private async Task SendRoleUpdateMessageAsync(PermissionConfigDto dto)
{
if (dto.GroupId != "*" && dto.Permissions.Any(p => p.StartsWith("DEV_CAB")))
{
var roleUpdateMessageDto = new RoleUpdateMessageDto
{
GroupId = dto.GroupId,
Roles = (dto.Role == "*") ? await GetRolesForGroup() : new List <string>
{
dto.Role
}
};
await _platformServiceBusService.TriggerPodAccessDefinitionGenerationAsync(roleUpdateMessageDto);
}
}
public async Task <DocumentUpdateResultDto> CreateAsync(PermissionConfigDto dto)
{
await CheckForDuplicates(dto.Role);
var permissionConfig = new PermissionConfig
{
Role = dto.Role,
Permissions = dto.Permissions ?? new List <string>()
};
var result = await _dataContext.CreateDocumentAsync(permissionConfig);
await SendRoleUpdateMessageAsync(dto);
return(result);
}
public async Task <DocumentUpdateResultDto> UpdateAsync(PermissionConfigDto dto)
{
await CheckForDuplicates(dto.Role, dto.Id);
var permission = await _dataContext.GetDocumentAsync <PermissionConfig>(dto.Id);
var previousRole = permission.Role;
var previousDevicePermissions = permission.Permissions.Where(p => p.StartsWith("DEV_CAB"));
permission.Id = dto.Id;
permission.Role = dto.Role;
permission.Permissions = dto.Permissions ?? new List <string>();
permission.ETag = dto.ETag;
var result = await _dataContext.ReplaceDocumentAsync(permission);
var addedPermissions = new List <string>();
var deletedPermissions = new List <string>();
if (dto.GroupId != "*")
{
addedPermissions = dto.Permissions.Where(p => p.StartsWith("DEV_CAB") && !previousDevicePermissions.Any(d => d == p)).ToList();
deletedPermissions = previousDevicePermissions.Where(p => !dto.Permissions.Any(d => d == p)).ToList();
if ((dto.Role != previousRole && dto.Permissions.Any(p => p.StartsWith("DEV_CAB"))) || addedPermissions.Any() || deletedPermissions.Any())
{
var roleUpdateMessageDto = new RoleUpdateMessageDto
{
GroupId = dto.GroupId,
Roles = (dto.Role == "*" || previousRole == "*") ? await GetRolesForGroup()
: (dto.Role == previousRole) ? new List <string>
{
dto.Role
}
: new List <string> {
dto.Role, previousRole
}
};
await _platformServiceBusService.TriggerPodAccessDefinitionGenerationAsync(roleUpdateMessageDto);
}
}
return(result);
}
public async Task <PermissionConfigDto> GetAsync(string id)
{
var document = await _dataContext.GetDocumentAsync <PermissionConfig>(id);
var dto = new PermissionConfigDto
{
Id = document.Id,
GroupId = document.GroupId,
Role = document.Role,
IsDeleted = document.IsDeleted,
ETag = document.ETag,
UpdatedById = document.UpdatedById,
UpdatedByName = document.UpdatedByName,
UpdatedOnUtc = document.UpdatedOnUtc,
Permissions = document.Permissions
};
return(dto);
}
public async Task <DocumentUpdateResultDto> Put([FromBody] PermissionConfigDto dto)
{
var result = await _permissionService.UpdateAsync(dto);
return(result);
}
