diff --git a/IRaCIS.Core.API/Controllers/FinancialChangeController.cs b/IRaCIS.Core.API/Controllers/FinancialChangeController.cs
index 1216822f0..d7126efaa 100644
--- a/IRaCIS.Core.API/Controllers/FinancialChangeController.cs
+++ b/IRaCIS.Core.API/Controllers/FinancialChangeController.cs
@@ -54,7 +54,7 @@ namespace IRaCIS.Core.API.Controllers.Special
///
/// 新记录Id
[HttpPost, Route("trial/addOrUpdateTrial")]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task> AddOrUpdateTrial(TrialCommand param)
{
var userId = Guid.Parse(User.FindFirst("id").Value);
diff --git a/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs b/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
index 8031d15d7..e75fc34bd 100644
--- a/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
+++ b/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
@@ -25,11 +25,16 @@ namespace IRaCIS.Core.API
});
- options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
+ options.AddPolicy(IRaCISPolicy.PM_APM, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
});
+ options.AddPolicy(IRaCISPolicy.PM_IQC, policyBuilder =>
+ {
+ policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.IQC).ToString());
+ });
+
options.AddPolicy(IRaCISPolicy.PM, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString());
@@ -41,7 +46,7 @@ namespace IRaCIS.Core.API
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(),((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.APM).ToString(), ((int)UserTypeEnum.IQC).ToString());
});
- //options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
+ //options.AddPolicy(IRaCISPolicy.PM_APM, policyBuilder =>
//{
// policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
//});
diff --git a/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs b/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
index 443f42494..d772da97f 100644
--- a/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
+++ b/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
@@ -10,9 +10,9 @@ namespace IRaCIS.Core.Application.Auth
public static class IRaCISPolicy
{
- public const string PMAndAPM = "PMAndAPM";
+ public const string PM_APM = "PM_APM";
- public const string PM_APM_CRC = "PMAndAPMAndCRC";
+ public const string PM_APM_CRC = "PM_APMAndCRC";
public const string CRC_IQC = "CRC_IQC";
@@ -20,11 +20,13 @@ namespace IRaCIS.Core.Application.Auth
public const string PM = "PM";
+ public const string PM_IQC = "PM_IQC";
+
public const string IQC = "IQC";
public const string PM_APM_CRC_QC = "PM_APM_CRC_QC";
- public const string SPMAndCPM = "SPMAndCPM";
+ public const string SPM_CPM = "SPMAndCPM";
}
}
diff --git a/IRaCIS.Core.Application/Service/QC/QCOperationService.cs b/IRaCIS.Core.Application/Service/QC/QCOperationService.cs
index 4ed058f2d..46821e22b 100644
--- a/IRaCIS.Core.Application/Service/QC/QCOperationService.cs
+++ b/IRaCIS.Core.Application/Service/QC/QCOperationService.cs
@@ -302,7 +302,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task CloseCheckChallenge(CloseCheckChallengeDto input)
{
@@ -336,7 +336,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM )]
+ [Authorize(Policy = IRaCISPolicy.PM_APM )]
public async Task SetCheckPass(SetCheckPassDt data)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@@ -416,7 +416,7 @@ namespace IRaCIS.Core.Application.Image.QA
}
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task RejectCheckBack(Guid subjectVisitId)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@@ -448,7 +448,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
[UnitOfWork]
public async Task CheckBack(Guid subjectVisitId)
{
@@ -522,7 +522,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task UploadVisitCheckExcel(IFormFile file, Guid trialId)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@@ -1858,7 +1858,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPost("{trialId:guid}")]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task ForwardSVDicomImage(Guid[] subjectVisitIdList)
{
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
index 635206739..2600090d6 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
@@ -70,7 +70,7 @@ namespace IRaCIS.Core.Application
/// 签名确认 包括项目的三组配置 + QC问题确认 后修改状态 (适用于不会回退的,项目废除、状态修改, 存在回退 不在这里弄,提供单独接口修改状态)
///
///
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task TrialConfigSignatureConfirm(SignConfirmDTO signConfirmDTO)
{
await VerifyOnlyInOngoingOrInitialIzingOptAsync(signConfirmDTO.TrialId);
@@ -147,7 +147,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task ConfigTrialBasicInfo(BasicTrialConfig trialConfig)
{
await VerifyOnlyInOngoingOrInitialIzingOptAsync(trialConfig.TrialId);
