public static IEnumerable <object[]> PartiallyValidPermissions()
{
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Data.Read,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/*:*")
}
});
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Data.Read,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/*")
}
});
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Data.Read,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/1234:herd/*")
}
});
}
public IActionResult Get()
{
// somehow determine what the resource, action and schema are
var resource = CRN.FromValue("crn:farm/1");
var action = ResourceAction.FromValue("iam:owner");
var schema = CSN.FromValue("csn:ag-data:farm");
// validate permissions
var permissionsValid = this.ValidatePermissions(resource, action, schema);
if (!permissionsValid)
{
return(Forbid());
}
var rng = new Random();
return(Ok(Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = rng.Next(-20, 55),
Summary = Summaries[rng.Next(Summaries.Length)]
})
.ToArray()));
}
private Resource ToModel(Persistance.Models.Resource resource)
{
var identifier = CRN.FromValue(resource.CanonicalName);
var actions = resource.Actions.Select(a => ResourceAction.FromValue(a.Action.CanonicalName)).ToArray();
return(Resource.FromIdentifier(identifier).WithActions(actions));
}
public IEnumerable <DataProvider> All()
{
return(this.context.DataProviders.Include(p => p.Principal).ToList().Select(p => new DataProvider()
{
Principal = CPN.FromValue(p.Principal.CanonicalName),
Identifier = CRN.FromValue(p.CanonicalName),
Name = p.Name
}));
}
public static IEnumerable <object[]> InvalidPermissions()
{
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Identified.Individual,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/88756")
}
});
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Iam.Owner,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/8876:*")
}
});
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Iam.Delegated,
Principal = Identities.Admin,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/88756")
}
});
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Iam.Delegated,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/88756")
}
});
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Iam.Owner,
Principal = Identities.DanielB,
Schema = Schemas.NumbersOnProperty,
Resource = CRN.FromValue("crn:farm/*:herd/88756")
}
});
}
private PermissionGrant ToModel(Persistance.Models.PermissionGrant entity)
{
return(new PermissionGrant()
{
Id = entity.PermissionGrantId,
Principal = CPN.FromValue(entity.Principal.CanonicalName),
Schema = CSN.FromValue(entity.Schema.CanonicalName),
Actions = entity.Actions.Select(a => ResourceAction.FromValue(a.Action.CanonicalName)).ToList(),
Resource = entity.Resources.Select(r => CRN.FromValue(r.Resource.CanonicalName)).ToList()
});
}
public IEnumerable <DataSource> GetSources(CRN identifier)
{
return(this.context.DataSources
.Include(x => x.Provider)
.Where(s => s.Provider.CanonicalName == identifier.ToString())
.ToList()
.Select(s => new DataSource()
{
Identifier = CRN.FromValue(s.CanonicalName),
Provider = CRN.FromValue(s.Provider.CanonicalName)
}));
}
public override Resource ReadJson(JsonReader reader, Type objectType, Resource existingValue, bool hasExistingValue,
JsonSerializer serializer)
{
var token = JToken.Load(reader);
if (token.Type == JTokenType.Object)
{
CRN identifier = null;
ResourceAction[] actions = null;
foreach (var t in token.Children())
{
if (t.Path == "identifier")
{
identifier = CRN.FromValue(t.First.Value <string>());
continue;
}
if (t.Path == "action")
{
var values = t.Values();
actions = values.Select(v => ResourceAction.FromValue(v.Value <string>())).ToArray();
continue;
}
}
if (actions != null)
{
return(Resource.FromIdentifier(identifier).WithActions(actions));
}
return(Resource.FromIdentifier(identifier));
}
if (token.Type == JTokenType.String)
{
var value = serializer.Deserialize <CRN>(token.CreateReader());
return(Resource.FromIdentifier(value));
}
try
{
if (token.Value <CRN>() == default)
{
return(null);
}
var value = serializer.Deserialize <CRN>(reader);
return(Resource.FromIdentifier(value));
}
catch
{
return(null);
}
}
public IActionResult Delete(string resource)
{
var resourceName = CRN.FromValue(HttpUtility.UrlDecode(resource));
var found = this.storage.FindByIdentifier(resourceName).FirstOrDefault();
if (found == null)
{
return(NotFound());
}
this.storage.Remove(found);
return(Ok(resource));
}
public static IEnumerable <object[]> ValidPermissions()
{
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Data.Read,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/*:herd/88756")
}
});
//yield return new object[]
//{
// new PermissionTicketRequest()
// {
// Action = ResourceActions.Data.Read,
// Principal = Identities.DanielB,
// Schema = Schemas.MilkPickup,
// Resource = CRN.FromValue("crn:farm/*:herd/88756:*")
// }
//};
yield return(new object[]
{
new PermissionTicketRequest()
{
Action = ResourceActions.Data.Read,
Principal = Identities.DanielB,
Schema = Schemas.MilkPickup,
Resource = CRN.FromValue("crn:farm/1234:herd/88756")
}
});
//yield return new object[]
//{
// new PermissionTicketRequest()
// {
// Action = ResourceActions.Data.Read,
// Principal = Identities.DanielB,
// Schema = Schemas.MilkPickup,
// Resource = CRN.FromValue("crn:farm/1234:herd/88756:*")
// }
//};
}
public IEnumerable <DataProviderPolicy> GetPoliciesForSchema(CSN schema)
{
return(this.context.DataProviderPolicies
.Include(p => p.Provider)
.Include(p => p.Schema)
.Include(p => p.PolicyItems)
.ThenInclude(i => i.Principal)
.Where(p => p.Schema.CanonicalName == schema.ToString())
.ToList()
.Select(p => new DataProviderPolicy()
{
Provider = CRN.FromValue(p.Provider.CanonicalName),
Schema = CSN.FromValue(p.Schema.CanonicalName),
Rule = p.PolicyItems.Select(i => new DataProviderPolicyRule()
{
Principal = CPN.FromValue(i.Principal.CanonicalName),
Allow = i.Allow,
Deny = i.Deny
}).ToList()
}));
}
public static Resource FromIdentifier(string identifier) => FromIdentifier(CRN.FromValue(identifier));
public static IEnumerable <object[]> UnknownResources()
{
yield return(new object[] { CRN.FromValue("crn:farm/1") });
yield return(new object[] { CRN.FromValue("crn:farm/*:herd/8876:*") });
}
