From 98aa1543d0b941c4ef8370e1319800425ef15326 Mon Sep 17 00:00:00 2001
From: hang <872297557@qq.com>
Date: Wed, 25 May 2022 13:48:02 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=94=B9=E6=9D=83=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../Controllers/FinancialChangeController.cs | 3 +-
.../Authorization/AuthorizationPolicySetup.cs | 23 +++++++--
IRaCIS.Core.Application/Auth/IRaCISPolicy.cs | 28 +++++++++++
.../Service/Document/TrialDocumentService.cs | 6 ++-
.../Service/QC/QCOperationService.cs | 47 +++++++++++--------
.../Service/QC/TrialQCQuestionService.cs | 6 ++-
.../TrialSiteEquipmentSurveyService.cs | 12 +----
.../SiteSurvey/TrialSiteUserSurveyService.cs | 6 +--
.../TrialSiteUser/TrialConfigService.cs | 8 ++++
.../TrialSiteUser/TrialExternalUserService.cs | 3 ++
.../TrialSiteUser/TrialMaintenanceService.cs | 3 ++
.../Service/TrialSiteUser/TrialSiteService.cs | 8 ++--
.../Service/Visit/SubjectVisitService.cs | 3 ++
.../Service/Visit/VisitPlanService.cs | 6 ++-
14 files changed, 113 insertions(+), 49 deletions(-)
create mode 100644 IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
diff --git a/IRaCIS.Core.API/Controllers/FinancialChangeController.cs b/IRaCIS.Core.API/Controllers/FinancialChangeController.cs
index ef69a0737..1216822f0 100644
--- a/IRaCIS.Core.API/Controllers/FinancialChangeController.cs
+++ b/IRaCIS.Core.API/Controllers/FinancialChangeController.cs
@@ -12,6 +12,7 @@ using IRaCIS.Core.Application.Service.Inspection.DTO;
using IRaCIS.Core.Infra.EFCore;
using IRaCIS.Core.Application.Service.Inspection.Interface;
using IRaCIS.Core.Domain.Models;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.API.Controllers.Special
{
@@ -53,7 +54,7 @@ namespace IRaCIS.Core.API.Controllers.Special
///
/// 新记录Id
[HttpPost, Route("trial/addOrUpdateTrial")]
-
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task> AddOrUpdateTrial(TrialCommand param)
{
var userId = Guid.Parse(User.FindFirst("id").Value);
diff --git a/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs b/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
index 58d42d596..61c883e01 100644
--- a/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
+++ b/IRaCIS.Core.API/_ServiceExtensions/Authorization/AuthorizationPolicySetup.cs
@@ -1,4 +1,5 @@
-using IRaCIS.Core.Domain.Share;
+using IRaCIS.Core.Application.Auth;
+using IRaCIS.Core.Domain.Share;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
@@ -11,27 +12,39 @@ namespace IRaCIS.Core.API
{
services.AddAuthorization(options =>
{
- //影像质控策略 只允许 CRC QA进行操作
- options.AddPolicy("ImageQCPolicy", policyBuilder =>
+ //影像质控策略 只允许 CRC IQC进行操作
+ options.AddPolicy(IRaCISPolicy.CRC_IQC, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.IQC).ToString());
});
//一致性核查策略 只允许 CRC PM APM 进行操作
- options.AddPolicy("ImageCheckPolicy", policyBuilder =>
+ options.AddPolicy(IRaCISPolicy.PM_APM_CRC, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.ClinicalResearchCoordinator).ToString(), ((int)UserTypeEnum.APM).ToString());
});
- options.AddPolicy("PmAndApmPolicy", policyBuilder =>
+ options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
{
policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
});
+ options.AddPolicy(IRaCISPolicy.PM, policyBuilder =>
+ {
+ policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString());
+ });
+ //options.AddPolicy(IRaCISPolicy.PMAndAPM, policyBuilder =>
+ //{
+ // policyBuilder.RequireClaim("userTypeEnumInt", ((int)UserTypeEnum.ProjectManager).ToString(), ((int)UserTypeEnum.APM).ToString());
+ //});
});
}
+
+
+
+
}
}
