public async Task <IActionResult> PutUser(int id, User user)
{
if (id != user.Id)
{
return(BadRequest());
}
_context.Entry(user).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
public async Task <User> DeleteRolesFromUser(User user, IList <Role> roles)
{
var roleIds = roles.Select(r => r.Id);
var roleUsers =
AuthorizationDbContext.RoleUsers.Where(
ru => ru.SubjectId == user.SubjectId &&
ru.IdentityProvider == user.IdentityProvider &&
!ru.IsDeleted &&
roleIds.Contains(ru.RoleId));
foreach (var roleUser in roleUsers)
{
var roleToRemove = roles.FirstOrDefault(r => r.Id == roleUser.RoleId);
if (roleToRemove != null)
{
user.Roles.Remove(roleToRemove);
roleUser.IsDeleted = true;
}
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <User>(EventTypes.ChildEntityDeletedEvent, user.Id, user));
return(user);
}
public async Task Delete(Group group)
{
var groupEntity = await AuthorizationDbContext.Groups
.Include(g => g.GroupRoles)
.Include(g => g.GroupUsers)
.SingleOrDefaultAsync(g => g.GroupId == Guid.Parse(group.Id));
if (groupEntity == null)
{
throw new NotFoundException <Group>($"Could not find {typeof(Group).Name} entity with ID {group.Name}");
}
groupEntity.IsDeleted = true;
foreach (var groupRole in groupEntity.GroupRoles)
{
if (!groupRole.IsDeleted)
{
groupRole.IsDeleted = true;
}
}
foreach (var groupUser in groupEntity.GroupUsers)
{
if (!groupUser.IsDeleted)
{
groupUser.IsDeleted = true;
}
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.EntityDeletedEvent, group.Id, groupEntity.ToModel()));
}
public async Task Delete(Role role)
{
var roleEntity = await AuthorizationDbContext.Roles
.Include(r => r.RolePermissions)
.Include(r => r.GroupRoles)
.SingleOrDefaultAsync(r =>
r.RoleId == role.Id &&
!r.IsDeleted);
if (roleEntity == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {role.Id}");
}
roleEntity.IsDeleted = true;
foreach (var rolePermission in roleEntity.RolePermissions)
{
rolePermission.IsDeleted = true;
}
foreach (var groupRole in roleEntity.GroupRoles)
{
groupRole.IsDeleted = true;
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityDeletedEvent, role.Id.ToString(), roleEntity.ToModel()));
}
public async Task <Group> Add(Group group)
{
var groupNameMatches = AuthorizationDbContext.Groups
.Where(g => !g.IsDeleted &&
g.Name == group.GroupIdentifier.GroupName).Select(e => e.ToModel()).ToList();
if (groupNameMatches.Any())
{
if (group.SourceEquals(GroupConstants.CustomSource))
{
throw new AlreadyExistsException <Group>(
$"Could not create group name {group.Name}. A group with the same name exists as a Custom group or a Directory group.");
}
if (groupNameMatches.Any(g =>
new GroupIdentifierComparer().Equals(g.GroupIdentifier, group.GroupIdentifier)))
{
throw new AlreadyExistsException <Group>(
$"Group {group.GroupIdentifier} already exists. Please use a different GroupName, IdentityProvider, or TenantId.");
}
}
group.Id = Guid.NewGuid();
var groupEntity = group.ToEntity();
AuthorizationDbContext.Groups.Add(groupEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.EntityCreatedEvent, group.Id.ToString(), groupEntity.ToModel()));
return(groupEntity.ToModel());
}
public async Task <Group> AddRolesToGroup(Group group, IEnumerable <Role> rolesToAdd)
{
var groupEntity = await AuthorizationDbContext.Groups.SingleOrDefaultAsync(g =>
g.Name == group.Name &&
g.TenantId == group.TenantId &&
g.IdentityProvider == group.IdentityProvider &&
!g.IsDeleted);
if (groupEntity == null)
{
throw new NotFoundException <Group>($"Could not find {typeof(Group).Name} entity with ID {group.Name}");
}
foreach (var role in rolesToAdd)
{
group.Roles.Add(role);
AuthorizationDbContext.GroupRoles.Add(new GroupRole
{
GroupId = groupEntity.GroupId,
RoleId = role.Id
});
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityCreatedEvent, group.Id.ToString(), group));
