XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

权限设置

Uat_Study
hang 2022-05-25 14:06:15 +08:00
parent 7a6d68b313
commit 3928960a4e
10 changed files with 35 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
IRaCIS.Core.API/Controllers/FinancialChangeController.cs
View File

@ -54,7 +54,7 @@ namespace IRaCIS.Core.API.Controllers.Special
/// <param name="param"></param>
/// <returns>新记录Id</returns>
[HttpPost, Route("trial/addOrUpdateTrial")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput<Trial>> AddOrUpdateTrial(TrialCommand param)
{
var userId = Guid.Parse(User.FindFirst("id").Value);

9
IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
View File

@ -25,11 +25,16 @@ namespace IRaCIS.Core.API
});
options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
options.AddPolicy(IRaCISPolicy.PM_APM, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
});
options.AddPolicy(IRaCISPolicy.PM_IQC, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.IQC).ToString());
});
options.AddPolicy(IRaCISPolicy.PM, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString());
@ -41,7 +46,7 @@ namespace IRaCIS.Core.API
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(),((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.APM).ToString(), ((int)UserTypeEnum.IQC).ToString());
});
//options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
//options.AddPolicy(IRaCISPolicy.PM_APM, policyBuilder =>
//{
// policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
//});

8
IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
View File

@ -10,9 +10,9 @@ namespace IRaCIS.Core.Application.Auth
public static class IRaCISPolicy
{
public const string PMAndAPM = "PMAndAPM";
public const string PM_APM = "PM_APM";
public const string PM_APM_CRC = "PMAndAPMAndCRC";
public const string PM_APM_CRC = "PM_APMAndCRC";
public const string CRC_IQC = "CRC_IQC";
@ -20,11 +20,13 @@ namespace IRaCIS.Core.Application.Auth
public const string PM = "PM";
public const string PM_IQC = "PM_IQC";
public const string IQC = "IQC";
public const string PM_APM_CRC_QC = "PM_APM_CRC_QC";
public const string SPMAndCPM = "SPMAndCPM";
public const string SPM_CPM = "SPMAndCPM";
}
}

12
IRaCIS.Core.Application/Service/QC/QCOperationService.cs
View File

@ -302,7 +302,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns>
[HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> CloseCheckChallenge(CloseCheckChallengeDto input)
{
@ -336,7 +336,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns>
[HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM )]
[Authorize(Policy = IRaCISPolicy.PM_APM )]
public async Task<IResponseOutput> SetCheckPass(SetCheckPassDt data)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@ -416,7 +416,7 @@ namespace IRaCIS.Core.Application.Image.QA
}
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> RejectCheckBack(Guid subjectVisitId)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@ -448,7 +448,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns>
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
[UnitOfWork]
public async Task<IResponseOutput> CheckBack(Guid subjectVisitId)
{
@ -522,7 +522,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// <returns></returns>
[HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> UploadVisitCheckExcel(IFormFile file, Guid trialId)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@ -1858,7 +1858,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPost("{trialId:guid}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> ForwardSVDicomImage(Guid[] subjectVisitIdList)
{

8
IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
View File

@ -70,7 +70,7 @@ namespace IRaCIS.Core.Application
/// 签名确认 包括项目的三组配置 + QC问题确认 后修改状态 (适用于不会回退的,项目废除、状态修改, 存在回退 不在这里弄,提供单独接口修改状态)
/// </summary>
/// <returns></returns>
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> TrialConfigSignatureConfirm(SignConfirmDTO signConfirmDTO)
{
await VerifyOnlyInOngoingOrInitialIzingOptAsync(signConfirmDTO.TrialId);
@ -147,7 +147,7 @@ namespace IRaCIS.Core.Application
/// <param name="trialConfig"></param>
/// <returns></returns>
[HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> ConfigTrialBasicInfo(BasicTrialConfig trialConfig)
{
await VerifyOnlyInOngoingOrInitialIzingOptAsync(trialConfig.TrialId);
@ -293,7 +293,7 @@ namespace IRaCIS.Core.Application
/// <param name="trialConfig"></param>
/// <returns></returns>
[HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> ConfigTrialProcessInfo(TrialProcessConfig trialConfig)
{
if (!await _trialRepository.Where(t => t.Id == trialConfig.TrialId).IgnoreQueryFilters().AnyAsync(t => t.TrialStatusStr == StaticData.TrialInitializing))
@ -318,7 +318,7 @@ namespace IRaCIS.Core.Application
/// <param name="trialConfig"></param>
/// <returns></returns>
[HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> ConfigTrialUrgentInfo(TrialUrgentConfig trialConfig)
{

