Permissions and authorizations

2023-04-13 01:24:36 +03:00 · 2023-04-13 01:24:36 +03:00 · cbaf4154bd
parent a1be1a08b0
commit cbaf4154bd
5 changed files with 72 additions and 1 deletions
--- a/Directory.Build.props
+++ b/Directory.Build.props
@ -1,7 +1,7 @@
 <Project>
  <Import Project="dependencies.props" />
  <PropertyGroup>
-    <Version>1.2.4</Version>
+    <Version>1.2.5</Version>
    <Authors>Tudor Stanciu</Authors>
    <Company>STA</Company>
    <PackageTags>NetworkResurrector</PackageTags>
--- a/ReleaseNotes.xml
+++ b/ReleaseNotes.xml
@ -170,4 +170,13 @@
 	  • The "Netmash.Security.Authentication.Tuitio" nuget package has been upgraded in backend.
    </Content>
  </Note>
+  <Note>
+    <Version>1.2.5</Version>
+    <Date>2023-04-12 23:58</Date>
+    <Content>
+      Permissions and authorizations
+      • Permissions and authorizations at the user role level have been added to the application.
+	  • The "Netmash.Security.Authentication.Tuitio" nuget package has been upgraded in backend.
+    </Content>
+  </Note>
 </ReleaseNotes>
--- a/src/api/NetworkResurrector.Api.Domain.Data/NetworkResurrector.Api.Domain.Data.csproj
+++ b/src/api/NetworkResurrector.Api.Domain.Data/NetworkResurrector.Api.Domain.Data.csproj
@ -22,6 +22,12 @@
    <None Update="Scripts\1.0.3\02.Insert wake and ping configs for the rest of machines.sql">
      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
    </None>
+    <None Update="Scripts\1.2.5\01.Permission tables.sql">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+    <None Update="Scripts\1.2.5\02.UserRoleAuthorization table.sql">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
  </ItemGroup>

 </Project>
--- a/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/01.Permission
+++ b/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/01.Permission
@ -0,0 +1,46 @@
+if not exists (select top 1 1 from sys.objects where name = 'Permission' and type = 'U')
+begin
+	create table Permission
+	(
+		PermissionId int identity(1, 1) constraint PK_Permission primary key,
+		PermissionCode varchar(50) not null,
+		PermissionName varchar(100) not null,
+		PermissionDescription varchar(300) not null
+	)
+end
+
+if not exists (select top 1 1 from sys.objects where name = 'PermissionHierarchy' and type = 'U')
+begin
+	create table PermissionHierarchy
+	(
+		ParentPermissionId int not null constraint FK_PermissionHierarchy_Permission_Parent foreign key references Permission(PermissionId),
+		ChildPermissionId int not null constraint FK_PermissionHierarchy_Permission_Child foreign key references Permission(PermissionId)
+		constraint PK_PermissionHierarchy primary key (ParentPermissionId, ChildPermissionId)
+	)
+end
+
+if not exists (select top 1 1 from Permission)
+begin
+	insert into Permission(PermissionCode, PermissionName, PermissionDescription)
+	values ('VIEW_DASHBOARD', 'View dashboard', 'The user with this permission can view the dashboard.'),
+           ('MANAGE_USERS', 'Manage users', 'The user with this permission can assign permissions to users.'),
+           ('MANAGE_SETTINGS', 'Manage settings', 'The user with this permission can manage the application settings.'),
+           ('VIEW_MACHINES', 'View machines', 'The user with this permission can view machines. He cannot start or stop a machine.'),
+           ('MANAGE_MACHINES', 'Manage machines', 'The user with this permission can add, edit or delete machines.'),
+		   ('OPERATE_MACHINES', 'Operate machines', 'The user with this permission can operate machines. He can start or stop machines.'),
+		   ('GUEST_ACCESS', 'Guest access', 'The user with this permission can view the application in a read-only mode and with all data anonymized.')
+end
+
+if not exists (select top 1 1 from PermissionHierarchy)
+begin
+	declare @view_machines_permission_id int,
+			@manage_machines_permission_id int,
+			@operate_machines_permission_id int
+
+	select @view_machines_permission_id = PermissionId from Permission where PermissionCode = 'VIEW_MACHINES'
+	select @manage_machines_permission_id = PermissionId from Permission where PermissionCode = 'MANAGE_MACHINES'
+	select @operate_machines_permission_id = PermissionId from Permission where PermissionCode = 'OPERATE_MACHINES'
+
+	insert into PermissionHierarchy (ParentPermissionId, ChildPermissionId)
+	values (@manage_machines_permission_id, @view_machines_permission_id), (@operate_machines_permission_id, @view_machines_permission_id)
+end
--- a/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/02.UserRoleAuthorization
+++ b/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/02.UserRoleAuthorization
@ -0,0 +1,10 @@
+if not exists (select top 1 1 from sys.objects where name = 'UserRoleAuthorization' and type = 'U')
+begin
+	create table UserRoleAuthorization
+	(
+		UserRoleId int not null,
+		PermissionId int not null constraint FK_UserRoleAuthorization_Permission foreign key references Permission(PermissionId),
+		Active bit not null,
+		constraint PK_UserRoleAuthorization primary key (PermissionId, UserRoleId)
+	)
+end