return(group);
}
public async Task <Role> Add(Role role)
{
role.Id = Guid.NewGuid();
var roleEntity = role.ToEntity();
roleEntity.SecurableItem =
AuthorizationDbContext.SecurableItems.First(s => !s.IsDeleted && s.Name == role.SecurableItem);
if (role.ChildRoles.Any())
{
var childRoles = await AuthorizationDbContext.Roles.Where(r => role.ChildRoles.Contains(r.RoleId))
.ToListAsync();
foreach (var childRole in childRoles)
{
childRole.ParentRole = roleEntity;
}
}
AuthorizationDbContext.Roles.Add(roleEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityCreatedEvent, role.Id.ToString(), roleEntity.ToModel()));
return(roleEntity.ToModel());
}
public async Task <Role> AddPermissionsToRole(Role role, ICollection <Permission> allowPermissions,
ICollection <Permission> denyPermissions)
{
// TODO: handle case where role.Id may not exist in Roles table
foreach (var permission in allowPermissions)
{
AuthorizationDbContext.RolePermissions.Add(new RolePermission
{
RoleId = role.Id,
PermissionId = permission.Id,
PermissionAction = PermissionAction.Allow
});
role.Permissions.Add(permission);
}
foreach (var permission in denyPermissions)
{
AuthorizationDbContext.RolePermissions.Add(new RolePermission
{
RoleId = role.Id,
PermissionId = permission.Id,
PermissionAction = PermissionAction.Deny
});
role.Permissions.Add(permission);
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityUpdatedEvent, role.Id.ToString(), role));
return(role);
}
public async Task <Role> RemovePermissionsFromRole(Role role, Guid[] permissionIds)
{
var roleEntity = await AuthorizationDbContext.Roles
.Include(r => r.RolePermissions)
.SingleOrDefaultAsync(r =>
r.RoleId == role.Id &&
!r.IsDeleted);
if (roleEntity == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {role.Id}");
}
foreach (var permissionId in permissionIds)
{
var rolePermissionToRemove = roleEntity.RolePermissions.Single(
rp => rp.RoleId == roleEntity.RoleId &&
rp.PermissionId == permissionId);
rolePermissionToRemove.IsDeleted = true;
AuthorizationDbContext.RolePermissions.Update(rolePermissionToRemove);
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityUpdatedEvent, role.Id.ToString(), role));
return(roleEntity.ToModel());
}
public async Task <Group> AddUsersToGroup(Group group, IEnumerable <User> usersToAdd)
{
var groupEntity = await AuthorizationDbContext.Groups.SingleOrDefaultAsync(g =>
g.Name == group.Name &&
g.TenantId == group.TenantId &&
g.IdentityProvider == group.IdentityProvider &&
!g.IsDeleted);
if (groupEntity == null)
{
throw new NotFoundException <Group>($"Could not find {typeof(Group).Name} entity with ID {group.Name}");
}
var groupUsers = new List <GroupUser>();
foreach (var user in usersToAdd)
{
group.Users.Add(user);
var groupUser = new GroupUser
{
GroupId = groupEntity.GroupId,
IdentityProvider = user.IdentityProvider,
SubjectId = user.SubjectId
};
AuthorizationDbContext.GroupUsers.Add(groupUser);
groupUsers.Add(groupUser);
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityCreatedEvent, group.Id.ToString(), group));
return(group);
}
public async Task <Group> RemoveChildGroups(Group group, IEnumerable <Group> childGroups)
{
var childGroupList = childGroups.ToList();
var childGroupIds = childGroupList.Select(g => g.Id);
var childGroupEntities = AuthorizationDbContext.ChildGroups.Where(cg => !cg.IsDeleted && cg.ParentGroupId == group.Id && childGroupIds.Contains(cg.ChildGroupId));
foreach (var childGroup in childGroupList)
{
var childToRemove = group.Children.FirstOrDefault(c => c.Name == childGroup.Name);
if (childToRemove == null)
{
continue;
}
group.Children.Remove(childToRemove);
var childToRemoveEntity = childGroupEntities.FirstOrDefault(cg => cg.ParentGroupId == group.Id && cg.ChildGroupId == childGroup.Id);
