/// <summary>
/// Registers a Factory that resolves Db-Contexts through the Plugin-Environment
/// </summary>
/// <param name="options">the foreign-key options object</param>
/// <param name="usePermissionScope">indicates whether to use the permission-scope</param>
/// <returns>the provided options-object for method-chaining</returns>
public static T UsePlugins <T>(this T options, bool usePermissionScope = true) where T : ContextResolveOptions
{
return((T)options.RegisterService("*", (provider, s, area) =>
{
IWebPluginHelper plugins = provider.GetService <IWebPluginHelper>();
IPermissionScope scope = null;
if (usePermissionScope)
{
scope = provider.GetService <IPermissionScope>();
}
var name = $"{scope?.PermissionPrefix}{area}{s}";
var factory = plugins.GetFactory();
var retVal = factory[name, true];
if (retVal == null)
{
name = $"{scope?.PermissionPrefix}{s}";
retVal = factory[name, true];
}
if (retVal == null)
{
retVal = factory[s, true];
}
return retVal;
}));
}
/// <summary>
/// Gets the FileHandler with a specific name
/// </summary>
/// <param name="services">the serviceprovider that holds injectable services</param>
/// <param name="rawName">the expected raw-name of the file-handler</param>
/// <returns>the requested instance when it was found.</returns>
public static object GetFileHandler(this IServiceProvider services, string rawName)
{
IWebPluginHelper plugins = services.GetService <IWebPluginHelper>();
IPermissionScope scope = services.GetService <IPermissionScope>();
var name = $"{scope?.PermissionPrefix}{rawName}";
var factory = plugins.GetFactory();
var retVal = factory[name, true];
if (retVal == null)
{
retVal = factory[rawName, true];
}
if (retVal is IAsyncFileHandler afh)
{
return(afh);
}
if (retVal is IFileHandler sfh)
{
return(sfh);
}
return(null);
}
protected DbNavigationBuilder(ISecurityContext <TUserId, TUser, TRole, TPermission, TUserRole, TRolePermission, TTenantUser, TNavigationMenu, TTenantNavigation, TQuery, TQueryParameter, TTenantQuery, TWidget, TWidgetParam, TUserWidget, TUserProperty> securityContext, IServiceProvider services, IPermissionScope permissionScope, IOptions <ToolkitPolicyOptions> options)
{
this.securityContext = securityContext;
this.services = services;
this.permissionScope = permissionScope;
this.options = options;
}
/// <summary>
/// <para>
/// Instance of resource permission
/// </para>
/// </summary>
/// <param name="permissionScope">Permission scope.</param>
/// <param name="resourceToken">Resource token.</param>
/// <param name="id">Permission id.</param>
/// <param name="partitionKey">Partition key</param>
/// <param name="expiresUtc">Permission expiration (UTC)</param>
public ResourcePermission(
IPermissionScope permissionScope,
string resourceToken,
string id,
string partitionKey,
DateTime expiresUtc) : this(permissionScope.PermissionMode, permissionScope.Scope, resourceToken, id, partitionKey, expiresUtc)
{
}
public SecurityContext(IPermissionScope tenantProvider, IContextUserProvider userProvider, ILogger <TImpl> logger, DbContextOptions <TImpl> options) : base(options)
{
this.logger = logger;
this.tenantProvider = tenantProvider;
this.userProvider = userProvider;
useFilters = true;
/*HideGlobals = true;
* HideGlobals = false;
* ShowAllTenants = false;
* ShowAllTenants = true;*/
try
{
logger.LogDebug($@"SecurityContext initialized. useFilters={useFilters}, CurrentTenant: {tenantProvider?.PermissionPrefix}, ShowAllTenants: {showAllTenants}, HideGlobals: {hideGlobals}");
}
catch
{
}
}
/// <summary>
/// Gets the Proxy-Remote-Client that enables this object to create a proxy
/// </summary>
/// <param name="services">the service-collection that contains services required to create the client</param>
/// <returns>the client-instance that is requested</returns>
protected override IBaseClient GetClient(IServiceProvider services)
{
var userProvider = services.GetService <IContextUserProvider>();
if (userProvider == null)
{
throw new InvalidOperationException("HttpContextAccessor is required!");
}
var plugins = services.GetService <IWebPluginHelper>();
if (plugins == null)
{
throw new InvalidOperationException("Plugins are not configured!");
}
IPermissionScope nameExtender = services.GetService <IPermissionScope>();
var permissionScope = nameExtender?.PermissionPrefix ?? "";
Dictionary <string, object> formatHints = new Dictionary <string, object>(userProvider.RouteData);
PluginFactory factory = plugins.GetFactory();
IBaseClient retVal = null;
formatHints.Add("PermissionScope", permissionScope);
for (var i = 0; i < ObjectPatterns.Length; i++)
{
var name = ObjectPatterns[i];
name = formatHints.FormatText(name);
var tmp = factory[name, true];
if (i == ObjectPatterns.Length - 1)
{
retVal = (IBaseClient)tmp;
}
}
return(retVal);
}
public AspNetSecurityContext(IPermissionScope tenantProvider, IContextUserProvider userProvider,
ILogger <AspNetSecurityContext> logger, DbContextOptions <AspNetSecurityContext> options) : base(
tenantProvider, userProvider, logger, options)
{
}
public DbNavigationBuilder(TImpl securityContext, IServiceProvider services, IPermissionScope permissionScope, IOptions <ToolkitPolicyOptions> options) :
base(securityContext, services, permissionScope, options)
{
}
public UrlFormatImpl(IContextUserProvider userProvider, IPermissionScope permissionScope)
{
this.userProvider = userProvider;
this.permissionScope = permissionScope;
}
private async Task <(User user, IPermissionScope permissionScope)> GetOrCreateUser(string userId, IPermissionScope permissionScope, CancellationToken ct)
{
var permissionUserId = GetPermissionUserId(userId, permissionScope);
try
{
var user = _database.GetUser(permissionUserId);
var userResponse = await user.ReadAsync(cancellationToken : ct);
// If the user does not exist, then create it.
// This if statement is probably not necessary, as an CosmosException is throw if the user.ReadAsync fails:
// however the documentation is not 100 % clear on this: https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.cosmos.database.readasync?view=azure-dotnet
if (userResponse?.StatusCode != HttpStatusCode.OK || userResponse?.User is null)
{
userResponse = await _database.CreateUserAsync(permissionUserId, cancellationToken : ct);
}
return(userResponse.User, permissionScope);
}
catch (CosmosException ex)
{
// If the user does not exist, then create it.
if (ex.StatusCode == HttpStatusCode.NotFound)
{
var user = await _database.CreateUserAsync(permissionUserId, cancellationToken : ct);
return(user, permissionScope);
}
throw new ResourceTokenBrokerServiceException($"Unable to get or create user with user id: {permissionUserId}. Unhandled exception: {ex}");
}
}
private static string GetPermissionUserId(string userId, IPermissionScope permissionScope) => $"{userId}-{permissionScope.Scope}";
