public async Task <User> AddRolesToUser(IList <Role> rolesToAdd, string subjectId, string identityProvider)
{
var user = await _userStore.Get($"{subjectId}:{identityProvider}");
var grainSecurableItems = rolesToAdd.Select(r => new Tuple <string, string>(r.Grain, r.SecurableItem))
.Distinct();
var existingRoles = new List <Role>();
foreach (var tuple in grainSecurableItems)
{
existingRoles.AddRange(await _roleStore.GetRoles(tuple.Item1, tuple.Item2));
}
var exceptions = new List <Exception>();
foreach (var role in rolesToAdd)
{
if (existingRoles.All(r => r.Id != role.Id))
{
exceptions.Add(new NotFoundException <Role>($"The role: {role} with Id: {role.Id} could not be found to add to the user."));
}
if (user.Roles.Any(r => r.Id == role.Id))
{
exceptions.Add(
new AlreadyExistsException <Role>(
$"The role: {role} with Id: {role.Id} already exists for the user."));
}
}
if (exceptions.Count > 0)
{
throw new AggregateException("There was an issue adding roles to the user. Please see the inner exception(s) for details.", exceptions);
}
return(await _userStore.AddRolesToUser(user, rolesToAdd));
}
public async Task <Group> AddRolesToGroup(IList <Role> rolesToAdd, string groupName)
{
var group = await _groupStore.Get(groupName);
var grainSecurableItems = rolesToAdd.Select(r => new Tuple <string, string>(r.Grain, r.SecurableItem))
.Distinct();
var existingRoles = new List <Role>();
foreach (var tuple in grainSecurableItems)
{
existingRoles.AddRange(await _roleStore.GetRoles(tuple.Item1, tuple.Item2));
}
var exceptions = new List <Exception>();
foreach (var role in rolesToAdd)
{
if (existingRoles.All(r => r.Id != role.Id))
{
exceptions.Add(new NotFoundException <Role>($"The role: {role} with Id: {role.Id} could not be found to add to the group."));
}
if (group.Roles.Any(r => r.Id == role.Id))
{
exceptions.Add(
new AlreadyExistsException <Role>(
$"The role: {role} with Id: {role.Id} already exists for group {groupName}."));
}
}
if (exceptions.Count > 0)
{
throw new AggregateException("There was an issue adding roles to the group. Please see the inner exception(s) for details.", exceptions);
}
return(await _groupStore.AddRolesToGroup(group, rolesToAdd));
}
/// <summary>
/// Gets all roles for a grain / secitem
/// </summary>
public async Task <IEnumerable <Role> > GetRoles(string grain = null, string securableItem = null, string roleName = null, bool includeDeleted = false)
{
var roles = await _roleStore.GetRoles(grain, securableItem, roleName);
return(roles.Where(r => !r.IsDeleted || includeDeleted));
}
