Beispiel #1
0
        public async Task <OpenApiResult> GetClaimPermissionResourceAccessRulesAsync(
            IOpenApiContext context,
            string claimPermissionsId)
        {
            if (context is null)
            {
                throw new ArgumentNullException(nameof(context));
            }

            if (claimPermissionsId is null)
            {
                throw new ArgumentNullException(nameof(claimPermissionsId));
            }

            ITenant tenant = await this.marainServicesTenancy.GetRequestingTenantAsync(context.CurrentTenantId).ConfigureAwait(false);

            IClaimPermissionsStore store = await this.permissionsStoreFactory.GetClaimPermissionsStoreAsync(tenant).ConfigureAwait(false);

            try
            {
                ClaimPermissions claimPermissions = await store.GetAsync(claimPermissionsId).ConfigureAwait(false);

                return(this.OkResult(claimPermissions.AllResourceAccessRules, "application/json"));
            }
            catch (ClaimPermissionsNotFoundException)
            {
                return(this.NotFoundResult());
            }
        }
Beispiel #2
0
        public async Task <OpenApiResult> UpdateClaimPermissionsResourceAccessRulesAsync(
            IOpenApiContext context,
            string claimPermissionsId,
            UpdateOperation operation,
            IEnumerable <ResourceAccessRule> body)
        {
            if (context is null)
            {
                throw new ArgumentNullException(nameof(context));
            }

            if (claimPermissionsId is null)
            {
                throw new ArgumentNullException(nameof(claimPermissionsId));
            }

            if (body is null)
            {
                throw new ArgumentNullException(nameof(body));
            }

            ITenant tenant = await this.marainServicesTenancy.GetRequestingTenantAsync(context.CurrentTenantId).ConfigureAwait(false);

            IClaimPermissionsStore store = await this.permissionsStoreFactory.GetClaimPermissionsStoreAsync(tenant).ConfigureAwait(false);

            ClaimPermissions claimPermissions;

            try
            {
                claimPermissions = await store.GetAsync(claimPermissionsId).ConfigureAwait(false);
            }
            catch (ClaimPermissionsNotFoundException)
            {
                return(this.NotFoundResult());
            }

            var inputRules = body.ToList();

            if (inputRules.Distinct().Count() != inputRules.Count)
            {
                var response = new JObject
                {
                    ["status"] = 400,
                    ["detail"] = "Request contains duplicate rules",
                };
                return(new OpenApiResult
                {
                    StatusCode = 400,
                    Results = { { "application/json", response } },
                });
            }

            var existingRules = new HashSet <ResourceAccessRule>(claimPermissions.ResourceAccessRules);
            var incomingRulesMatchingExistingRules = inputRules.Where(inputRule => existingRules.Contains(inputRule)).ToList();

            switch (operation)
            {
            case UpdateOperation.Add:
                if (incomingRulesMatchingExistingRules.Count != 0)
                {
                    string existingRulesText = string.Join(
                        ", ",
                        incomingRulesMatchingExistingRules.Select(FormatRuleForError));
                    var response = new JObject
                    {
                        ["status"] = 400,
                        ["detail"] = $"Request contains rules that are already present: {existingRulesText}",
                    };
                    return(new OpenApiResult
                    {
                        StatusCode = 400,
                        Results = { { "application/json", response } },
                    });
                }

                claimPermissions.ResourceAccessRules.AddRange(body);
                break;

            case UpdateOperation.Remove:
                if (incomingRulesMatchingExistingRules.Count != inputRules.Count)
                {
                    string wrongRulesText = string.Join(
                        ", ",
                        inputRules.Where(r => !existingRules.Contains(r)).Select(FormatRuleForError));
                    var response = new JObject
                    {
                        ["status"] = 400,
                        ["detail"] = $"Request contains rules that are not present: {wrongRulesText}",
                    };
                    return(new OpenApiResult
                    {
                        StatusCode = 400,
                        Results = { { "application/json", response } },
                    });
                }

                body.ForEach(rc => claimPermissions.ResourceAccessRules.RemoveAll(r => r == rc));
                break;
            }

            await store.UpdateAsync(claimPermissions).ConfigureAwait(false);

            return(this.CreatedResult());