diff --git a/Brizco.Api/Brizco.Api.csproj b/Brizco.Api/Brizco.Api.csproj index 241581f..f0da5a6 100644 --- a/Brizco.Api/Brizco.Api.csproj +++ b/Brizco.Api/Brizco.Api.csproj @@ -56,6 +56,7 @@ + diff --git a/Brizco.Api/Controllers/ActivityController.cs b/Brizco.Api/Controllers/ActivityController.cs index 116d158..e95b18f 100644 --- a/Brizco.Api/Controllers/ActivityController.cs +++ b/Brizco.Api/Controllers/ActivityController.cs @@ -1,4 +1,6 @@ -namespace Brizco.Api.Controllers; +using Brizco.Common.Models.Claims; + +namespace Brizco.Api.Controllers; public class ActivityController : ICarterModule { @@ -11,22 +13,27 @@ public class ActivityController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetActivities") + .RequireAuthorization(builder=>builder.RequireClaim(CustomClaimType.Permission,ApplicationPermission.ViewActivities, ApplicationPermission.ManageActivities)) .HasApiVersion(1.0); group.MapGet("{id:guid}", GetAsync) .WithDisplayName("GetActivity") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewActivities, ApplicationPermission.ManageActivities)) .HasApiVersion(1.0); group.MapPost("done/{id:guid}", DoneActivityAsync) .WithDisplayName("DoneActivity") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ChangeActivityStatus)) .HasApiVersion(1.0); group.MapPost("complete", CompleteActivityAsync) .WithDisplayName("DoneActivity") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ChangeActivityStatus)) .HasApiVersion(1.0); group.MapPost("undone/{id:guid}", UnDoneActivityAsync) .WithDisplayName("UnDoneActivity") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ChangeActivityStatus)) .HasApiVersion(1.0); //group.MapPost("", Post) diff --git a/Brizco.Api/Controllers/ComplexController.cs b/Brizco.Api/Controllers/ComplexController.cs index 97b5e18..9437fcb 100644 --- a/Brizco.Api/Controllers/ComplexController.cs +++ b/Brizco.Api/Controllers/ComplexController.cs @@ -11,19 +11,24 @@ public class ComplexController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllComplex") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewComplexes, ApplicationPermission.ManageComplexes)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetOneComplex") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewComplexes, ApplicationPermission.ManageComplexes)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageComplexes)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageComplexes)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageComplexes)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/PositionController.cs b/Brizco.Api/Controllers/PositionController.cs index 557c35b..e177655 100644 --- a/Brizco.Api/Controllers/PositionController.cs +++ b/Brizco.Api/Controllers/PositionController.cs @@ -11,19 +11,24 @@ public class PositionController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllPositions") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewPositions,ApplicationPermission.ManagePositions)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetPosition") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewPositions, ApplicationPermission.ManagePositions)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManagePositions)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManagePositions)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManagePositions)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/ReportController.cs b/Brizco.Api/Controllers/ReportController.cs index 3b97b9a..7d7945f 100644 --- a/Brizco.Api/Controllers/ReportController.cs +++ b/Brizco.Api/Controllers/ReportController.cs @@ -12,10 +12,12 @@ public class ReportController : ICarterModule group.MapGet("task", GetTasksReportAsync) .WithDisplayName("Get Tasks Report") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageReports)) .HasApiVersion(1.0); group.MapGet("shift/plan/{shiftPLanId}", GetShiftPlanReportAsync) .WithDisplayName("Get ShiftPlan Report") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageReports)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/RoleController.cs b/Brizco.Api/Controllers/RoleController.cs index e1f9351..d021ef8 100644 --- a/Brizco.Api/Controllers/RoleController.cs +++ b/Brizco.Api/Controllers/RoleController.cs @@ -15,14 +15,17 @@ public class RoleController : ICarterModule group.MapGet("/permission", GetPermissions) .WithDisplayName("Permissions") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoles)) .HasApiVersion(1.0); group.MapGet("", GetAllAsync) .WithDisplayName("GetAllRoles") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoles)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetOneRole") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoles)) .HasApiVersion(1.0); //group.MapPost("", Post) diff --git a/Brizco.Api/Controllers/RoutineController.cs b/Brizco.Api/Controllers/RoutineController.cs index 0d371c5..42ad09d 100644 --- a/Brizco.Api/Controllers/RoutineController.cs +++ b/Brizco.Api/Controllers/RoutineController.cs @@ -10,23 +10,29 @@ public class