/// <summary>
/// Replaces the given <paramref name="rule" /> on the specified object with the <paramref name="newTrustee" />.
/// </summary>
/// <param name="objectType">The type of the shared object to be found.</param>
/// <param name="objectId">The primary key for the shared object to be found.</param>
/// <param name="rule">The ACE (Access Control Entry) to replace.</param>
/// <param name="newTrustee">The new ACE (Access Control Entry) to set.</param>
/// <param name="cancellationToken">A token to observe while waiting for the task to complete.</param>
/// <returns>
/// A task that represents the asynchronous operation.
/// </returns>
public virtual async Task <ValidationResult> ReplaceAccessRuleAsync(AccessObjectType objectType, int objectId, AccessRuleItem rule, AccessRuleItem newTrustee, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
if (rule == null)
{
throw new ArgumentNullException(nameof(rule));
}
if (newTrustee == null)
{
throw new ArgumentNullException(nameof(newTrustee));
}
var userId = rule.User?.Id;
var aceEntity = await AccessRules.SingleOrDefaultAsync(p => p.ObjectType == objectType && p.ObjectId == objectId && p.UserId == userId, cancellationToken);
if (aceEntity == null)
{
throw new InvalidOperationException("ACE does not exist.");
}
aceEntity.Permission = newTrustee.Permission;
aceEntity.Visibility = newTrustee.Visibility;
await SaveChangesAsync(cancellationToken);
return(ValidationResult.Success);
}
/// <summary>
/// Deletes a list of <see cref="AccessRuleItem" />s from the specified <paramref name="item" />.
/// </summary>
/// <param name="objectType">The type of the shared object to be removed.</param>
/// <param name="objectId">The primary key for the shared object to be removed.</param>
/// <param name="rule">The ACEs (Access Control Entries) to delete.</param>
/// <param name="cancellationToken">A token to observe while waiting for the task to complete.</param>
/// <returns>
/// A task that represents the asynchronous operation.
/// </returns>
public virtual async Task <ValidationResult> RemoveAccessRuleAsync(AccessObjectType objectType, int objectId, AccessRuleItem rule, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
if (rule == null)
{
throw new ArgumentNullException(nameof(rule));
}
var aceEntity = await AccessRules.Where(objectType, objectId, rule.User?.Id).SingleOrDefaultAsync(cancellationToken);
if (aceEntity == null)
{
throw new InvalidOperationException("ACE does not exist.");
}
Context.Remove(aceEntity);
await SaveChangesAsync(cancellationToken);
return(ValidationResult.Success);
}
/// <summary>
/// Inserts a list of <see cref="AccessRuleItem" />s to the specified <paramref name="item" />.
/// </summary>
/// <param name="objectType">The type of the shared object to be inserted.</param>
/// <param name="objectId">The primary key for the shared object to be inserted.</param>
/// <param name="rule">The ACEs (Access Control Entries) to insert.</param>
/// <param name="cancellationToken">A token to observe while waiting for the task to complete.</param>
/// <returns>
/// A task that represents the asynchronous operation.
/// </returns>
public virtual async Task <ValidationResult> AddAccessRuleAsync(AccessObjectType objectType, int objectId, AccessRuleItem rule, CancellationToken cancellationToken)
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
if (rule == null)
{
throw new ArgumentNullException(nameof(rule));
}
if (await AccessRules.Where(objectType, objectId, rule.User?.Id).AnyAsync(cancellationToken))
{
return(ValidationResult.Failed("Duplicated ACE entry."));
}
AccessRules.Add(new SecurityAccessRule
{
ObjectType = objectType,
ObjectId = objectId,
UserId = rule.User?.Id,
Permission = rule.Permission,
Visibility = rule.Visibility
});
await SaveChangesAsync(cancellationToken);
return(ValidationResult.Success);
}