diff --git a/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs b/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
new file mode 100644
index 000000000..2950fd570
--- /dev/null
+++ b/IRaCIS.Core.Application/Auth/IRaCISPolicy.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace IRaCIS.Core.Application.Auth
+{
+
+
+ public static class IRaCISPolicy
+ {
+ public const string PMAndAPM = "PMAndAPM";
+
+ public const string PM_APM_CRC = "PMAndAPMAndCRC";
+
+ public const string CRC_IQC = "CRC_IQC";
+
+ public const string CRC = "CRC";
+
+ public const string PM = "PM";
+
+ public const string IQC = "IQC";
+
+ public const string SPMAndCPM = "SPMAndCPM";
+
+ }
+}
diff --git a/IRaCIS.Core.Application/Service/Document/TrialDocumentService.cs b/IRaCIS.Core.Application/Service/Document/TrialDocumentService.cs
index df55832de..7f64e0776 100644
--- a/IRaCIS.Core.Application/Service/Document/TrialDocumentService.cs
+++ b/IRaCIS.Core.Application/Service/Document/TrialDocumentService.cs
@@ -7,7 +7,8 @@
using Microsoft.AspNetCore.Mvc;
using IRaCIS.Core.Application.Contracts;
-
+using Microsoft.AspNetCore.Authorization;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Services
{
@@ -397,6 +398,8 @@ namespace IRaCIS.Core.Application.Services
return ResponseOutput.Ok(result);
}
+
+ [Authorize(Policy = IRaCISPolicy.PM)]
public async Task AddOrUpdateTrialDocument(AddOrEditTrialDocument addOrEditTrialDocument)
{
if (addOrEditTrialDocument.Id == null)
@@ -464,6 +467,7 @@ namespace IRaCIS.Core.Application.Services
///
///
[HttpDelete("{trialId:guid}/{trialDocumentId:guid}")]
+ [Authorize(Policy = IRaCISPolicy.PM)]
public async Task DeleteTrialDocument(Guid trialDocumentId, Guid trialId)
{
if (await _trialDocumentRepository.AsQueryable(true).Where(t => t.Id == trialDocumentId).AnyAsync(t => t.TrialDocConfirmedUserList.Any()))
diff --git a/IRaCIS.Core.Application/Service/QC/QCOperationService.cs b/IRaCIS.Core.Application/Service/QC/QCOperationService.cs
index 932d13e00..4ed058f2d 100644
--- a/IRaCIS.Core.Application/Service/QC/QCOperationService.cs
+++ b/IRaCIS.Core.Application/Service/QC/QCOperationService.cs
@@ -21,6 +21,7 @@ using IRaCIS.Core.Infrastructure;
using IRaCIS.Core.Application.Service.Inspection.DTO;
using Nito.AsyncEx;
using System.ComponentModel.DataAnnotations;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Image.QA
{
@@ -68,6 +69,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpGet("{trialId:guid}/{subjectVisitId:guid}/{currentQCType:int}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task VerifyQCCanAddChallenge(Guid subjectVisitId, [FromRoute] CurrentQC currentQCType)
{
await VerifyIsCanQCAsync(null, subjectVisitId);
@@ -90,7 +92,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}/{trialQCProcess:int}/{currentQCType:int}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "ImageQCPolicy")]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task AddOrUpdateQCChallenge(QCChallengeCommand qaQuestionCommand, Guid trialId, [FromRoute] TrialQCProcess trialQCProcess, [FromRoute] CurrentQC currentQCType)
{
await VerifyIsCanQCAsync(null, qaQuestionCommand.SubjectVisitId);
@@ -147,7 +149,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPut]
[TypeFilter(typeof(TrialResourceFilter))]
[UnitOfWork]
- //[Authorize(Policy = "ImageQCPolicy")]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task CloseQCChallenge(CloseQCChallengeInDto input)
{
@@ -199,7 +201,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpDelete("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "ImageQCPolicy")]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task DeleteQCChallenge(Guid qcChallengeId)
