private SchemaValidation.Provider CreateSchemaProvider(ITweek tweek, IRulesRepository rulesProvider, SchemaValidation.Mode mode)
{
var logger = loggerFactory.CreateLogger("SchemaValidation.Provider");
SchemaValidation.Provider CreateValidationProvider()
{
logger.LogInformation("updating schema");
var schemaValues = tweek.Calculate(new[] { new ConfigurationPath("@tweek/schema/_") }, EmptyIdentitySet,
i => ContextHelpers.EmptyContext);
schemaValues.EnsureSuccess();
var schemaIdentities = schemaValues.ToDictionary(x => x.Key.Name, x => x.Value.Value);
var customTypesValues = tweek.Calculate(new[] { new ConfigurationPath("@tweek/custom_types/_") }, EmptyIdentitySet,
i => ContextHelpers.EmptyContext);
customTypesValues.EnsureSuccess();
var customTypes = customTypesValues.ToDictionary(x => x.Key.Name, x => CustomTypeDefinition.FromJsonValue(x.Value.Value));
return(SchemaValidation.Create(schemaIdentities, customTypes, mode));
}
var validationProvider = CreateValidationProvider();
rulesProvider.OnRulesChange += (_) => {
validationProvider = CreateValidationProvider();
};
return((p) => validationProvider(p));
}
public static async Task <Dictionary <ConfigurationPath, ConfigurationValue> > GetContextAndCalculate(this ITweek tweek,
ICollection <ConfigurationPath> pathQuery,
HashSet <Identity> identities,
IContextReader contextDriver,
GetLoadedContextByIdentityType externalContext = null)
{
var allContextData = (await Task.WhenAll(identities
.Select(async identity => new
{
Identity = identity,
Context = new Dictionary <string, JsonValue>(await contextDriver.GetContext(identity), StringComparer.OrdinalIgnoreCase)
})))
.ToDictionary(x => x.Identity, x => x.Context);
externalContext = externalContext ?? ContextHelpers.EmptyContextByIdentityType;
var loadedContexts = ContextHelpers.GetContextRetrieverByType(ContextHelpers.LoadContexts(allContextData), identities);
var context = ContextHelpers.AddSystemContext(ContextHelpers.Fallback(externalContext, loadedContexts));
var contextPaths = pathQuery.Any(x => x.IsScan) ? allContextData.Values.SelectMany(x => x.Keys)
.Where(x => x.Contains("@fixed:"))
.Select(x => x.Split(':')[1])
.Select(ConfigurationPath.New).ToArray() : null;
return(tweek.Calculate(pathQuery, identities, context, contextPaths));
}
public static bool CheckAuthenticationForKey(ITweek tweek, string permissionType, ClaimsPrincipal identity, Identity tweekIdentity)
{
var identityType = tweekIdentity.Type;
var key = $"@tweek/auth/{identityType}/{permissionType}";
if (identity.IsTweekIdentity())
{
return(true);
}
var authValues = tweek.Calculate(key, new HashSet <Identity>(),
type => type == "token"
? (GetContextValue)(q => Optional(identity.FindFirst(q)).Map(x => x.Value).Map(JsonValue.NewString))
: _ => None);
if (!authValues.TryGetValue(key, out var authValue))
{
return(true);
}
if (authValue.Exception != null)
{
return(false);
}
return(match(authValue.Value.AsString(),
with("allow", _ => true),
with("deny", _ => false),
claim => Optional(identity.FindFirst(claim))
.Match(c => c.Value.Equals(tweekIdentity.Id, StringComparison.OrdinalIgnoreCase), () => false)));
}
public static Dictionary <ConfigurationPath, ConfigurationValue> Calculate(this ITweek tweek,
ConfigurationPath pathQuery,
HashSet <Identity> identities, GetLoadedContextByIdentityType context, ConfigurationPath[] includeFixedPaths = null)
{
return(tweek.Calculate(new[] { pathQuery }, identities, context, includeFixedPaths));
}