Beispiel #1
0
        public object Patch(string id, [FromBody] dynamic model)
        {
            AuthorizationId authId = new AuthorizationId(id);

            Site site = authId.SiteId == null ? null : SiteHelper.GetSite(authId.SiteId.Value);

            if (authId.SiteId != null && site == null)
            {
                return(NotFound());
            }

            // Check for config_scope
            string configPath = model == null ? null : ManagementUnit.ResolveConfigScope(model);
            var    section    = AuthorizationHelper.GetSection(site, authId.Path, configPath);

            AuthorizationHelper.UpdateFeatureSettings(model, section);

            ManagementUnit.Current.Commit();

            dynamic authorization = AuthorizationHelper.ToJsonModel(site, authId.Path);

            if (authorization.id != id)
            {
                return(LocationChanged(AuthorizationHelper.GetLocation(authorization.id), authorization));
            }

            return(authorization);
        }
        private void ConfigureAuthorization()
        {
            var host = Environment.Host;
            var hal  = Environment.Hal;

            host.RouteBuilder.MapWebApiRoute(Defines.AuthorizationResource.Guid, $"{Defines.AUTHORIZATION_PATH}/{{id?}}", new { controller = "authorization" });

            // Self
            hal.ProvideLink(Defines.AuthorizationResource.Guid, "self", authorization => new { href = $"/{Defines.AUTHORIZATION_PATH}/{authorization.id}" });

            // Web Server
            hal.ProvideLink(WebServer.Defines.Resource.Guid, Defines.AuthorizationResource.Name, _ => {
                var id = new AuthorizationId(null, null, AuthorizationHelper.IsSectionLocal(null, null));
                return(new { href = $"/{Defines.AUTHORIZATION_PATH}/{id.Uuid}" });
            });

            // Site
            hal.ProvideLink(Sites.Defines.Resource.Guid, Defines.AuthorizationResource.Name, site => {
                var siteId = new SiteId((string)site.id);
                Site s     = SiteHelper.GetSite(siteId.Id);
                var id     = new AuthorizationId(siteId.Id, "/", AuthorizationHelper.IsSectionLocal(s, "/"));
                return(new { href = $"/{Defines.AUTHORIZATION_PATH}/{id.Uuid}" });
            });

            // Application
            hal.ProvideLink(Applications.Defines.Resource.Guid, Defines.AuthorizationResource.Name, app => {
                var appId = new ApplicationId((string)app.id);
                Site s    = SiteHelper.GetSite(appId.SiteId);
                var id    = new AuthorizationId(appId.SiteId, appId.Path, AuthorizationHelper.IsSectionLocal(s, appId.Path));
                return(new { href = $"/{Defines.AUTHORIZATION_PATH}/{id.Uuid}" });
            });
        }
Beispiel #3
0
        public object Get(string id)
        {
            AuthorizationId authId = new AuthorizationId(id);

            Site site = authId.SiteId == null ? null : SiteHelper.GetSite(authId.SiteId.Value);

            return(AuthorizationHelper.ToJsonModel(site, authId.Path));
        }
Beispiel #4
0
        public object Post([FromBody] dynamic model)
        {
            if (model == null)
            {
                throw new ApiArgumentException("model");
            }
            if (model.authorization == null || !(model.authorization is JObject))
            {
                throw new ApiArgumentException("authorization");
            }

            string authorizationUuid = DynamicHelper.Value(model.authorization.id);

            if (authorizationUuid == null)
            {
                throw new ApiArgumentException("authorization.id");
            }

            // Get the feature id
            AuthorizationId authId = new AuthorizationId(authorizationUuid);
            Site            site   = authId.SiteId == null ? null : SiteHelper.GetSite(authId.SiteId.Value);

            if (authId.SiteId != null && site == null)
            {
                return(NotFound());
            }

            string configPath = ManagementUnit.ResolveConfigScope(model);
            var    section    = AuthorizationHelper.GetSection(site, authId.Path, configPath);