{
@@ -226,7 +228,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "ImageQCPolicy")]
+ [Authorize(Policy = IRaCISPolicy.CRC_IQC)]
public async Task AddQCChallengeReply(QADialogCommand qaDialogCommand)
{
var qaReply = _mapper.Map(qaDialogCommand);
@@ -261,7 +263,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "ImageCheckPolicy")]
+ [Authorize(Policy = IRaCISPolicy.PM_APM_CRC)]
public async Task AddCheckChallengeReply(CheckChallengeDialogCommand checkDialogCommand)
{
@@ -300,6 +302,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task CloseCheckChallenge(CloseCheckChallengeDto input)
{
@@ -333,7 +336,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "PmAndApmPolicy")]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM )]
public async Task SetCheckPass(SetCheckPassDt data)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@@ -374,6 +377,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.CRC)]
public async Task CRCRequstCheckBack(Guid subjectVisitId)
{
var sv = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException();
@@ -412,7 +416,7 @@ namespace IRaCIS.Core.Application.Image.QA
}
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
- [Authorize(Policy = "PmAndApmPolicy")]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task RejectCheckBack(Guid subjectVisitId)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@@ -444,7 +448,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "PmAndApmPolicy")]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[UnitOfWork]
public async Task CheckBack(Guid subjectVisitId)
{
@@ -518,7 +522,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
- [Authorize(Policy = "PmAndApmPolicy")]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task UploadVisitCheckExcel(IFormFile file, Guid trialId)
{
//if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ProjectManager && _userInfo.UserTypeEnumInt != (int)UserTypeEnum.APM)
@@ -715,6 +719,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}/{subjectVisitId:guid}/{trialQCProcess:int}/{currentQCType:int}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task AddOrUpdateQCQuestionAnswerList(QCQuestionAnswerCommand[] qcQuestionAnswerCommands, Guid trialId, Guid subjectVisitId, [FromRoute] TrialQCProcess trialQCProcess, [FromRoute] CurrentQC currentQCType)
{
//验证是否能操作
@@ -785,6 +790,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{studyId:guid}/{seriesId:guid}/{state:int}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task SetSeriesState(Guid subjectVisitId, Guid studyId, Guid seriesId, int state)
{
@@ -852,6 +858,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task UpdateModality(UpdateModalityCommand updateModalityCommand)
{
@@ -918,6 +925,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPost, Route("{trialId:guid}/{subjectVisitId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
[UnitOfWork]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task DeleteStudyList(Guid[] ids, Guid subjectVisitId, Guid trialId)
{
@@ -1013,6 +1021,7 @@ namespace IRaCIS.Core.Application.Image.QA
/// 替换当前领取人
[HttpPut("{trialId:guid}/{subjectVisitId:guid}")]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task ReplaceQCTaskActionUser(Guid trialId, Guid subjectVisitId)
{
var dbSubjectVisit = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException();
@@ -1045,6 +1054,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{obtaionOrCancel:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task ObtainOrCancelQCTask(Guid trialId, Guid subjectVisitId, bool obtaionOrCancel)
{
@@ -1248,6 +1258,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.CRC)]
