diff --git a/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissionDefinitionProvider.cs b/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissionDefinitionProvider.cs index bbfb5b1..41bc9b6 100644 --- a/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissionDefinitionProvider.cs +++ b/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissionDefinitionProvider.cs @@ -2,19 +2,23 @@ using Volo.Abp.Authorization.Permissions; using Volo.Abp.Localization; -namespace Acme.BookStore.Permissions; - -public class BookStorePermissionDefinitionProvider : PermissionDefinitionProvider +namespace Acme.BookStore.Permissions { - public override void Define(IPermissionDefinitionContext context) + public class BookStorePermissionDefinitionProvider : PermissionDefinitionProvider { - var myGroup = context.AddGroup(BookStorePermissions.GroupName); - //Define your own permissions here. Example: - //myGroup.AddPermission(BookStorePermissions.MyPermission1, L("Permission:MyPermission1")); - } + public override void Define(IPermissionDefinitionContext context) + { + var bookStoreGroup = context.AddGroup(BookStorePermissions.GroupName, L("Permission:BookStore")); - private static LocalizableString L(string name) - { - return LocalizableString.Create(name); + var booksPermission = bookStoreGroup.AddPermission(BookStorePermissions.Books.Default, L("Permission:Books")); + booksPermission.AddChild(BookStorePermissions.Books.Create, L("Permission:Books.Create")); + booksPermission.AddChild(BookStorePermissions.Books.Edit, L("Permission:Books.Edit")); + booksPermission.AddChild(BookStorePermissions.Books.Delete, L("Permission:Books.Delete")); + } + + private static LocalizableString L(string name) + { + return LocalizableString.Create(name); + } } } diff --git a/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissions.cs b/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissions.cs index 050ea9a..eba2c9a 100644 --- a/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissions.cs +++ b/src/Acme.BookStore.Application.Contracts/Permissions/BookStorePermissions.cs @@ -4,6 +4,11 @@ public static class BookStorePermissions { public const string GroupName = "BookStore"; - //Add your own permission names. Example: - //public const string MyPermission1 = GroupName + ".MyPermission1"; -} + public static class Books + { + public const string Default = GroupName + ".Books"; + public const string Create = Default + ".Create"; + public const string Edit = Default + ".Edit"; + public const string Delete = Default + ".Delete"; + } +} \ No newline at end of file diff --git a/src/Acme.BookStore.Application/Books/BookAppService.cs b/src/Acme.BookStore.Application/Books/BookAppService.cs index 2c335ca..011d24e 100644 --- a/src/Acme.BookStore.Application/Books/BookAppService.cs +++ b/src/Acme.BookStore.Application/Books/BookAppService.cs @@ -1,4 +1,5 @@ using System; +using Acme.BookStore.Permissions; using Volo.Abp.Application.Dtos; using Volo.Abp.Application.Services; using Volo.Abp.Domain.Repositories; @@ -17,7 +18,11 @@ public class BookAppService : public BookAppService(IRepository repository) : base(repository) { - + GetPolicyName = BookStorePermissions.Books.Default; + GetListPolicyName = BookStorePermissions.Books.Default; + CreatePolicyName = BookStorePermissions.Books.Create; + UpdatePolicyName = BookStorePermissions.Books.Edit; + DeletePolicyName = BookStorePermissions.Books.Delete; } } -} \ No newline at end of file +} diff --git a/src/Acme.BookStore.Domain.Shared/Localization/BookStore/en.json b/src/Acme.BookStore.Domain.Shared/Localization/BookStore/en.json index 176acbf..ecc5f05 100644 --- a/src/Acme.BookStore.Domain.Shared/Localization/BookStore/en.json +++ b/src/Acme.BookStore.Domain.Shared/Localization/BookStore/en.json @@ -28,6 +28,11 @@ "Enum:BookType.ScienceFiction": "Science fiction", "Enum:BookType.Poetry": "Poetry", "BookDeletionConfirmationMessage": "Are you sure to delete the book '{0}'?", - "SuccessfullyDeleted": "Successfully deleted!" + "SuccessfullyDeleted": "Successfully deleted!", + "Permission:BookStore": "Book Store", + "Permission:Books": "Book Management", + "Permission:Books.Create": "Creating new