public ReplyBase DoSomething()
 {
     try
     {
         _logger.Information("Our service is doing something!");
         return(ReplyBase.Success());
     }
     catch (Exception e)
     {
         return(ReplyFromFatal <ReplyBase>(e, "Unable to do something"));
     }
 }
Beispiel #2
0
 public async Task <ReplyBase> RemoveUserFromRole(string userId, int roleId)
 {
     using (var authContext = GetContext())
     {
         var existingRole = authContext.UserRoles.FirstOrDefault(c => c.RoleId == roleId && c.UserId == userId);
         if (existingRole == null)
         {
             return(ReplyBase.NotFound($"Unable to find user role  for user '{userId}' with id {roleId}"));
         }
         authContext.UserRoles.Remove(existingRole);
         authContext.SaveChanges();
     }
     return(ReplyBase.Success());
 }
Beispiel #3
0
 public async Task <ReplyBase> RemoveRole(int id)
 {
     using (var authContext = GetContext())
     {
         var existingRole = authContext.Roles.Find(id);
         if (existingRole == null)
         {
             return(ReplyBase.NotFound($"Unable to find role with id {id}"));
         }
         authContext.Roles.Remove(existingRole);
         authContext.SaveChanges();
     }
     return(ReplyBase.Success());
 }
Beispiel #4
0
        public async Task <ReplyBase> UpdateAuthorizationNamespace(AuthorizationNamespaceDto authorizationNamespaceDto)
        {
            using (var authContext = GetContext())
            {
                var existingNamespace = authContext.AuthorizationNamespaces.Find(authorizationNamespaceDto.Id);

                if (existingNamespace == null)
                {
                    return(ReplyBase.NotFound($"Unable to find authorization namespace with id {authorizationNamespaceDto.Id}"));
                }

                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #5
0
        public async Task <ReplyBase> RemoveResourceDetail(int id)
        {
            using (var authContext = GetContext())
            {
                var existingResourceDetail = authContext.ResourceDetails.Find(id);

                if (existingResourceDetail == null)
                {
                    return(ReplyBase.NotFound($"Unable to find resource detail with ID {id}"));
                }

                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #6
0
        public async Task <ReplyBase> RemoveResource(int id)
        {
            using (var authContext = GetContext())
            {
                var existingResource = authContext.Resources.Find(id);

                if (existingResource == null)
                {
                    return(ReplyBase.NotFound($"Resource with id {id} not found"));
                }
                authContext.Resources.Remove(existingResource);
                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #7
0
        public async Task <ReplyBase> RemovePermission(int id)
        {
            using (var authContext = GetContext())
            {
                var existingPermission = authContext.Permissions.Find(id);
                if (existingPermission == null)
                {
                    return(ReplyBase.NotFound($"Unable to find permission with id {id}"));
                }


                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #8
0
        public async Task <ReplyBase> UpdateRole(RoleDto roleDto)
        {
            using (var authContext = GetContext())
            {
                var existingRole = authContext.Roles
                                   .Include(c => c.RolePermissions)
                                   .FirstOrDefault(c => c.Id == roleDto.Id);

                if (existingRole == null)
                {
                    return(ReplyBase.NotFound($"Unable to find role with id {roleDto.Id}"));
                }

                var existingPermissions = authContext.Permissions.Where(c => c.RoleId == roleDto.Id).ToList();

                var permissionsToDelete = existingPermissions
                                          .Where(c => !roleDto.RolePermissions.Select(d => d.Id).Contains(c.Id)).ToList();

                authContext.Permissions.RemoveRange(permissionsToDelete);
                foreach (var roleDtoRolePermission in roleDto.RolePermissions)
                {
                    if (roleDtoRolePermission.Id == 0)
                    {
                        existingRole.RolePermissions.Add(new Permission
                        {
                            OwnerScoped      = roleDtoRolePermission.OwnerScoped,
                            PermissionType   = roleDtoRolePermission.PermissionType,
                            ResourceDetailId = roleDtoRolePermission.ResourceDetailId,
                            RoleId           = roleDtoRolePermission.RoleId
                        });
                    }
                    else
                    {
                        var existingPerm = existingRole.RolePermissions.First(c => c.Id == roleDtoRolePermission.Id);
                        existingPerm.PermissionType   = roleDtoRolePermission.PermissionType;
                        existingPerm.OwnerScoped      = roleDtoRolePermission.OwnerScoped;
                        existingPerm.ResourceDetailId = roleDtoRolePermission.ResourceDetailId;
                    }
                }

                existingRole.Description  = roleDto.Description;
                existingRole.NamespaceId  = roleDto.NamespaceId;
                existingRole.ParentRoleId = roleDto.ParentRoleId;
                authContext.SaveChanges();
            };
            return(ReplyBase.Success());
        }
Beispiel #9
0
        public async Task <ReplyBase> UpdateResource(ResourceDto resourceDto)
        {
            using (var authContext = GetContext())
            {
                var existingResource = authContext.Resources.Find(resourceDto.Id);

                if (existingResource == null)
                {
                    return(ReplyBase.NotFound($"Resource with id {resourceDto.Id} not found"));
                }

                existingResource.Description = resourceDto.Description;
                existingResource.Key         = resourceDto.Key;

                var details = authContext.ResourceDetails.Where(c => c.ResourceId == existingResource.Id).ToList();