public async Task CRCRequestToQC(CRCRequestToQCCommand cRCRequestToQCCommand)
{
var trialConfig = (await _trialRepository
@@ -1374,6 +1385,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost("{trialId:guid}/{subjectVisitId:guid}/{auditState:int}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task QCPassedOrFailed(Guid trialId, Guid subjectVisitId, [FromRoute] AuditStateEnum auditState)
{
@@ -1556,6 +1568,7 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{setOrCancel:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task SetVisitUrgent(Guid trialId, Guid subjectVisitId, bool setOrCancel)
{
var sv = (await _subjectVisitRepository.FirstOrDefaultAsync(t => t.Id == subjectVisitId)).IfNullThrowException();
@@ -1592,13 +1605,9 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task SetNeedReupload(Guid trialId, Guid qcChallengeId)
{
- if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.IQC)
- {
- return ResponseOutput.NotOk("重传 只允许QA 设置!");
- }
-
//获取项目配置
var trialConfig = await _repository.Where(t => t.Id == trialId).Select(t => new { TrialId = t.Id, t.QCProcessEnum, t.IsImageConsistencyVerification })
@@ -1693,14 +1702,10 @@ namespace IRaCIS.Core.Application.Image.QA
///
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.CRC)]
public async Task SetReuploadFinished(CRCReuploadFinishedCommand cRCReuploadFinishedCommand)
{
- if (_userInfo.UserTypeEnumInt != (int)UserTypeEnum.ClinicalResearchCoordinator)
- {
- throw new BusinessValidationFailedException("重传完成 只允许CRC 设置!");
- }
-
-
+
var qcChallenge = (await _qcChallengeRepository.FirstOrDefaultAsync(t => t.Id == cRCReuploadFinishedCommand.QCChallengeId)).IfNullThrowException();
if (qcChallenge.ReuploadEnum != QCChanllengeReuploadEnum.QCAgreeUpload)
@@ -1772,6 +1777,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPut("{trialId:guid}/{subjectVisitId:guid}/{qcChallengeId:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.CRC)]
public async Task CRCRequestReUpload(Guid qcChallengeId)
{
var qcChallenge = (await _qcChallengeRepository.FirstOrDefaultAsync(t => t.Id == qcChallengeId)).IfNullThrowException();
@@ -1852,6 +1858,7 @@ namespace IRaCIS.Core.Application.Image.QA
[HttpPost("{trialId:guid}")]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task ForwardSVDicomImage(Guid[] subjectVisitIdList)
{
diff --git a/IRaCIS.Core.Application/Service/QC/TrialQCQuestionService.cs b/IRaCIS.Core.Application/Service/QC/TrialQCQuestionService.cs
index dca0fe96b..280fb9a8e 100644
--- a/IRaCIS.Core.Application/Service/QC/TrialQCQuestionService.cs
+++ b/IRaCIS.Core.Application/Service/QC/TrialQCQuestionService.cs
@@ -4,8 +4,10 @@
// 对此文件的更改可能会导致不正确的行为,并且如果重新生成代码,这些更改将会丢失。
//--------------------------------------------------------------------
+using IRaCIS.Core.Application.Auth;
using IRaCIS.Core.Infra.EFCore;
using IRaCIS.Core.Infrastructure;
+using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
namespace IRaCIS.Core.Application.Contracts
@@ -122,6 +124,7 @@ namespace IRaCIS.Core.Application.Contracts
///
///
[HttpPost("{trialId:guid}")]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task BatchAddTrialQCQuestionConfigure(List batchList, Guid trialId)
{
@@ -137,7 +140,7 @@ namespace IRaCIS.Core.Application.Contracts
return ResponseOutput.Result(success);
}
-
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task AddOrUpdateTrialQCQuestionConfigure(TrialQCQuestionAddOrEdit addOrEditTrialQCQuestionConfigure)
{
await VerifyIsQCConfirmedAsync(addOrEditTrialQCQuestionConfigure.TrialId);
@@ -149,6 +152,7 @@ namespace IRaCIS.Core.Application.Contracts