if (childToRemoveEntity != null)
{
childToRemoveEntity.IsDeleted = true;
}
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityDeletedEvent, group.Id.ToString(), group));
return(group);
}
public async Task Delete(Permission permission)
{
var permissionEntity = await AuthorizationDbContext.Permissions
.Include(p => p.RolePermissions)
.Include(p => p.UserPermissions)
.SingleOrDefaultAsync(p =>
p.PermissionId == permission.Id &&
!p.IsDeleted);
if (permissionEntity == null)
{
throw new NotFoundException <Permission>(
$"Could not find {typeof(Permission).Name} entity with ID {permission.Id}");
}
permissionEntity.IsDeleted = true;
foreach (var rolePermission in permissionEntity.RolePermissions)
{
rolePermission.IsDeleted = true;
}
foreach (var userPermission in permissionEntity.UserPermissions)
{
userPermission.IsDeleted = true;
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Permission>(EventTypes.EntityDeletedEvent, permission.Id.ToString(), permissionEntity.ToModel()));
}
public async Task <Either <Exception, LoggedUser> > RegisterNewUser(RegisterUser model)
{
async Task AssignUserToRole(User user)
{
var claim = _authdbContext.Claims.First(x => x.Key == "NormalUser");
var claimsResult = _authdbContext.UserClaims.Add(new UserClaim()
{
ClaimType = "NormalUser", ClaimValue = "NormalUser", UserId = user.Id
});
await _authdbContext.SaveChangesAsync();
}
try
{
var isUserExists = _authdbContext.Users.Find(x => x.Email == model.Email).Count().Equals(0);
if (!isUserExists)
{
return(new UserExistsException("Użytkownik o ponadym adresie email już istnieje"));
}
var userDbModel = new User()
{
LastName = model.LastName,
FirstName = model.FirstName,
Email = model.Email
};
userDbModel.PasswordHash = _userManager.PasswordHasher.HashPassword(userDbModel, model.Password);
_authdbContext.Users.Add(userDbModel);
await _authdbContext.SaveChangesAsync();
await AssignUserToRole(userDbModel);
return(await SingInUser(new LoginModel()
{
Email = model.Email, Password = model.Password
}));
}
catch (Exception ex)
{
return(new Exception("Wystąpił nieoczekiwany błąd, spróbuj ponownie później"));
}
}
public async Task <User> Add(User user)
{
var userEntity = user.ToEntity();
AuthorizationDbContext.Users.Add(userEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <User>(EventTypes.EntityCreatedEvent, user.Id, userEntity.ToModel()));
return(userEntity.ToModel());
}
public async Task <UserModel> AddUser(string username,
string firstName, string lastName, string email,
byte[] passwordHash, byte[] passwordSalt, DateTime?createdDate)
{
var newUser = new UserModel()
{
Username = username.ToLower(),
FirstName = firstName,
LastName = lastName,
Email = lastName.ToLower(),
PasswordHash = passwordHash,
PasswordSalt = passwordSalt,
UserStatusId = (int)UserStatus.Active,
AuthenticationTypeId = (int)AuthenticationType.AuthApi,
CreatedDate = createdDate ?? DateTime.Now
};
await _authorizationDb.Users.AddAsync(newUser);
await _authorizationDb.SaveChangesAsync();
return(newUser);
}
public async Task <Permission> Add(Permission permission)
{
permission.Id = Guid.NewGuid();
var permissionEntity = permission.ToEntity();
permissionEntity.SecurableItem =
AuthorizationDbContext.SecurableItems.First(s => !s.IsDeleted && s.Name == permission.SecurableItem);
AuthorizationDbContext.Permissions.Add(permissionEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Permission>(EventTypes.EntityCreatedEvent, permission.Id.ToString(), permissionEntity.ToModel()));
return(permissionEntity.ToModel());
}
public async Task <Group> AddUserToGroup(Group group, User user)
{
var groupUser = new GroupUser
{
GroupId = Guid.Parse(group.Id),
SubjectId = user.SubjectId,
IdentityProvider = user.IdentityProvider
};
AuthorizationDbContext.GroupUsers.Add(groupUser);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityCreatedEvent, group.Id, group));