@@ -293,7 +293,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task ConfigTrialProcessInfo(TrialProcessConfig trialConfig)
{
if (!await _trialRepository.Where(t => t.Id == trialConfig.TrialId).IgnoreQueryFilters().AnyAsync(t => t.TrialStatusStr == StaticData.TrialInitializing))
@@ -318,7 +318,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task ConfigTrialUrgentInfo(TrialUrgentConfig trialConfig)
{
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
index db27b6a3b..8dc3d490a 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
@@ -64,7 +64,7 @@ namespace IRaCIS.Core.Application.Service
///
///
///
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task AddOrUpdateTrialExternalUser(TrialExternalUserAddAndSendEmail addOrEditTrialExternalUser)
{
@@ -198,7 +198,7 @@ namespace IRaCIS.Core.Application.Service
[HttpDelete("{trialExternalUserId:guid}/{isSystemUser:bool}/{systemUserId}")]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task DeleteTrialExternalUser(Guid trialExternalUserId, bool isSystemUser, Guid systemUserId)
{
var success = await _trialExternalUseRepository.BatchDeleteNoTrackingAsync(t => t.Id == trialExternalUserId);
@@ -214,7 +214,7 @@ namespace IRaCIS.Core.Application.Service
//New 省掉邀请流程
[HttpPost]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task SendExternalUserJoinEmail(TrialExternalUserSendEmail sendEmail)
{
var trialInfo = (await _repository.FirstOrDefaultAsync(t => t.Id == sendEmail.TrialId)).IfNullThrowException();
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
index 4ff274315..39de74b87 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
@@ -130,7 +130,7 @@ namespace IRaCIS.Application.Services
//[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialStaff)]
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task AddTrialUsers(TrialUserAddCommand[] userTrialCommands)
{
@@ -152,7 +152,7 @@ namespace IRaCIS.Application.Services
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
[HttpPut]
public async Task UpdateTrialUser(UpdateTrialUserCommand updateTrialUserCommand)
{
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
index 104bca508..232125fd8 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
@@ -211,7 +211,7 @@ namespace IRaCIS.Core.Application.Services
/// Setting页面 Site批量添加
[HttpPost]
[UnitOfWork]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
[TypeFilter(typeof(TrialResourceFilter))]
public async Task AddTrialSites(List trialSites)
{
@@ -231,7 +231,7 @@ namespace IRaCIS.Core.Application.Services
///
///
[HttpPut]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task EditTrialSite(EditTrialSiteCommand editTrialSiteCommand)
{
@@ -284,7 +284,7 @@ namespace IRaCIS.Core.Application.Services
/// 批量添加Site下 CRC的负责人
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task AssignSiteCRC(List trialSiteCRCList)
{
var addArray = _mapper.Map>(trialSiteCRCList);
@@ -298,7 +298,7 @@ namespace IRaCIS.Core.Application.Services
/// 删除CRC人员
[HttpDelete, Route("{id:guid}/{trialId:guid}/{isDelete:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task DeleteSiteCRC(Guid id, bool isDelete)
{
diff --git a/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs b/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
index 103317a69..118d6520f 100644
--- a/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
+++ b/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
@@ -113,6 +113,7 @@ namespace IRaCIS.Core.Application.Services
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{isUrgent:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.PM_IQC)]
public async Task SetSubjectVisitUrgent(Guid subjectVisitId, bool isUrgent)
{
await _subjectVisitRepository.UpdatePartialFromQueryAsync(subjectVisitId, u => new SubjectVisit() { IsUrgent = isUrgent },true);
diff --git a/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs b/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
index 8c3d43215..56f647042 100644
--- a/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
+++ b/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
@@ -83,7 +83,7 @@ namespace IRaCIS.Application.Services
/// 添加或更新访视计划某项
[UnitOfWork]
[HttpPost]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task AddOrUpdateVisitStage(VisitPlanCommand visitPlan)
{
@@ -214,7 +214,7 @@ namespace IRaCIS.Application.Services
[UnitOfWork]
[HttpPost("{trialId:guid}")]
- [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
+ [Authorize(Policy = IRaCISPolicy.PM_APM)]
public async Task ConfirmTrialVisitPlan(Guid trialId)
{
if (!await _trialRepository.AnyAsync(t => t.Id == trialId && (t.TrialStatusStr == StaticData.TrialInitializing || t.TrialStatusStr == StaticData.TrialOngoing)))