets.FirstOrDefault(eb => eb.EmployeeId == LoggedInEmployee.Id);
} }
@ -483,12 +476,12 @@ namespace Marco.Pms.Services.Helpers
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync(); List<EmployeeBucketMapping>? employeeBuckets = await _context.EmployeeBucketMappings.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).ToListAsync();
List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList(); List<Guid> bucketIds = employeeBuckets.Select(c => c.BucketId).ToList();
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.TenantId == tenantId).ToListAsync();
bucketIds = buckets.Select(b => b.Id).ToList(); bucketIds = buckets.Select(b => b.Id).ToList();
} }
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); var buckets = await _context.Buckets.Where(b => b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
var createdBucketIds = buckets.Select(b => b.Id).ToList(); var createdBucketIds = buckets.Select(b => b.Id).ToList();
@ -919,9 +912,9 @@ namespace Marco.Pms.Services.Helpers
} }
// --- Permission Checks --- // --- Permission Checks ---
var hasAdminPermission = await _permissionServices.HasPermission(directoryAdmin, loggedInEmployee.Id); var hasAdminPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id);
var hasManagerPermission = await _permissionServices.HasPermission(directoryManager, loggedInEmployee.Id); var hasManagerPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryAdmin, loggedInEmployee.Id);
var hasUserPermission = await _permissionServices.HasPermission(directoryUser, loggedInEmployee.Id); var hasUserPermission = await _permissionServices.HasPermission(PermissionsMaster.DirectoryUser, loggedInEmployee.Id);
IQueryable<ContactNote> notesQuery = _context.ContactNotes IQueryable<ContactNote> notesQuery = _context.ContactNotes
.Include(cn => cn.UpdatedBy) .Include(cn => cn.UpdatedBy)
@ -1166,11 +1159,11 @@ namespace Marco.Pms.Services.Helpers
var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList(); var bucketIds = employeeBuckets.Select(b => b.BucketId).ToList();
List<EmployeeBucketMapping> employeeBucketVM = await _context.EmployeeBucketMappings.Where(b => bucketIds.Contains(b.BucketId)).ToListAsync(); List<EmployeeBucketMapping> employeeBucketVM = await _context.EmployeeBucketMappings.Where(b => bucketIds.Contains(b.BucketId)).ToListAsync();
List<Bucket> bucketList = new List<Bucket>(); List<Bucket> bucketList = new List<Bucket>();
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => b.TenantId == tenantId).ToListAsync(); bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => b.TenantId == tenantId).ToListAsync();
} }
else if (permissionIds.Contains(directoryManager) || permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) || permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync(); bucketList = await _context.Buckets.Include(b => b.CreatedBy).Where(b => bucketIds.Contains(b.Id) || b.CreatedByID == LoggedInEmployee.Id).ToListAsync();
} }
@ -1208,8 +1201,8 @@ namespace Marco.Pms.Services.Helpers
{ {
var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync(); var assignedRoleIds = await _context.EmployeeRoleMappings.Where(r => r.EmployeeId == LoggedInEmployee.Id).Select(r => r.RoleId).ToListAsync();
var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync(); var permissionIds = await _context.RolePermissionMappings.Where(rp => assignedRoleIds.Contains(rp.ApplicationRoleId)).Select(rp => rp.FeaturePermissionId).Distinct().ToListAsync();
var demo = !permissionIds.Contains(directoryUser); var demo = !permissionIds.Contains(PermissionsMaster.DirectoryUser);
if (!permissionIds.Contains(directoryAdmin) && !permissionIds.Contains(directoryManager) && !permissionIds.Contains(directoryUser)) if (!permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && !permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
_logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id); _logger.LogError("Employee {EmployeeId} attemped to create a bucket, but do not have permission", LoggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401); return ApiResponse<object>.ErrorResponse("You don't have permission", "You don't have permission", 401);
@ -1266,15 +1259,15 @@ namespace Marco.Pms.Services.Helpers
} }
Bucket? accessableBucket = null; Bucket? accessableBucket = null;
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
if (bucket.CreatedByID == LoggedInEmployee.Id) if (bucket.CreatedByID == LoggedInEmployee.Id)
{ {
@ -1332,15 +1325,15 @@ namespace Marco.Pms.Services.Helpers
var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList(); var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList();
var employeeBucketIds = employeeBuckets.Select(eb => eb.EmployeeId).ToList(); var employeeBucketIds = employeeBuckets.Select(eb => eb.EmployeeId).ToList();
Bucket? accessableBucket = null; Bucket? accessableBucket = null;
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(bucketId)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(bucketId))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
if (bucket.CreatedByID == LoggedInEmployee.Id) if (bucket.CreatedByID == LoggedInEmployee.Id)
{ {
@ -1433,15 +1426,15 @@ namespace Marco.Pms.Services.Helpers
var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList(); var bucketIds = employeeBuckets.Where(eb => eb.EmployeeId == LoggedInEmployee.Id).Select(eb => eb.BucketId).ToList();
Bucket? accessableBucket = null; Bucket? accessableBucket = null;
if (permissionIds.Contains(directoryAdmin)) if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(directoryManager) && bucketIds.Contains(id)) else if (permissionIds.Contains(PermissionsMaster.DirectoryAdmin) && bucketIds.Contains(id))
{ {
accessableBucket = bucket; accessableBucket = bucket;
} }
else if (permissionIds.Contains(directoryUser)) else if (permissionIds.Contains(PermissionsMaster.DirectoryUser))
{ {
if (bucket.CreatedByID == LoggedInEmployee.Id) if (bucket.CreatedByID == LoggedInEmployee.Id)
{ {