[HttpDelete("{trialId:guid}/{trialQCQuestionConfigureId:guid}")]
+ [Authorize(Policy = IRaCISPolicy.IQC)]
public async Task DeleteTrialQCQuestionConfigure(Guid trialQCQuestionConfigureId, Guid trialId)
{
await VerifyIsQCConfirmedAsync(trialId);
diff --git a/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteEquipmentSurveyService.cs b/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteEquipmentSurveyService.cs
index 5b70e31fc..c8ba08836 100644
--- a/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteEquipmentSurveyService.cs
+++ b/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteEquipmentSurveyService.cs
@@ -7,7 +7,6 @@
using Microsoft.AspNetCore.Mvc;
using IRaCIS.Core.Application.Filter;
using IRaCIS.Core.Domain.Share;
-using IRaCIS.Core.Infra.EFCore;
namespace IRaCIS.Core.Application.Contracts
{
@@ -39,11 +38,7 @@ namespace IRaCIS.Core.Application.Contracts
[HttpPost("{trialId:guid}")]
public async Task AddOrUpdateTrialSiteEquipmentSurvey(TrialSiteEquipmentSurveyAddOrEdit addOrEditTrialSiteEquipmentSurvey)
{
- if (_userInfo.UserTypeEnumInt == (int)UserTypeEnum.CPM || _userInfo.UserTypeEnumInt == (int)UserTypeEnum.APM)
- {
- return ResponseOutput.NotOk("CPM/APM 不允许操作");
- }
-
+
if (addOrEditTrialSiteEquipmentSurvey.Id != null)
{
if (await _trialSiteEquipmentSurveyRepository.Where(t => t.Id == addOrEditTrialSiteEquipmentSurvey.Id).AnyAsync(t => t.TrialSiteSurvey.State==TrialSiteSurveyEnum.PMCreatedAndLock))
@@ -63,11 +58,6 @@ namespace IRaCIS.Core.Application.Contracts
[HttpDelete("{trialSiteEquipmentSurveyId:guid}/{trialId:guid}")]
public async Task DeleteTrialSiteEquipmentSurvey(Guid trialSiteEquipmentSurveyId)
{
- if (_userInfo.UserTypeEnumInt == (int)UserTypeEnum.CPM || _userInfo.UserTypeEnumInt == (int)UserTypeEnum.APM)
- {
- return ResponseOutput.NotOk("CPM/APM 不允许操作");
- }
-
if (await _trialSiteEquipmentSurveyRepository.Where(t => t.Id == trialSiteEquipmentSurveyId).AnyAsync(t => t.TrialSiteSurvey.State==TrialSiteSurveyEnum.PMCreatedAndLock))
{
return ResponseOutput.NotOk("已锁定,不允许操作");
diff --git a/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteUserSurveyService.cs b/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteUserSurveyService.cs
index 9a9ad2776..0cb37aac6 100644
--- a/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteUserSurveyService.cs
+++ b/IRaCIS.Core.Application/Service/SiteSurvey/TrialSiteUserSurveyService.cs
@@ -6,8 +6,6 @@
using Microsoft.AspNetCore.Mvc;
using IRaCIS.Core.Domain.Share;
using IRaCIS.Core.Application.Filter;
-using IRaCIS.Core.Infra.EFCore;
-using IRaCIS.Core.Infrastructure;
namespace IRaCIS.Core.Application.Contracts
{
@@ -41,7 +39,6 @@ namespace IRaCIS.Core.Application.Contracts
public async Task AddOrUpdateTrialSiteUserSurvey(TrialSiteUserSurveyAddOrEdit addOrEditTrialSiteUserSurvey)
{
-
if (await _trialSiteUserSurveyRepository.Where(t => t.Id == addOrEditTrialSiteUserSurvey.Id).AnyAsync(t => t.TrialSiteSurvey.State == TrialSiteSurveyEnum.PMCreatedAndLock))
{
return ResponseOutput.NotOk("已锁定,不允许操作");
@@ -73,8 +70,7 @@ namespace IRaCIS.Core.Application.Contracts
[TypeFilter(typeof(TrialResourceFilter))]
[HttpDelete("{trialSiteUserSurveyId:guid}/{trialId:guid}")]
public async Task DeleteTrialSiteUserSurvey(Guid trialSiteUserSurveyId)
- {
-
+ {
if (await _trialSiteUserSurveyRepository.Where(t => t.Id == trialSiteUserSurveyId).AnyAsync(t => t.TrialSiteSurvey.State == TrialSiteSurveyEnum.PMCreatedAndLock))
{
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
index 9efc45424..635206739 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialConfigService.cs
@@ -6,6 +6,8 @@ using Microsoft.AspNetCore.Http;