books", + "Permission:Books.Edit": "Editing the books", + "Permission:Books.Delete": "Deleting the books" } } diff --git a/src/Acme.BookStore.Web/BookStoreWebModule.cs b/src/Acme.BookStore.Web/BookStoreWebModule.cs index c289140..d7d2ec2 100644 --- a/src/Acme.BookStore.Web/BookStoreWebModule.cs +++ b/src/Acme.BookStore.Web/BookStoreWebModule.cs @@ -37,6 +37,8 @@ using Volo.Abp.UI; using Volo.Abp.UI.Navigation; using Volo.Abp.VirtualFileSystem; +using Microsoft.AspNetCore.Mvc.RazorPages; +using Acme.BookStore.Permissions; namespace Acme.BookStore.Web; @@ -68,7 +70,7 @@ public override void PreConfigureServices(ServiceConfigurationContext context) typeof(BookStoreWebModule).Assembly ); }); - + PreConfigure(builder => { builder.AddValidation(options => @@ -94,8 +96,15 @@ public override void ConfigureServices(ServiceConfigurationContext context) ConfigureNavigationServices(); ConfigureAutoApiControllers(); ConfigureSwaggerServices(context.Services); + + Configure(options => + { + options.Conventions.AuthorizePage("/Books/Index", BookStorePermissions.Books.Default); + options.Conventions.AuthorizePage("/Books/CreateModal", BookStorePermissions.Books.Create); + options.Conventions.AuthorizePage("/Books/EditModal", BookStorePermissions.Books.Edit); + }); } - + private void ConfigureAuthentication(ServiceConfigurationContext context) { context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme); @@ -122,7 +131,7 @@ private void ConfigureBundles() ); }); } - + private void ConfigureAutoMapper() { Configure(options => diff --git a/src/Acme.BookStore.Web/Menus/BookStoreMenuContributor.cs b/src/Acme.BookStore.Web/Menus/BookStoreMenuContributor.cs index 3341ac1..cab34aa 100644 --- a/src/Acme.BookStore.Web/Menus/BookStoreMenuContributor.cs +++ b/src/Acme.BookStore.Web/Menus/BookStoreMenuContributor.cs @@ -1,6 +1,7 @@ using System.Threading.Tasks; using Acme.BookStore.Localization; using Acme.BookStore.MultiTenancy; +using Acme.BookStore.Permissions; using Volo.Abp.Identity.Web.Navigation; using Volo.Abp.SettingManagement.Web.Navigation; using Volo.Abp.TenantManagement.Web.Navigation; @@ -33,19 +34,25 @@ private async Task ConfigureMainMenuAsync(MenuConfigurationContext context) order: 0 ) ); - context.Menu.AddItem( - new ApplicationMenuItem( + + var bookStoreMenu = new ApplicationMenuItem( "BooksStore", - l["Menu:BookStore"], - icon: "fa fa-book" - ).AddItem( - new ApplicationMenuItem( - "BooksStore.Books", - l["Menu:Books"], - url: "/Books" - ) - ) - ); + l["Menu:BookStore"], + icon: "fa fa-book" + ); + + context.Menu.AddItem(bookStoreMenu); + + //CHECK the PERMISSION + if (await context.IsGrantedAsync(BookStorePermissions.Books.Default)) + { + bookStoreMenu.AddItem(new ApplicationMenuItem( + "BooksStore.Books", + l["Menu:Books"], + url: "/Books" + )); + } + if (MultiTenancyConsts.IsEnabled) { administration.SetSubItemOrder(TenantManagementMenuNames.GroupName, 1); diff --git a/src/Acme.BookStore.Web/Pages/Books/Index.cshtml b/src/Acme.BookStore.Web/Pages/Books/Index.cshtml index d3d0c07..bade9f8 100644 --- a/src/Acme.BookStore.Web/Pages/Books/Index.cshtml +++ b/src/Acme.BookStore.Web/Pages/Books/Index.cshtml @@ -1,21 +1,31 @@ @page @using Acme.BookStore.Localization +@using Acme.BookStore.Permissions @using Acme.BookStore.Web.Pages.Books +@using Microsoft.AspNetCore.Authorization @using Microsoft.Extensions.Localization @model IndexModel @inject IStringLocalizer L +@inject IAuthorizationService AuthorizationService @section scripts { - + } + @L["Books"] - - + + @if (await AuthorizationService.IsGrantedAsync(BookStorePermissions.Books.Create)) + { + + } diff --git a/src/Acme.BookStore.Web/Pages/Books/index.js b/src/Acme.BookStore.Web/Pages/Books/index.js index 1d50f18..2329696 100644 --- a/src/Acme.BookStore.Web/Pages/Books/index.js +++ b/src/Acme.BookStore.Web/Pages/Books/index.js @@ -20,12 +20,16 @@ $(function () { items: [ { text: l('Edit'), + visible: abp.auth.isGranted( + 'BookStore.Books.Edit' + ), //CHECK for the PERMISSION action: function (data) { editModal.open({ id: data.record.id }); }, }, { text: l('Delete'), + visible: abp.auth.isGranted('BookStore.Books.Delete'), confirmMessage: function (data) { return l( 'BookDeletionConfirmationMessage',