            Rule rule = AuthorizationHelper.CreateRule(model, section);

            if (AuthorizationHelper.GetRule(site, authId.Path, rule.Users, rule.Roles, rule.Verbs) != null)
            {
                throw new AlreadyExistsException("rule");
            }

            section.Rules.Add(rule.AccessType, rule.Users, rule.Roles, rule.Verbs);

            ManagementUnit.Current.Commit();

            dynamic r = AuthorizationHelper.RuleToJsonModel(rule, site, authId.Path);

            return(Created(AuthorizationHelper.GetRuleLocation(r.id), r));
        }
Beispiel #5
0
        public void Delete(string id)
        {
            AuthorizationId authId = new AuthorizationId(id);

            Context.Response.StatusCode = (int)HttpStatusCode.NoContent;

            Site site = (authId.SiteId != null) ? SiteHelper.GetSite(authId.SiteId.Value) : null;

            if (site == null)
            {
                return;
            }

            var section = AuthorizationHelper.GetSection(site, authId.Path, ManagementUnit.ResolveConfigScope());

            section.RevertToParent();

            ManagementUnit.Current.Commit();
        }
        public static object ToJsonModelRef(Site site, string path)
        {
            var section = GetSection(site, path);

            // Set up metadata, this feature has two configuration sections
            bool         isLocal               = section.IsLocallyStored;
            bool         isLocked              = section.IsLocked;
            OverrideMode overrideMode          = section.OverrideMode;
            OverrideMode overrideModeEffective = section.OverrideModeEffective;


            AuthorizationId id = new AuthorizationId(site?.Id, path, isLocal);

            var obj = new {
                id    = id.Uuid,
                scope = site == null ? string.Empty : site.Name + path
            };

            return(Core.Environment.Hal.Apply(Defines.AuthorizationResource.Guid, obj, false));
        }
Beispiel #7
0
        public async Task Delete(string id)
        {
            AuthorizationId authId = new AuthorizationId(id);

            Context.Response.StatusCode = (int)HttpStatusCode.NoContent;

            Site site = (authId.SiteId != null) ? SiteHelper.GetSite(authId.SiteId.Value) : null;

            if (site != null)
            {
                var section = AuthorizationHelper.GetSection(site, authId.Path, ManagementUnit.ResolveConfigScope());
                section.RevertToParent();
                ManagementUnit.Current.Commit();
            }

            if (authId.SiteId == null && AuthorizationHelper.IsFeatureEnabled())
            {
                await AuthorizationHelper.SetFeatureEnabled(false);
            }
        }
        internal static object ToJsonModel(Site site, string path)
        {
            var section = GetSection(site, path);

            // Set up metadata, this feature has two configuration sections
            bool         isLocal               = section.IsLocallyStored;
            bool         isLocked              = section.IsLocked;
            OverrideMode overrideMode          = section.OverrideMode;
            OverrideMode overrideModeEffective = section.OverrideModeEffective;


            AuthorizationId id = new AuthorizationId(site?.Id, path, isLocal);

            var obj = new {
                id                 = id.Uuid,
                scope              = site == null ? string.Empty : site.Name + path,
                metadata           = ConfigurationUtility.MetadataToJson(isLocal, isLocked, overrideMode, overrideModeEffective),
                bypass_login_pages = section.BypassLoginPages,
                website            = SiteHelper.ToJsonModelRef(site)
            };

            return(Core.Environment.Hal.Apply(Defines.AuthorizationResource.Guid, obj));
        }
Beispiel #9
0
        public object Get()
        {
            string authUuid = Context.Request.Query[Defines.AUTHORIZATION_IDENTIFIER];

            if (string.IsNullOrEmpty(authUuid))
            {
                return(NotFound());
            }

            AuthorizationId id = new AuthorizationId(authUuid);

            Site site = id.SiteId == null ? null : SiteHelper.GetSite(id.SiteId.Value);

            List <Rule> rules = AuthorizationHelper.GetRules(site, id.Path);

            // Set HTTP header for total count
            this.Context.Response.SetItemsCount(rules.Count);

            Fields fields = Context.Request.GetFields();

            return(new {
                rules = rules.Select(rule => AuthorizationHelper.RuleToJsonModelRef(rule, site, id.Path, fields))
            });
        }