using IRaCIS.Core.Domain.Share;
using EasyCaching.Core;
using IRaCIS.Core.Infrastructure;
+using Microsoft.AspNetCore.Authorization;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application
{
@@ -68,6 +70,7 @@ namespace IRaCIS.Core.Application
/// 签名确认 包括项目的三组配置 + QC问题确认 后修改状态 (适用于不会回退的,项目废除、状态修改, 存在回退 不在这里弄,提供单独接口修改状态)
///
///
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task TrialConfigSignatureConfirm(SignConfirmDTO signConfirmDTO)
{
await VerifyOnlyInOngoingOrInitialIzingOptAsync(signConfirmDTO.TrialId);
@@ -144,6 +147,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task ConfigTrialBasicInfo(BasicTrialConfig trialConfig)
{
await VerifyOnlyInOngoingOrInitialIzingOptAsync(trialConfig.TrialId);
@@ -175,6 +179,7 @@ namespace IRaCIS.Core.Application
///
[HttpPut("{trialId:guid}/{trialStatusStr}/{reason?}")]
[UnitOfWork]
+ [Authorize(Policy = IRaCISPolicy.PM)]
public async Task UpdateTrialState(Guid trialId, string trialStatusStr, string? reason)
{
@@ -250,6 +255,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut("{trialId:guid}/{isAbandon:bool}")]
+ [Authorize(Policy = IRaCISPolicy.PM)]
public async Task AbandonTrial(Guid trialId, /*Guid? signId,*/ bool isAbandon)
{
@@ -287,6 +293,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task ConfigTrialProcessInfo(TrialProcessConfig trialConfig)
{
if (!await _trialRepository.Where(t => t.Id == trialConfig.TrialId).IgnoreQueryFilters().AnyAsync(t => t.TrialStatusStr == StaticData.TrialInitializing))
@@ -311,6 +318,7 @@ namespace IRaCIS.Core.Application
///
///
[HttpPut]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task ConfigTrialUrgentInfo(TrialUrgentConfig trialConfig)
{
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
index b3d0f4d83..db27b6a3b 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialExternalUserService.cs
@@ -64,6 +64,7 @@ namespace IRaCIS.Core.Application.Service
///
///
///
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task AddOrUpdateTrialExternalUser(TrialExternalUserAddAndSendEmail addOrEditTrialExternalUser)
{
@@ -197,6 +198,7 @@ namespace IRaCIS.Core.Application.Service
[HttpDelete("{trialExternalUserId:guid}/{isSystemUser:bool}/{systemUserId}")]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task DeleteTrialExternalUser(Guid trialExternalUserId, bool isSystemUser, Guid systemUserId)
{
var success = await _trialExternalUseRepository.BatchDeleteNoTrackingAsync(t => t.Id == trialExternalUserId);
@@ -212,6 +214,7 @@ namespace IRaCIS.Core.Application.Service
//New 省掉邀请流程
[HttpPost]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task SendExternalUserJoinEmail(TrialExternalUserSendEmail sendEmail)
{
var trialInfo = (await _repository.FirstOrDefaultAsync(t => t.Id == sendEmail.TrialId)).IfNullThrowException();
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
index 420dc1be7..4ff274315 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialMaintenanceService.cs
@@ -7,6 +7,7 @@ using IRaCIS.Application.Interfaces;
using IRaCIS.Core.Application.Service;
using Microsoft.AspNetCore.Authorization;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Application.Services
{
@@ -129,6 +130,7 @@ namespace IRaCIS.Application.Services
//[TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialStaff)]
[HttpPost]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task AddTrialUsers(TrialUserAddCommand[] userTrialCommands)
{
@@ -150,6 +152,7 @@ namespace IRaCIS.Application.Services
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[HttpPut]
public async Task UpdateTrialUser(UpdateTrialUserCommand updateTrialUserCommand)
