protected virtual void CreateUsers(DbContextIdentityBase <TUser> context, IEnumerable <SeedUser> users)
{
foreach (var seedUser in users)
{
var dbUser = context.Users.Where(u => u.Email == seedUser.User.Email).FirstOrDefault();
bool newUser = false;
if (dbUser == null)
{
newUser = true;
context.Users.Add(seedUser.User);
dbUser = seedUser.User;
}
if (newUser || seedUser.SyncRoles)
{
foreach (var role in seedUser.Roles)
{
if (context.UserRoles.Where(ur => ur.UserId == dbUser.Id && ur.RoleId == role).FirstOrDefault() == null)
{
var userRole = new IdentityUserRole <string>()
{
UserId = dbUser.Id, RoleId = role
};
context.UserRoles.Add(userRole);
}
}
var remove = context.UserRoles.Where(ur => ur.UserId == dbUser.Id && !seedUser.Roles.Contains(ur.RoleId)).ToList();
context.UserRoles.RemoveRange(remove);
}
}
}
public override IEnumerable <SeedRole> GetRolePermissions(DbContextIdentityBase <User> context)
{
//To allow anonymous need to add method here AND add AllowAnonymousAttribute
return(new List <SeedRole>()
{
new SeedRole(Role.anonymous.ToString(),
ResourceCollectionsCore.Auth.Scopes.Register,
ResourceCollectionsCore.Auth.Scopes.Authenticate,
ResourceCollectionsCore.Auth.Scopes.ForgotPassword,
ResourceCollectionsCore.Auth.Scopes.ResetPassword
),
new SeedRole(Role.authenticated.ToString(),
ResourceCollections.Tenants.Scopes.Create,
ResourceCollections.Tenants.Scopes.ReadOwner,
ResourceCollections.Tenants.Scopes.UpdateOwner,
ResourceCollections.Tenants.Scopes.DeleteOwner
),
new SeedRole(Role.read_only.ToString(),
ResourceCollectionsCore.Admin.Scopes.Read
),
new SeedRole(Role.administrator.ToString(),
ResourceCollectionsCore.Admin.Scopes.Full
)
});
}
public override IEnumerable <SeedUser> GetUserRoles(DbContextIdentityBase <User> context)
{
return(new List <SeedUser>()
{
new SeedUser(User.CreateUser(_passwordHasher, "admin", "*****@*****.**", "password"), true, Role.admin.ToString())
});
}
public override IEnumerable<SeedRole> GetRolePermissions(DbContextIdentityBase<User> context)
{
return new List<SeedRole>()
{
new SeedRole(Role.admin.ToString(), "permission1", "permission2")
};
}
public virtual void SeedData(DbContextIdentityBase <TUser> context)
{
var roles = GetRolePermissions(context);
CreateRoles(context, roles);
CreateRolePermissions(context, roles);
var users = GetUserRoles(context);
CreateUsers(context, users);
}
protected virtual void CreateRolePermissions(DbContextIdentityBase <TUser> context, IEnumerable <SeedRole> roles)
{
foreach (var role in roles)
{
foreach (var scope in role.Scopes)
{
if (context.RoleClaims.Where(rc => rc.RoleId == role.Name && rc.ClaimType == "scope" && rc.ClaimValue == scope).FirstOrDefault() == null)
{
var claim = new IdentityRoleClaim <string>()
{
ClaimType = "scope", ClaimValue = scope, RoleId = role.Name
};
context.RoleClaims.Add(claim);
}
}
var remove = context.RoleClaims.Where(rc => rc.RoleId == role.Name && rc.ClaimType == "scope" && !role.Scopes.Contains(rc.ClaimValue)).ToList();
context.RoleClaims.RemoveRange(remove);
}
}
protected virtual void CreateRoles(DbContextIdentityBase <TUser> context, IEnumerable <SeedRole> roles)
{
foreach (var role in roles)
{
if (context.Roles.Find(role.Name) == null)
{
var identityRole = new IdentityRole()
{
Id = role.Name, Name = role.Name
};
identityRole.NormalizedName = identityRole.Name.ToUpper();
context.Roles.Add(identityRole);
}
}
var roleIds = roles.Select(r => r.Name);
var remove = context.Roles.Where(r => !roleIds.Contains(r.Id)).ToList();
context.Roles.RemoveRange(remove);
}
public abstract IEnumerable <SeedUser> GetUserRoles(DbContextIdentityBase <TUser> context);
public abstract IEnumerable <SeedRole> GetRolePermissions(DbContextIdentityBase <TUser> context);