return(group);
}
public async Task Update(Role role)
{
var roleEntity = await AuthorizationDbContext.Roles
.SingleOrDefaultAsync(r =>
r.RoleId == role.Id &&
!r.IsDeleted);
if (roleEntity == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {role.Id}");
}
role.ToEntity(roleEntity);
AuthorizationDbContext.Roles.Update(roleEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityUpdatedEvent, role.Id.ToString(), roleEntity.ToModel()));
}
public async Task <Group> DeleteRolesFromGroup(Group group, IEnumerable <Guid> roleIdsToDelete)
{
var groupRolesToRemove = AuthorizationDbContext.GroupRoles
.Where(gr => roleIdsToDelete.Contains(gr.RoleId) &&
gr.GroupId == group.Id &&
!gr.IsDeleted).ToList();
if (groupRolesToRemove.Count == 0)
{
throw new NotFoundException <Role>(
$"No role mappings found for group {group.Name} with the supplied role IDs");
}
var missingRoleMappings = new List <Guid>();
foreach (var groupRole in groupRolesToRemove)
{
// remove the role from the domain model
var roleToRemove = group.Roles.FirstOrDefault(r => r.Id == groupRole.RoleId);
if (roleToRemove == null)
{
missingRoleMappings.Add(groupRole.RoleId);
}
group.Roles.Remove(roleToRemove);
// mark the many-to-many DB entity as deleted
groupRole.IsDeleted = true;
AuthorizationDbContext.GroupRoles.Update(groupRole);
}
if (missingRoleMappings.Any())
{
throw new NotFoundException <Role>(
$"No role mapping(s) found for group {group.Name} with the following role IDs: {missingRoleMappings.ToString(", ")}");
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityDeletedEvent, group.Id.ToString(), group));
return(group);
}
public async Task Update(Client client)
{
var clientEntity = await AuthorizationDbContext.Clients
.Include(i => i.TopLevelSecurableItem)
.SingleOrDefaultAsync(c => c.ClientId == client.Id &&
!c.IsDeleted);
if (clientEntity == null)
{
throw new NotFoundException <Client>($"Could not find {typeof(Client).Name} entity with ID {client.Id}");
}
client.ToEntity(clientEntity);
AuthorizationDbContext.Clients.Update(clientEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Client>(EventTypes.EntityUpdatedEvent, client.Id, clientEntity.ToModel()));
}
public async Task Update(Group group)
{
var groupEntity = await AuthorizationDbContext.Groups
.Include(g => g.GroupRoles)
.Include(g => g.GroupUsers)
.SingleOrDefaultAsync(g => g.GroupId == group.Id);
if (groupEntity == null)
{
throw new NotFoundException <Group>($"Could not find {typeof(Group).Name} entity with ID {group.Name}");
}
group.ToEntity(groupEntity);
AuthorizationDbContext.Groups.Update(groupEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.EntityUpdatedEvent, group.Id.ToString(), groupEntity.ToModel()));
}
public async Task Delete(User user)
{
var userEntity = await AuthorizationDbContext.Users
.SingleOrDefaultAsync(u =>
u.IdentityProvider == user.IdentityProvider &&
u.SubjectId == user.SubjectId &&
!u.IsDeleted);
if (userEntity == null)
{
throw new NotFoundException <User>(
$"Could not find {typeof(User).Name} User IDP = {user.IdentityProvider}, SubjectId = {user.SubjectId}");
}
userEntity.IsDeleted = true;
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <User>(EventTypes.EntityDeletedEvent, user.Id, userEntity.ToModel()));
}
public async Task Update(Permission permission)
{
var permissionEntity = await AuthorizationDbContext.Permissions
.SingleOrDefaultAsync(p =>
p.PermissionId == permission.Id &&
!p.IsDeleted);
if (permissionEntity == null)
{
throw new NotFoundException <Permission>(
$"Could not find {typeof(Permission).Name} entity with ID {permission.Id}");
}
permission.ToEntity(permissionEntity);
AuthorizationDbContext.Permissions.Update(permissionEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Permission>(EventTypes.EntityUpdatedEvent, permission.Id.ToString(), permissionEntity.ToModel()));
