public bool IsAuthorized(IApiResource fromResource, Endpoint targetEndpoint)
{
var gatekeeperAttr = targetEndpoint.Action.GetAttribute <SafeEndpointAttribute>();
if (gatekeeperAttr != null)
{
if (gatekeeperAttr.LevelRequired == PermissionLevel.None)
{
return(true);
}
var query =
Context
.Permissions
.Where(x =>
x.ResourceCode == targetEndpoint.ResourceCode);
query =
query
.Where(x =>
x.LevelOnAny >= gatekeeperAttr.LevelRequired ||
(x.LevelOnOwned >= gatekeeperAttr.LevelRequired &&
Context.User.OkAuthCredentialId == fromResource.OwnerId));
bool hasPermission = query.Any();
return(hasPermission);
}
return(false);
}
protected Dictionary <string, string> GetElementLinks(IApiResource resource)
{
if (resource == null)
{
throw new ArgumentNullException(nameof(resource));
}
var linkMap = new Dictionary <string, string>();
var relevantEndpoints = HateoasService.GetElementLinks(resource, Authorizator);
foreach (Endpoint endpoint in relevantEndpoints)
{
string actionName = endpoint.EndpointName;
if (endpoint.IsElementGetter)
{
actionName = "self";
}
string href = "/" + endpoint.UrlTemplate;
href = ReflectionUtils.ReplaceUrlTemplate(href, resource);
linkMap.Add(actionName, href);
}
return(linkMap);
}
public static string SelectFormattedValue(string propertyName, IApiResource apiResource, bool isRawValue = false, bool isWithUnit = false, bool useDefaultUnit = false)
{
string rawValue = apiResource.GetValue(propertyName);
var description = apiResource.GetDescription(propertyName);
if (isRawValue)
{
return(isWithUnit ? rawValue + description.Unit : rawValue);
}
else
{
if (useDefaultUnit)
{
// 定義済みの「円」単位の数値は 100万円に変換する
if (DefaultUnitConfig.MillionYenProperties.Contains(description.Name) && description.Unit.Equals("円"))
{
description = new PropertyDescription(description.Name, description.JpName, "百万円");
}
}
var formatter = PropertyFormatterFactory.Create(description);
string formattedValue = formatter.Format(rawValue, description);
return(isWithUnit ? formattedValue + description.Unit : formattedValue);
}
}
protected ObjectResult Element <TElement>(IApiResource elementToReturn)
where TElement : IApiResource
{
var view = new ElementView <TElement>(elementToReturn);
return(new ObjectResult(view));
}
protected ResourceResponseBase(HttpStatusCode httpStatusCode, IApiResource resource) : base(httpStatusCode)
{
var location = new ResourceLocation();
resource.SetLocation(location);
Headers.Location = location.Location;
}
protected ResourceResponseBase(HttpStatusCode httpStatusCode, IApiResource resource)
: base(httpStatusCode)
{
var location = new ResourceLocation();
resource.SetLocation(location);
Headers.Location = location.Location;
}
private IEnumerable <Endpoint> GetEndpoints(IApiResource resource, EndpointScope scope, EndpointType type, IHateoasAuthorizator authorizator)
{
var links =
Endpoints
.Where(x => x.Type == type &&
x.Scope == scope &&
x.ResourceCode == resource.ApiResourceCode &&
authorizator.IsAuthorized(resource, x));
return(links);
}
public HateoasElementView GetHateoasElementView(IApiResource resource)
{
string parentResourceCode = CurrentEndpoint.ResourceCode;
HateoasLabeledLink parentLink = this.GetParentLink(parentResourceCode, resource.ApiResourceCode);
var elemLinks = GetElementLinks(resource);
var elemActions = GetElementActions(resource);
var view = new HateoasElementView(elemLinks, elemActions, resource, parentLink);
return(view);
}
protected Dictionary <string, HateoasAction> GetElementActions(IApiResource resource)
{
if (resource == null)
{
throw new ArgumentNullException(nameof(resource));
}
var hateoasActionMap = new Dictionary <string, HateoasAction>();
var relevantEndpoints = HateoasService.GetElementActions(resource, Authorizator);
foreach (Endpoint endpoint in relevantEndpoints)
{
HateoasAction newAction = new HateoasAction();
newAction.Method = endpoint.HttpMethod;
newAction.Href = "/" + endpoint.UrlTemplate;
newAction.Href = ReflectionUtils.ReplaceUrlTemplate(newAction.Href, resource);
hateoasActionMap.Add(endpoint.EndpointName, newAction);
}
return(hateoasActionMap);
}
public NotModifiedResponse(IApiResource resource)
: base(HttpStatusCode.NotModified, resource)
{
}
public ApiService(IApiResource apiResource)
{
_apiResource = apiResource;
}
public ConflictResponse(IApiResource apiResource)
: base(HttpStatusCode.Conflict, apiResource)
{
}
public ConflictResponse(IApiResource apiResource)
: base(HttpStatusCode.Conflict, apiResource)
{
}
public CreateResponse(IApiResource resource)
: base(HttpStatusCode.Created, resource)
{
}
public FormattedValueSelector(IApiResource apiResource)
{
this.apiResource = apiResource;
}
public ElementView(IApiResource viewModel)
{
this.ViewModel = viewModel;
}
public NotModifiedResponse(IApiResource resource)
: base(HttpStatusCode.NotModified, resource)
{
}
public CreateResponse(IApiResource resource)
: base(HttpStatusCode.Created, resource)
{
}
public bool IsAuthorized(IApiResource fromResource, Endpoint targetEndpoint)
{
return(true);
}
public IEnumerable <Endpoint> GetElementLinks(IApiResource resource, IHateoasAuthorizator authorizator)
{
var links = this.GetEndpoints(resource, EndpointScope.Element, EndpointType.Link, authorizator);
return(links);
}
public IEnumerable <Endpoint> GetElementActions(IApiResource resource, IHateoasAuthorizator authorizator)
{
var actions = this.GetEndpoints(resource, EndpointScope.Element, EndpointType.Action, authorizator);
return(actions);
}
