Example #1
0
        public PrincipalsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            modelCatalog.AddModel <FabricPrincipalApiModel>();

            RouteDescriber.DescribeRouteWithParams(
                "Search",
                "",
                "Searches for users and groups in an identity provider",
                new[]
            {
                new HttpResponseMetadata <IdpSearchResultApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Search was successful"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Invalid type parameter provided"
                }
            },
                new[]
            {
                _searchTextParameter,
                _typeParameter
            },
                new[]
            {
                _searchTag
            }).SecurityRequirement(_oAuth2SearchScopeBuilder);
        }
        public IdentitySearchMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            modelCatalog.AddModels(
                typeof(IdentitySearchRequest),
                typeof(IdentitySearchResponse));

            RouteDescriber.DescribeRouteWithParams(
                "GetIdentities",
                string.Empty,
                "Searches for users and (non-custom) groups by client ID and other optional parameters.",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <IEnumerable <IdentitySearchResponse> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata <IEnumerable <IdentitySearchResponse> >
                {
                    Code    = (int)Nancy.HttpStatusCode.PartialContent,
                    Message = "Partial success (e.g., results were found in Fabric.Authorization but the call out to Fabric.Identity failed). Properties populated by Fabric.Identity data are FirstName, MiddleName, LastName, and LastLoginDateTimeUtc."
                },
                new HttpResponseMetadata
                {
                    Code    = (int)Nancy.HttpStatusCode.Forbidden,
                    Message = "Client does not have the required scopes to read data in Fabric.Authorization (fabric/authorization.read)."
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)Nancy.HttpStatusCode.BadRequest,
                    Message = "Group already exists"
                }
            },
                new[]
            {
                _clientIdParameter,
                PageNumberParameter,
                PageSizeParameter,
                FilterParameter,
                SortKeyParameter,
                SortDirectionParameter
            },
                new[]
            {
                _searchTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);
        }
        public UsersMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            ModelCatalog.AddModels(typeof(PermissionAction));
            ModelCatalog.AddModels(typeof(PermissionRoleApiModel));
            ModelCatalog.AddModels(typeof(ResolvedPermissionApiModel));
            ModelCatalog.AddModels(typeof(UserApiModel));
            ModelCatalog.AddModels(typeof(List <RoleApiModel>));
            ModelCatalog.AddModels(typeof(PermissionRequestContext));

            RouteDescriber.DescribeRouteWithParams(
                "AddUser",
                "",
                "Adds a new user.",
                new []
            {
                new HttpResponseMetadata <UserApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "User does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "User object in body failed validation"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "User with specified IdentityProvider and Subject already exists"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <UserApiModel>(modelCatalog)
                {
                    Name        = "User",
                    Description = "The user to add"
                }
            },
                new []
            {
                _usersTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddRolesToUser",
                "",
                "Adds roles to an existing user.",
                new[]
            {
                new HttpResponseMetadata <UserApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Roles added."
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "User does not have access to add the specified roles."
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "List of roles in body failed validation"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Specified user does not exist"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <List <RoleApiModel> >(modelCatalog)
                {
                    Name        = "Roles",
                    Description = "The roles to add"
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteRolesFromUser",
                "",
                "Deletes roles from existing user.",
                new[]
            {
                new HttpResponseMetadata <UserApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Roles deleted."
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "User does not have access to add the specified roles."
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "List of roles in body failed validation"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Specified user does not exist"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <List <RoleApiModel> >(modelCatalog)
                {
                    Name        = "Roles",
                    Description = "The roles to delete."
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRoute(
                "GetCurrentUserPermissions",
                "",
                "Gets permissions for currently authenticated user",
                new[]
            {
                new HttpResponseMetadata <UserPermissionsApiModel> {
                    Code = (int)HttpStatusCode.OK, Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetUserPermissions",
                "",
                "Gets permissions for specified user. Note this will only retrieve 1) granular permissions and 2) permissions under roles mapped to Custom groups.",
                new[]
            {
                new HttpResponseMetadata <List <ResolvedPermissionApiModel> > {
                    Code = (int)HttpStatusCode.OK, Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                _identityProviderParameter,
                _subjectIdParameter
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddGranularPermissions",
                "",
                "Adds granular permissions for a user, either to allow or deny",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Granular permissions were added"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "No permissions to add included in request."
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "The permissions specified already exist either as duplicates or with a different permission action than the one specified or a permission is in the request as both allow and deny"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                _identityProviderParameter,
                _subjectIdParameter,
                new BodyParameter <List <PermissionApiModel> >(modelCatalog)
                {
                    Name        = "GranularPermissions",
                    Description = "The permissions to add for the user."
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ManageClientsScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteGranularPermissions",
                "",
                "Deletes granular permissions for a user",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "The permissions were deleted"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "No permissions were specified or the permissions specified do not exist or already exist with a different permission action."
                }
            },
                new[]
            {
                _identityProviderParameter,
                _subjectIdParameter,
                new BodyParameter <List <PermissionApiModel> >(modelCatalog)
                {
                    Name        = "GranularPermissions",
                    Description = "The permissions to delete from the user."
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ManageClientsScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetUserGroups",
                "",
                "Gets custom groups for a user",
                new[]
            {
                new HttpResponseMetadata <IEnumerable <GroupUserApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "List of GroupUserApiModel entities representing groups in which the user belongs"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "User was not found"
                }
            },
                new[]
            {
                _subjectIdParameter
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetUserRoles",
                "",
                "Gets the roles associated with a user",
                new[]
            {
                new HttpResponseMetadata <List <RoleApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "List of roles representing the roles this user has been directly associated to."
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "User was not found"
                }
            },
                new[]
            {
                _identityProviderParameter,
                _subjectIdParameter
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);
        }
Example #4
0
        public ServiceDetailsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog) : base(modelCatalog, tagCatalog)
        {
            RouteDescriber.AddBaseTag(new Tag()
            {
                Description = "Operations for handling the service",
                Name        = "Service"
            });