}
public async Task <Group> AddChildGroups(Group group, IEnumerable <Group> childGroups)
{
foreach (var childGroup in childGroups)
{
var newChildGroup = new ChildGroup
{
ParentGroupId = group.Id,
ChildGroupId = childGroup.Id
};
AuthorizationDbContext.ChildGroups.Add(newChildGroup);
group.Children.Add(childGroup);
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityCreatedEvent, group.Id.ToString(), group));
return(group);
}
public async Task <Group> Add(Group group)
{
var alreadyExists = await Exists(group.Name);
if (alreadyExists)
{
throw new AlreadyExistsException <Group>(
$"Group {group.Name} already exists. Please use a different GroupName.");
}
group.Id = Guid.NewGuid().ToString();
var groupEntity = group.ToEntity();
AuthorizationDbContext.Groups.Add(groupEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.EntityCreatedEvent, group.Id, groupEntity.ToModel()));
return(groupEntity.ToModel());
}
public async Task <Client> Add(Client client)
{
Grain grain = null;
if (client.TopLevelSecurableItem != null)
{
grain = await _grainStore.Get(client.TopLevelSecurableItem.Grain);
}
var clientEntity = client.ToEntity();
clientEntity.TopLevelSecurableItem.GrainId = grain?.Id;
AuthorizationDbContext.Clients.Add(clientEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Client>(EventTypes.EntityCreatedEvent, client.Id, clientEntity.ToModel()));
return(client);
}
public async Task RemovePermissionFromRoles(Guid permissionId, string grain, string securableItem = null)
{
var roles = GetRoleEntityModels(grain, securableItem).ToList();
foreach (var role in roles)
{
var rolePermissionToRemove = role.RolePermissions.SingleOrDefault(
rp => rp.RoleId == role.RoleId &&
rp.Permission.PermissionId == permissionId);
if (rolePermissionToRemove != null)
{
rolePermissionToRemove.IsDeleted = true;
AuthorizationDbContext.RolePermissions.Update(rolePermissionToRemove);
}
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityBatchAuditEvent <EntityModels.Role>(EventTypes.EntityUpdatedEvent, roles));
}
public async Task <Group> DeleteUserFromGroup(Group group, User user)
{
var groupUser = await AuthorizationDbContext.GroupUsers
.SingleOrDefaultAsync(gu =>
gu.SubjectId == user.SubjectId &&
gu.IdentityProvider == user.IdentityProvider &&
gu.GroupId == group.Id && !gu.IsDeleted);
if (groupUser == null)
{
return(group);
}
groupUser.IsDeleted = true;
AuthorizationDbContext.GroupUsers.Update(groupUser);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Group>(EventTypes.ChildEntityDeletedEvent,
groupUser.Id.ToString(), group));
return(group);
}
public async Task <IEnumerable <Group> > Add(IEnumerable <Group> groups)
{
var savedEntities = new List <Group>();
var groupList = groups.ToList();
var eventList = new List <EntityAuditEvent <Group> >();
foreach (var group in groupList)
{
group.Id = Guid.NewGuid();
var groupEntity = group.ToEntity();
AuthorizationDbContext.Groups.Add(groupEntity);
savedEntities.Add(group);
eventList.Add(new EntityAuditEvent <Group>(EventTypes.EntityCreatedEvent, group.Id.ToString(), group));
}
await AuthorizationDbContext.SaveChangesAsync();
if (eventList.Count > 0)
{
await EventService.RaiseEventsAsync(eventList);
}
return(savedEntities);
}
public async Task <User> AddRolesToUser(User user, IList <Role> roles)
{
var roleUsers = new List <RoleUser>();
foreach (var role in roles)
{
user.Roles.Add(role);
var roleUser = new RoleUser
{
IdentityProvider = user.IdentityProvider,
SubjectId = user.SubjectId,
RoleId = role.Id
};
AuthorizationDbContext.RoleUsers.Add(roleUser);
roleUsers.Add(roleUser);
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <User>(EventTypes.ChildEntityCreatedEvent, user.Id, user));
return(user);
}