RoutineController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllRoutines") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoutines,ApplicationPermission.ViewRoutines)) .HasApiVersion(1.0); group.MapGet("{id}/shift", GetShiftsAsync) .WithDisplayName("GetRoutineShifts") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoutines, ApplicationPermission.ViewRoutines)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetRoutine") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoutines)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoutines)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoutines)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageRoutines)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/SectionController.cs b/Brizco.Api/Controllers/SectionController.cs index 815e2c1..2e29f7e 100644 --- a/Brizco.Api/Controllers/SectionController.cs +++ b/Brizco.Api/Controllers/SectionController.cs @@ -11,19 +11,24 @@ public class SectionController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllSections") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageSections, ApplicationPermission.ViewSections)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetSection") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageSections, ApplicationPermission.ViewSections)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageSections)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageSections)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageSections)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/ShiftController.cs b/Brizco.Api/Controllers/ShiftController.cs index 4b61e8a..0314eaa 100644 --- a/Brizco.Api/Controllers/ShiftController.cs +++ b/Brizco.Api/Controllers/ShiftController.cs @@ -12,19 +12,24 @@ public class ShiftController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllShift") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShifts, ApplicationPermission.ViewShifts)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetOneShift") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShifts, ApplicationPermission.ViewShifts)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShifts)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShifts)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShifts)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/ShiftPlanController.cs b/Brizco.Api/Controllers/ShiftPlanController.cs index 97e6137..11e730a 100644 --- a/Brizco.Api/Controllers/ShiftPlanController.cs +++ b/Brizco.Api/Controllers/ShiftPlanController.cs @@ -13,20 +13,25 @@ public class ShiftPlanController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetShiftPlans") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShiftPlans, ApplicationPermission.ViewShiftPlans)) .HasApiVersion(1.0); group.MapGet("{id:guid}", GetAsync) .WithDisplayName("GetShiftPlan") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShiftPlans, ApplicationPermission.ViewShiftPlans)) .HasApiVersion(1.0); group.MapPost("{id:guid}/complete", CompletePlanAsync) .WithDisplayName("DoneActivity") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShiftPlans)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShiftPlans)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageShiftPlans)) .HasApiVersion(1.0); group.MapDelete("{id:guid}", Delete) diff --git a/Brizco.Api/Controllers/TaskController.cs b/Brizco.Api/Controllers/TaskController.cs index 4a0871d..902f782 100644 --- a/Brizco.Api/Controllers/TaskController.cs +++ b/Brizco.Api/Controllers/TaskController.cs @@ -13,19 +13,24 @@ public class TaskController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllTask") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageTasks,ApplicationPermission.ViewTasks)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetOneTask") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageTasks,ApplicationPermission.ViewTasks)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageTasks)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageTasks)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageTasks)) .HasApiVersion(1.0); } diff --git a/Brizco.Api/Controllers/UserController.cs b/Brizco.Api/Controllers/UserController.cs index 5619d06..131a980 100644 --- a/Brizco.Api/Controllers/UserController.cs +++ b/Brizco.Api/Controllers/UserController.cs @@ -13,10 +13,12 @@ public class UserController : ICarterModule group.MapGet("", GetAllAsync) .WithDisplayName("GetAllUser") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewUsers,ApplicationPermission.ManageUsers)) .HasApiVersion(1.0); group.MapGet("{id}", GetAsync) .WithDisplayName("GetOneUser") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ViewUsers, ApplicationPermission.ManageUsers)) .HasApiVersion(1.0); group.MapGet("/profile", GetUserProfileAsync) @@ -25,15 +27,19 @@ public class UserController : ICarterModule