            var customerSubTag = new Tag()
            {
                Name        = "Service/Customers",
                Description = "Operations of 'Service' relating to Customers"
            };

            RouteDescriber.DescribeRoute("ServiceHome", "", "Get Home", new[]
            {
                new HttpResponseMetadata {
                    Code = 200, Message = "OK"
                }
            });

            RouteDescriber.AddAdditionalModels(typeof(ServiceOwner), typeof(ServiceCustomer));
            RouteDescriber.DescribeRoute <ServiceDetails>("GetDetails", "", "Get Details", new[]
            {
                new HttpResponseMetadata {
                    Code = 200, Message = "OK"
                }
            });

            RouteDescriber.DescribeRoute <IEnumerable <ServiceCustomer> >("GetCustomers", "", "Get Customers", new[]
            {
                new HttpResponseMetadata {
                    Code = 200, Message = "OK"
                }
            }, new[]
            {
                customerSubTag
            });

            RouteDescriber.DescribeRouteWithParams("GetCustomer", "", "Get Customer", new HttpResponseMetadata[]
            {
                new HttpResponseMetadata <ServiceCustomer> {
                    Code = 200, Message = "OK"
                },
                new HttpResponseMetadata <IEnumerable <ServiceCustomer> > {
                    Code = 202, Message = "Multiple Customers Found"
                },
                new HttpResponseMetadata {
                    Code = 404, Message = "No Customers Found"
                },
            }, new[]
            {
                new Parameter {
                    Name = "name", In = ParameterIn.Path, Required = true, Description = "The customer's name", Default = "Jack", Type = "string"
                }
            }, new[]
            {
                customerSubTag
            });

            RouteDescriber.DescribeRouteWithParams <ServiceCustomer>("PostNewCustomer", "", "Add a new customer", new[]
            {
                new HttpResponseMetadata {
                    Code = 200, Message = "Customer Added"
                },
            }, new[]
            {
                new Parameter {
                    Name = "service", In = ParameterIn.Path, Required = true, Description = "The service's name", Default = "Nancy Swagger Service", Type = "string"
                },
                new BodyParameter <ServiceCustomer>(ModelCatalog)
                {
                    Name = "user", Required = true, Description = "The user"
                },
            }, new []
            {
                customerSubTag
            });

            RouteDescriber.DescribeRouteWithParams <SwaggerFile>("PostCustomerReview", "", "Add a customer's review", new[]
            {
                new HttpResponseMetadata <SwaggerFile> {
                    Code = 200, Message = "Review Added"
                },
            }, new[]
            {
                new Parameter {
                    Name = "name", In = ParameterIn.Path, Required = true, Description = "The customer's name", Default = "Jill", Type = "string"
                },
                new Parameter {
                    Name = "file", In = ParameterIn.Form, Required = true, