/// <inheritdoc />
public async Task OnAuthenticatedAsync(ulong guildId, IEnumerable <ulong> roleIds, ulong userId)
{
CurrentGuildId = guildId;
CurrentUserId = userId;
var claims = new HashSet <AuthorizationClaim>();
foreach (var claimMapping in (await ClaimMappingRepository
.SearchBriefsAsync(new ClaimMappingSearchCriteria()
{
GuildId = guildId,
RoleIds = roleIds.ToArray(),
UserId = userId,
IsRescinded = false
}))
// Evaluate role mappings (userId is null) first, to give user mappings precedence.
.OrderBy(x => x.UserId)
// Evaluate granted mappings first, to give denied mappings precedence.
.ThenBy(x => x.Type))
{
if (claimMapping.Type == ClaimMappingType.Granted)
{
claims.Add(claimMapping.Claim);
}
else
{
claims.Remove(claimMapping.Claim);
}
}
CurrentClaims = claims;
}
/// <inheritdoc />
public async Task ModifyClaimMapping(ulong roleId, AuthorizationClaim claim, ClaimMappingType?newType)
{
RequireAuthenticatedUser();
RequireClaims(AuthorizationClaim.AuthorizationConfigure);
var foundClaims = await ClaimMappingRepository.SearchBriefsAsync(new ClaimMappingSearchCriteria
{
Claims = new[] { claim },
RoleIds = new[] { roleId },
GuildId = CurrentGuildId
});
using (var transaction = await ClaimMappingRepository.BeginCreateTransactionAsync())
{
foreach (var existing in foundClaims)
{
await ClaimMappingRepository.TryDeleteAsync(existing.Id, CurrentUserId.Value);
}
if (newType.HasValue)
{
await ClaimMappingRepository.CreateAsync(new ClaimMappingCreationData()
{
GuildId = CurrentGuildId.Value,
Type = newType.Value,
RoleId = roleId,
Claim = claim,
CreatedById = CurrentUserId.Value
});
}
transaction.Commit();
}
}
private async Task <IReadOnlyCollection <AuthorizationClaim> > LookupPosessedClaimsAsync(ulong guildId, IEnumerable <ulong> roleIds, ulong userId, IEnumerable <AuthorizationClaim> claimsFilter = null)
{
var posessedClaims = new HashSet <AuthorizationClaim>();
foreach (var claimMapping in (await ClaimMappingRepository
.SearchBriefsAsync(new ClaimMappingSearchCriteria()
{
GuildId = guildId,
RoleIds = roleIds.ToArray(),
UserId = userId,
Claims = claimsFilter?.ToArray(),
IsDeleted = false
}))
// Evaluate role mappings (userId is null) first, to give user mappings precedence.
.OrderBy(x => x.UserId)
// Order putting @everyone last
.ThenByDescending(x => x.RoleId == guildId)
// Evaluate granted mappings first, to give denied mappings precedence.
.ThenBy(x => x.Type))
{
if (claimMapping.Type == ClaimMappingType.Granted)
{
posessedClaims.Add(claimMapping.Claim);
}
else
{
posessedClaims.Remove(claimMapping.Claim);
}
}
return(posessedClaims);
}
/// <inheritdoc />
public async Task <IReadOnlyCollection <AuthorizationClaim> > GetGuildRoleClaimsAsync(IRole guildRole)
{
return((await ClaimMappingRepository.SearchBriefsAsync(new ClaimMappingSearchCriteria
{
RoleIds = new[] { guildRole.Id },
IsDeleted = false,
Types = new[] { ClaimMappingType.Granted },
GuildId = guildRole.Guild.Id
}))
.Select(d => d.Claim)
.ToList());
}