group.MapPost("/role/change/{roleId}", ChangeUserRoleAsync) .WithDisplayName("GetUserProfile") + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageUsers)) .HasApiVersion(1.0); group.MapPost("", Post) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageUsers)) .HasApiVersion(1.0); group.MapPut("", Put) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageUsers)) .HasApiVersion(1.0); group.MapDelete("{id}", Delete) + .RequireAuthorization(builder => builder.RequireClaim(CustomClaimType.Permission, ApplicationPermission.ManageUsers)) .HasApiVersion(1.0); } diff --git a/Brizco.Common/Models/Claims/ApplicationClaims.cs b/Brizco.Common/Models/Claims/ApplicationClaims.cs index b86f6d0..9a021c9 100644 --- a/Brizco.Common/Models/Claims/ApplicationClaims.cs +++ b/Brizco.Common/Models/Claims/ApplicationClaims.cs @@ -83,6 +83,13 @@ public static class ApplicationClaims Title = "دسترسی کامل به فعالیت ها", Detail = "دسترسی به افزودن و مدیریت فعالیت ها فروشگاه شما" }; + public static ClaimDto ChangeActivityStatus { get; } = new ClaimDto + { + Type = CustomClaimType.Permission, + Value = ApplicationPermission.ChangeActivityStatus, + Title = "تغییر وضعیت به فعالیت ", + Detail = "دسترسی به افزودن و مدیریت فعالیت ها فروشگاه شما" + }; public static ClaimDto ViewActivities { get; } = new ClaimDto { Type = CustomClaimType.Permission, @@ -155,17 +162,49 @@ public static class ApplicationClaims Title = "مشاهده تنظیمات ها", Detail = "دسترسی به مشاهده تنظیمات ها فروشگاه شما" }; + public static ClaimDto ManageReports { get; } = new ClaimDto + { + Type = CustomClaimType.Permission, + Value = ApplicationPermission.ManageReports, + Title = "مشاهده گزارشات", + Detail = "دسترسی به مشاهده گزارشات" + }; + public static ClaimDto ManageRoles { get; } = new ClaimDto + { + Type = CustomClaimType.Permission, + Value = ApplicationPermission.ManageRoles, + Title = "مشاهده گزارشات", + Detail = "دسترسی به مشاهده گزارشات" + }; + public static ClaimDto ManageUsers { get; } = new ClaimDto + { + Type = CustomClaimType.Permission, + Value = ApplicationPermission.ManageUsers, + Title = "تغییر کاربران", + Detail = "دسترسی و تغییر در کاربران" + }; + public static ClaimDto ViewUsers { get; } = new ClaimDto + { + Type = CustomClaimType.Permission, + Value = ApplicationPermission.ViewUsers, + Title = "مشاهده کاربران", + Detail = "دسترسی و تغییر در کاربران" + }; public static List AllClaimDtos = new List { ManageActivities, ViewTasks, ManageTasks, - + ManageReports, + ManageRoles, ManageShiftPlans, ViewShifts, ManageShifts, + ManageUsers, + ViewUsers + ViewComplexes, ManageComplexes, @@ -188,6 +227,11 @@ public static class ApplicationClaims { ManageStaffs.GetClaim, ViewStaffs.GetClaim, + ManageReports.GetClaim, + ManageRoles.GetClaim, + + ViewUsers.GetClaim, + ManageUsers.GetClaim, ViewTasks.GetClaim, ManageTasks.GetClaim, @@ -219,10 +263,14 @@ public static class ApplicationClaims { ManageStaffs.GetClaim, ViewStaffs.GetClaim, + ManageReports.GetClaim, ManageActivities.GetClaim, ViewActivities.GetClaim, + ViewUsers.GetClaim, + ManageUsers.GetClaim, + ViewTasks.GetClaim, ManageTasks.GetClaim, @@ -264,13 +312,18 @@ public static class ApplicationClaims ViewSections.GetClaim, ViewDashboard.GetClaim, + + ViewUsers.GetClaim, + ViewComplexSettings.GetClaim }; public static List SuperVisorClaims = new List { ManageActivities.GetClaim, + ChangeActivityStatus.GetClaim, ViewActivities.GetClaim, + ManageReports.GetClaim, ViewTasks.GetClaim, ManageTasks.GetClaim, @@ -286,7 +339,7 @@ public static class ApplicationClaims public static List StaffClaims = new List { - ManageActivities.GetClaim, + ChangeActivityStatus.GetClaim, ViewActivities.GetClaim, ViewTasks.GetClaim, diff --git a/Brizco.Common/Models/Claims/ApplicationPermission.cs b/Brizco.Common/Models/Claims/ApplicationPermission.cs index a9ff72f..9d7d939 100644 --- a/Brizco.Common/Models/Claims/ApplicationPermission.cs +++ b/Brizco.Common/Models/Claims/ApplicationPermission.cs @@ -1,6 +1,12 @@ namespace Brizco.Common.Models.Claims; public static class ApplicationPermission { + public const string ManageReports = nameof(ManageReports); + public const string ManageRoles = nameof(ManageRoles); + + public const string ManageUsers = nameof(ManageUsers); + public const string ViewUsers = nameof(ViewUsers); + public const string ManageComplexes = nameof(ManageComplexes); public const string ViewComplexes = nameof(ViewComplexes); @@ -18,6 +24,7 @@ public static class ApplicationPermission public const string ViewTasks = nameof(ViewTasks); public const string ManageActivities = nameof(ManageActivities); + public const string ChangeActivityStatus = nameof(ChangeActivityStatus); public const string ViewActivities = nameof(ViewActivities); public const string ManageRoutines = nameof(ManageRoutines); diff --git a/Brizco.Core/CoreServices/ReportServices/TaskReportCommandHandler.cs b/Brizco.Core/CoreServices/ReportServices/TaskReportCommandHandler.cs index 72ecd66..b5e01fa 100644 --- a/Brizco.Core/CoreServices/ReportServices/TaskReportCommandHandler.cs +++ b/Brizco.Core/CoreServices/ReportServices/TaskReportCommandHandler.cs @@ -189,6 +189,10 @@ public class TaskReportCommandHandler : IRequestHandler startRow) {