                var resourceDetailsToDelete =
                    details.Where(d => !resourceDto.ResourceDetails.Select(c => c.Id).Contains(d.Id)).ToList();

                authContext.ResourceDetails.RemoveRange(resourceDetailsToDelete);

                foreach (var resourceDtoResourceDetail in resourceDto.ResourceDetails)
                {
                    if (resourceDtoResourceDetail.Id != 0)
                    {
                        var existingResourceDetail = authContext.ResourceDetails.Find(resourceDtoResourceDetail.Id);
                        existingResourceDetail.Description = resourceDtoResourceDetail.Description;
                        existingResourceDetail.Key         = resourceDtoResourceDetail.Key;
                    }
                    else
                    {
                        resourceDtoResourceDetail.ResourceId = resourceDto.Id;
                        authContext.ResourceDetails.Add(new ResourceDetail
                        {
                            Description = resourceDtoResourceDetail.Description,
                            ResourceId  = resourceDto.Id,
                            Key         = resourceDtoResourceDetail.Key
                        });
                    }
                }

                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #10
0
        public async Task <ReplyBase> UpdateResourceDetail(ResourceDetailDto resourceDetailDto)
        {
            using (var authContext = GetContext())
            {
                var existingResourceDetail = authContext.ResourceDetails.Find(resourceDetailDto.Id);

                if (existingResourceDetail == null)
                {
                    return(ReplyBase.NotFound($"Unable to find resource with ID {resourceDetailDto.Id}"));
                }


                existingResourceDetail.Description = resourceDetailDto.Description;
                existingResourceDetail.Key         = resourceDetailDto.Key;
                existingResourceDetail.ResourceId  = resourceDetailDto.ResourceId;

                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #11
0
        public async Task <ReplyBase> UpdatePermission(PermissionDto permissionDto)
        {
            using (var authContext = GetContext())
            {
                var existingPermission = authContext.Permissions.Find(permissionDto.Id);
                if (existingPermission == null)
                {
                    return(ReplyBase.NotFound($"Unable to find permission with id {permissionDto.Id}"));
                }

                existingPermission.OwnerScoped      = permissionDto.OwnerScoped;
                existingPermission.PermissionType   = permissionDto.PermissionType;
                existingPermission.RoleId           = permissionDto.RoleId;
                existingPermission.ResourceDetailId = permissionDto.ResourceDetailId;


                authContext.SaveChanges();
                return(ReplyBase.Success());
            }
        }
Beispiel #12
0
        public ReplyBase IsAuthorized(string userId, string resourceKey, string resourceDetailKey, string specificResourceId = null)
        {
            using (var context = new AuthorizationDbContext(_authContextSettings.ConnectionString))
            {
                var userRoles = context.UserRoles.Where(c => c.UserId == userId).ToList();
                if (!userRoles.Any())
                {
                    return(ReplyBase.Unauthorized());
                }

                var resource = context.Resources.FirstOrDefault(c => c.Key == resourceKey);

                if (resource == null)
                {
                    resource = new Resource
                    {
                        Description = resourceKey,
                        Key         = resourceKey
                    };
                    context.Resources.Add(resource);
                    context.SaveChanges();
                    //return ReplyBase.Unauthorized("Invalid resource key");
                }

                var resourceDetail =
                    context.ResourceDetails.FirstOrDefault(c =>
                                                           c.ResourceId == resource.Id && c.Key == resourceDetailKey);

                if (resourceDetail == null)
                {
                    resourceDetail = new ResourceDetail
                    {
                        Description = resourceDetailKey,
                        Key         = resourceDetailKey,
                        ResourceId  = resource.Id
                    };

                    context.ResourceDetails.Add(resourceDetail);
                    context.SaveChanges();


                    //return ReplyBase.Unauthorized("Invalid resource detail id");
                }

                var roles = context.Roles.Where(c => userRoles.Select(u => u.RoleId).Contains(c.Id)).ToList();
                if (roles.Any(c => c.Description == "Super User"))
                {
                    return(ReplyBase.Success());
                }

                var roleIds = roles.Select(c => c.Id).ToList();

                var permissions = context.Permissions
                                  .Where(c => roleIds.Contains(c.RoleId) && c.ResourceDetailId == resourceDetail.Id).ToList();

                if (!permissions.Any())
                {
                    return(ReplyBase.Unauthorized());
                }

                if (permissions.Any(c =>
                                    c.ResourceDetailId == resourceDetail.Id && c.PermissionType == PermissionType.Deny))
                {
                    return(ReplyBase.Unauthorized());
                }

                var allowedPermission = permissions.FirstOrDefault(c =>
                                                                   c.ResourceDetailId == resourceDetail.Id && c.PermissionType == PermissionType.Allow);
                if (allowedPermission != null)
                {
                    if (allowedPermission.OwnerScoped && specificResourceId != null)
                    {
                        var allowed = context.ResourceOwners.Any(c =>
                                                                 c.ResourceId == resource.Id && c.SpecificResourceId == specificResourceId &&
                                                                 c.UserId == userId);
                        if (!allowed)
                        {
                            return(ReplyBase.Unauthorized());
                        }
                    }
                    return(ReplyBase.Success());
                }
            }
            return(ReplyBase.Unauthorized("Unknown resource check"));
        }