public async Task SetEntityPermissions(Guid entityId, RuleSubject subject, IEnumerable <SecurityRule> rules)
{
await _mediator.Send(new SetPermissionsCommand <TContext>(
entityId,
subject,
rules));
}
public async Task ClearRules(Guid entityId, RuleSubject subject)
{
await Delete(x =>
x.EntityId == entityId &&
x.Subject.SubjectId == subject.SubjectId &&
x.Subject.SubjectType == subject.SubjectType);
}
public async Task SetRules(Guid entityId, RuleSubject subject, IEnumerable <SecurityRule> rules)
{
foreach (var rule in rules)
{
await SetRule(entityId, subject, rule);
}
}
private Expression <Func <EntitySecurityRule, bool> > Filter(Guid entityId, RuleSubject subject, SecurityRule rule)
{
return(x =>
x.EntityId == entityId &&
x.Subject.SubjectId == subject.SubjectId &&
x.Subject.SubjectType == subject.SubjectType &&
x.Rule.Right == rule.Right);
}
public async Task SetRule(Guid entityId, RuleSubject subject, SecurityRule rule)
{
var entityRule = await GetRule(entityId, subject, rule);
if (entityRule != null)
{
entityRule.Rule = rule;
await Update(entityRule);
return;
}
await Add(new EntitySecurityRule
{
EntityId = entityId,
Subject = subject,
Rule = rule,
});
}
public async Task Create_derived_item()
{
using (var server = CreateServerWithAuthentication())
using (server.Host.Services
.GetRequiredService <ISecurityImpersonationService>()
.ImpersonateUser("User1"))
{
var context = GetEntityContext <TestEntityContext>(server);
#region create root
var rootItem = await context.Commands.Add(new TestEntity
{
Name = "root"
});
#endregion
#region create
var item = await context.Commands.Add(new DerivedTestEntity
{
Name = "gigi"
}, rootItem);
#endregion
//#region AsQueryable retreive
//Assert.NotEqual(Guid.Empty, item.Id);
//var foundItem = context.Query
// .AsQueryable<DerivedTestEntity>()
// .FirstOrDefault(x => x.Id == item.Id);
//Assert.NotNull(foundItem);
//Assert.Equal(item.Id, foundItem.Id);
//Assert.Equal(item.Name, foundItem.Name);
//#endregion
#region GetItem retreive
var foundItem = await context.Query.GetItem <DerivedTestEntity>(item.Id);
Assert.NotNull(foundItem);
Assert.Equal(item.Id, foundItem.Id);
Assert.Equal(item.Name, foundItem.Name);
var foundItems = await context.Query.GetItems <TestEntity>("/root/gigi");
Assert.NotEmpty(foundItems);
Assert.Contains(foundItems, x => x.Id == item.Id);
Assert.Contains(foundItems, x => x.Name == item.Name);
#endregion
#region GetChild retreive
foundItem = await context.Query.GetChild <DerivedTestEntity>(rootItem);
Assert.NotNull(foundItem);
Assert.Equal(item.Id, foundItem.Id);
Assert.Equal(item.Name, foundItem.Name);
#endregion
#region filtered GetChild retreive
foundItem = await context.Query.GetChild <DerivedTestEntity>(rootItem, x => x.Name == "gigio");
Assert.Null(foundItem);
foundItem = await context.Query.GetChild <DerivedTestEntity>(rootItem, x => x.Name == "gigi");
Assert.NotNull(foundItem);
Assert.Equal(item.Id, foundItem.Id);
Assert.Equal(item.Name, foundItem.Name);
#endregion
#region Update
var itemToUpdate = await context.Query.GetItem <DerivedTestEntity>(item.Id);
itemToUpdate.Name = "gigi-new";
var updatedItem = await context.Commands.Update(itemToUpdate);
Assert.NotNull(updatedItem);
Assert.Equal(itemToUpdate.Name, updatedItem.Name);
#endregion
#region partial update
var partialUpdatedItem = await context.Commands.Update <DerivedTestEntity, string>(itemToUpdate.Id, x => x.Val2, "val-2");
Assert.NotNull(partialUpdatedItem);
Assert.Equal("val-2", partialUpdatedItem.Val2);