{
diff --git a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
index 6da62003b..104bca508 100644
--- a/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
+++ b/IRaCIS.Core.Application/Service/TrialSiteUser/TrialSiteService.cs
@@ -7,6 +7,7 @@ using IRaCIS.Core.Application.Contracts;
using IRaCIS.Core.Application.Interfaces;
using IRaCIS.Core.Application.Service;
using Microsoft.AspNetCore.Authorization;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Services
{
@@ -210,7 +211,7 @@ namespace IRaCIS.Core.Application.Services
/// Setting页面 Site批量添加
[HttpPost]
[UnitOfWork]
- [TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialSite)]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
[TypeFilter(typeof(TrialResourceFilter))]
public async Task AddTrialSites(List trialSites)
{
@@ -224,13 +225,13 @@ namespace IRaCIS.Core.Application.Services
-
///
/// 项目site 编辑接口 New 可以设置为启用不启用 不启用 不会验证Code 重复
///
///
///
[HttpPut]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task EditTrialSite(EditTrialSiteCommand editTrialSiteCommand)
{
@@ -282,8 +283,8 @@ namespace IRaCIS.Core.Application.Services
/// 批量添加Site下 CRC的负责人
[HttpPost]
- [TrialAudit(AuditType.TrialAudit, AuditOptType.AddTrialSiteCRC)]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task AssignSiteCRC(List trialSiteCRCList)
{
var addArray = _mapper.Map>(trialSiteCRCList);
@@ -297,6 +298,7 @@ namespace IRaCIS.Core.Application.Services
/// 删除CRC人员
[HttpDelete, Route("{id:guid}/{trialId:guid}/{isDelete:bool}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task DeleteSiteCRC(Guid id, bool isDelete)
{
diff --git a/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs b/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
index 36507525b..103317a69 100644
--- a/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
+++ b/IRaCIS.Core.Application/Service/Visit/SubjectVisitService.cs
@@ -8,6 +8,7 @@ using IRaCIS.Core.Domain.Share;
using IRaCIS.Core.Application.Contracts;
using IRaCIS.Core.Application.Interfaces;
using IRaCIS.Core.Infrastructure;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Core.Application.Services
{
@@ -120,8 +121,10 @@ namespace IRaCIS.Core.Application.Services
}
+
[HttpDelete, Route("{trialId:guid}/{id:guid}")]
[TypeFilter(typeof(TrialResourceFilter))]
+ [Authorize(Policy = IRaCISPolicy.CRC)]
public async Task DeleteSV(Guid id)
{
if (await _repository.AnyAsync(t => t.SubjectVisitId == id))
diff --git a/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs b/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
index 06a7abd75..8c3d43215 100644
--- a/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
+++ b/IRaCIS.Core.Application/Service/Visit/VisitPlanService.cs
@@ -9,7 +9,8 @@ using Magicodes.ExporterAndImporter.Core;
using Magicodes.ExporterAndImporter.Excel;
using Magicodes.ExporterAndImporter.Excel.AspNetCore;
using IRaCIS.Core.Infrastructure;
-using MassTransit;
+using Microsoft.AspNetCore.Authorization;
+using IRaCIS.Core.Application.Auth;
namespace IRaCIS.Application.Services
{
@@ -82,6 +83,7 @@ namespace IRaCIS.Application.Services
/// 添加或更新访视计划某项
[UnitOfWork]
[HttpPost]
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task AddOrUpdateVisitStage(VisitPlanCommand visitPlan)
{
@@ -212,7 +214,7 @@ namespace IRaCIS.Application.Services
[UnitOfWork]
[HttpPost("{trialId:guid}")]
-
+ [Authorize(Policy = IRaCISPolicy.PMAndAPM)]
public async Task ConfirmTrialVisitPlan(Guid trialId)
{
if (!await _trialRepository.AnyAsync(t => t.Id == trialId && (t.TrialStatusStr == StaticData.TrialInitializing || t.TrialStatusStr == StaticData.TrialOngoing)))