119 lines
7.2 KiB
C#
119 lines
7.2 KiB
C#
using DevExpress.ExpressApp;
|
|
using DevExpress.Data.Filtering;
|
|
using DevExpress.Persistent.Base;
|
|
using DevExpress.ExpressApp.Updating;
|
|
using DevExpress.ExpressApp.Security;
|
|
using DevExpress.ExpressApp.SystemModule;
|
|
using DevExpress.ExpressApp.Security.Strategy;
|
|
using DevExpress.Xpo;
|
|
using DevExpress.ExpressApp.Xpo;
|
|
using DevExpress.Persistent.BaseImpl;
|
|
using DevExpress.Persistent.BaseImpl.PermissionPolicy;
|
|
using DurnyklyYol.Module.BusinessObjects;
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
|
|
namespace DurnyklyYol.Module.DatabaseUpdate;
|
|
|
|
// For more typical usage scenarios, be sure to check out https://docs.devexpress.com/eXpressAppFramework/DevExpress.ExpressApp.Updating.ModuleUpdater
|
|
public class Updater : ModuleUpdater {
|
|
public Updater(IObjectSpace objectSpace, Version currentDBVersion) :
|
|
base(objectSpace, currentDBVersion) {
|
|
}
|
|
public override void UpdateDatabaseAfterUpdateSchema() {
|
|
base.UpdateDatabaseAfterUpdateSchema();
|
|
//string name = "MyName";
|
|
//DomainObject1 theObject = ObjectSpace.FirstOrDefault<DomainObject1>(u => u.Name == name);
|
|
//if(theObject == null) {
|
|
// theObject = ObjectSpace.CreateObject<DomainObject1>();
|
|
// theObject.Name = name;
|
|
//}
|
|
|
|
|
|
|
|
// The code below creates users and roles for testing purposes only.
|
|
// In production code, you can create users and assign roles to them automatically, as described in the following help topic:
|
|
// https://docs.devexpress.com/eXpressAppFramework/119064/data-security-and-safety/security-system/authentication
|
|
#if !RELEASE
|
|
// If a role doesn't exist in the database, create this role
|
|
var defaultRole = CreateClientRole();
|
|
var adminRole = CreateAdminRole();
|
|
|
|
ObjectSpace.CommitChanges(); //This line persists created object(s).
|
|
|
|
UserManager userManager = ObjectSpace.ServiceProvider.GetRequiredService<UserManager>();
|
|
// If a user named 'User' doesn't exist in the database, create this user
|
|
if(userManager.FindUserByName<ApplicationUser>(ObjectSpace, "User") == null) {
|
|
// Set a password if the standard authentication type is used
|
|
string EmptyPassword = "";
|
|
_ = userManager.CreateUser<ApplicationUser>(ObjectSpace, "User", EmptyPassword, (user) => {
|
|
// Add the Users role to the user
|
|
user.Roles.Add(defaultRole);
|
|
});
|
|
}
|
|
|
|
// If a user named 'Admin' doesn't exist in the database, create this user
|
|
if(userManager.FindUserByName<ApplicationUser>(ObjectSpace, "Admin") == null) {
|
|
// Set a password if the standard authentication type is used
|
|
string EmptyPassword = "";
|
|
_ = userManager.CreateUser<ApplicationUser>(ObjectSpace, "Admin", EmptyPassword, (user) => {
|
|
// Add the Administrators role to the user
|
|
user.Roles.Add(adminRole);
|
|
});
|
|
}
|
|
|
|
ObjectSpace.CommitChanges(); //This line persists created object(s).
|
|
#endif
|
|
}
|
|
public override void UpdateDatabaseBeforeUpdateSchema() {
|
|
base.UpdateDatabaseBeforeUpdateSchema();
|
|
//if(CurrentDBVersion < new Version("1.1.0.0") && CurrentDBVersion > new Version("0.0.0.0")) {
|
|
// RenameColumn("DomainObject1Table", "OldColumnName", "NewColumnName");
|
|
//}
|
|
}
|
|
private PermissionPolicyRole CreateAdminRole() {
|
|
PermissionPolicyRole adminRole = ObjectSpace.FirstOrDefault<PermissionPolicyRole>(r => r.Name == GlobalConstants.AdminRoleName);
|
|
if(adminRole == null) {
|
|
adminRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
|
|
adminRole.Name = GlobalConstants.AdminRoleName;
|
|
adminRole.IsAdministrative = true;
|
|
}
|
|
return adminRole;
|
|
}
|
|
private PermissionPolicyRole CreateClientRole() {
|
|
PermissionPolicyRole clRole = ObjectSpace.FirstOrDefault<PermissionPolicyRole>(role => role.Name == GlobalConstants.ClientRoleName);
|
|
if(clRole == null) {
|
|
clRole = ObjectSpace.CreateObject<PermissionPolicyRole>();
|
|
clRole.Name = GlobalConstants.ClientRoleName;
|
|
|
|
clRole.AddObjectPermissionFromLambda<ApplicationUser>(SecurityOperations.Read, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
|
|
clRole.AddObjectPermissionFromLambda<Client>(SecurityOperations.ReadWriteAccess, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
|
|
clRole.AddObjectPermissionFromLambda<CargoRequest>(SecurityOperations.Read, cm => cm.Client.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
|
|
|
|
clRole.AddObjectPermissionFromLambda<Goods>(SecurityOperations.Read, cm => cm.Client.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
|
|
|
|
clRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
|
|
clRole.AddNavigationPermission(@"Application/NavigationItems/Items/Clients & Goods/Items/Goods", SecurityPermissionState.Allow);
|
|
clRole.AddMemberPermissionFromLambda<ApplicationUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
|
|
clRole.AddMemberPermissionFromLambda<ApplicationUser>(SecurityOperations.Write, "StoredPassword", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
|
|
clRole.AddTypePermissionsRecursively<PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Shop>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Contact>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Cargo>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Payment>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Point>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Route>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<RoutePoint>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Carrier>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<Warehouse>(SecurityOperations.Read, SecurityPermissionState.Allow);
|
|
clRole.AddTypePermission<CargoRequest>(SecurityOperations.Create, SecurityPermissionState.Allow);
|
|
|
|
|
|
//clRole.AddObjectPermission<ModelDifference>(SecurityOperations.ReadWriteAccess, "UserId = ToStr(CurrentUserId())", SecurityPermissionState.Deny);
|
|
//clRole.AddObjectPermission<ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, "Owner.UserId = ToStr(CurrentUserId())", SecurityPermissionState.Deny);
|
|
//clRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
|
|
// clRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
|
|
}
|
|
return clRole;
|
|
}
|
|
}
|