var partialUpdatedItem2 = await context.Commands.Update <DerivedTestEntity, string>(itemToUpdate.Id, x => x.Val2, null);
Assert.NotNull(partialUpdatedItem2);
Assert.Null(partialUpdatedItem2.Val2);
#endregion
#region Rename
await context.Commands.Rename(rootItem, "root-new");
var renamedRootItems = await context.Query.GetItems <TestEntity>("/root-new");
var renamedRootItem = renamedRootItems.FirstOrDefault(x => x.Id == rootItem.Id);
Assert.NotNull(renamedRootItem);
var renamedItems = await context.Query.GetItems <DerivedTestEntity>("/root-new/gigi");
var renamedItem = renamedItems.FirstOrDefault(x => x.Id == item.Id);
Assert.NotNull(renamedItem);
#endregion
#region Move
var rootItem2 = await context.Commands.Add(new TestEntity
{
Name = "root2"
});
await context.Commands.Move(rootItem, rootItem2);
var movedItems = await context.Query.GetItems <DerivedTestEntity>("/root2/root-new/gigi");
var movedItem = movedItems.FirstOrDefault(x => x.Id == item.Id);
Assert.NotNull(movedItem);
await context.Commands.Move(movedItem, rootItem2);
var secondMovedItems = await context.Query.GetItems <DerivedTestEntity>("/root2/gigi");
var secondMovedItem = secondMovedItems.FirstOrDefault(x => x.Id == item.Id);
Assert.NotNull(secondMovedItem);
#endregion
#region permissions
await context.Commands.SetEntityPermission(rootItem2.Id, RuleSubject.User("User1"), SecurityRule.DenyRead(true));
var readDeniedItem = await context.Query.GetItem <TestEntity>(rootItem2.Id);
Assert.Null(readDeniedItem);
await context.Commands.ClearEntityPermissions(rootItem2.Id, RuleSubject.User("User1"));
readDeniedItem = await context.Query.GetItem <TestEntity>(rootItem2.Id);
Assert.NotNull(readDeniedItem);
#endregion
#region delete
await context.Commands.Delete(rootItem2);
var foundItemAfterDelete = await context.Query
.GetItem <DerivedTestEntity>(item.Id);
Assert.Null(foundItemAfterDelete);
#endregion
#region filtered delete
await context.Commands.Add(new DerivedTestEntity()
{
Name = "derived-entity-to-delete"
});
Assert.NotNull(await context.Query.GetItem <DerivedTestEntity>(x => x.Name == "derived-entity-to-delete"));
await context.Commands.Delete <DerivedTestEntity>(x => x.Name == "derived-entity-to-delete");
Assert.Null(await context.Query.GetItem <DerivedTestEntity>(x => x.Name == "derived-entity-to-delete"));
#endregion
}
}
public async Task ClearEntityPermissions(Guid entityId, RuleSubject subject)
{
await SetEntityPermissions(entityId, subject, null);
}
public async Task SetEntityPermission(Guid entityId, RuleSubject subject, SecurityRule rule)
{
await SetEntityPermissions(entityId, subject, new List <SecurityRule> {
rule
});
}
public SetPermissionsCommand(Guid entityId, RuleSubject subject, IEnumerable <SecurityRule> rules)
{
EntityId = entityId;
Subject = subject;
Rules = rules;
}
public async Task ClearPermissions(RuleSubject subject)
{
ChekId(_entity);
await _context.Commands.ClearEntityPermissions(Id, subject);
}
public async Task SetPermissions(RuleSubject subject, IEnumerable <SecurityRule> rules)
{
ChekId(_entity);
await _context.Commands.SetEntityPermissions(Id, subject, rules);
}
public async Task DeleteSubjectRule(RuleSubject subject)
{
await Delete(x =>
x.Subject.SubjectId == subject.SubjectId &&
x.Subject.SubjectType == subject.SubjectType);
}
public async Task DeleteRule(Guid entityId, RuleSubject subject, SecurityRule rule)
{
await Delete(Filter(entityId, subject, rule));
}
public async Task <EntitySecurityRule> GetRule(Guid entityId, RuleSubject subject, SecurityRule rule)
{
return(await GetItem(Filter(entityId, subject, rule)));
}