6
IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
View File

@ -64,7 +64,7 @@ namespace IRaCIS.Core.Application.Service
/// </summary>
/// <param name="addOrEditTrialExternalUser"></param>
/// <returns></returns>
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> AddOrUpdateTrialExternalUser(TrialExternalUserAddAndSendEmail addOrEditTrialExternalUser)
{
@ -198,7 +198,7 @@ namespace IRaCIS.Core.Application.Service
[HttpDelete("{trialExternalUserId:guid}/{isSystemUser:bool}/{systemUserId}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> DeleteTrialExternalUser(Guid trialExternalUserId, bool isSystemUser, Guid systemUserId)
{
var success = await _trialExternalUseRepository.BatchDeleteNoTrackingAsync(t => t.Id == trialExternalUserId);
@ -214,7 +214,7 @@ namespace IRaCIS.Core.Application.Service
//New 省掉邀请流程
[HttpPost]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> SendExternalUserJoinEmail(TrialExternalUserSendEmail sendEmail)
{
var trialInfo = (await _repository.FirstOrDefaultAsync<Trial>(t => t.Id == sendEmail.TrialId)).IfNullThrowException();

4
IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
View File

@ -130,7 +130,7 @@ namespace IRaCIS.Application.Services
//[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialStaff)]
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> AddTrialUsers(TrialUserAddCommand[] userTrialCommands)
{
@ -152,7 +152,7 @@ namespace IRaCIS.Application.Services
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
[HttpPut]
public async Task<IResponseOutput> UpdateTrialUser(UpdateTrialUserCommand updateTrialUserCommand)
{

8
IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
View File

@ -211,7 +211,7 @@ namespace IRaCIS.Core.Application.Services
/// <summary>Setting页面 Site批量添加</summary>
[HttpPost]
[UnitOfWork]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
[TypeFilter(typeof(TrialResourceFilter))]
public async Task<IResponseOutput> AddTrialSites(List<TrialSiteCommand> trialSites)
{
@ -231,7 +231,7 @@ namespace IRaCIS.Core.Application.Services
/// <param name="editTrialSiteCommand"></param>
/// <returns></returns>
[HttpPut]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> EditTrialSite(EditTrialSiteCommand editTrialSiteCommand)
{
@ -284,7 +284,7 @@ namespace IRaCIS.Core.Application.Services
/// <summary> 批量添加Site下 CRC的负责人 </summary>
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> AssignSiteCRC(List<AssginSiteCRCCommand> trialSiteCRCList)
{
var addArray = _mapper.Map<List<TrialSiteUser>>(trialSiteCRCList);
@ -298,7 +298,7 @@ namespace IRaCIS.Core.Application.Services
/// <summary> 删除CRC人员</summary>
[HttpDelete, Route("{id:guid}/{trialId:guid}/{isDelete:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> DeleteSiteCRC(Guid id, bool isDelete)
{

1
IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
View File

@ -113,6 +113,7 @@ namespace IRaCIS.Core.Application.Services
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{isUrgent:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
[Authorize(Policy = IRaCISPolicy.PM_IQC)]
public async Task<IResponseOutput> SetSubjectVisitUrgent(Guid subjectVisitId, bool isUrgent)
{
await _subjectVisitRepository.UpdatePartialFromQueryAsync(subjectVisitId, u => new SubjectVisit() { IsUrgent = isUrgent },true);

4
IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
View File

@ -83,7 +83,7 @@ namespace IRaCIS.Application.Services
/// <summary> 添加或更新访视计划某项</summary>
[UnitOfWork]
[HttpPost]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> AddOrUpdateVisitStage(VisitPlanCommand visitPlan)
{
@ -214,7 +214,7 @@ namespace IRaCIS.Application.Services
[UnitOfWork]
[HttpPost("{trialId:guid}")]
[Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task<IResponseOutput> ConfirmTrialVisitPlan(Guid trialId)
{
if (!await _trialRepository.AnyAsync(t => t.Id == trialId && (t.TrialStatusStr == StaticData.TrialInitializing || t.TrialStatusStr == StaticData.TrialOngoing)))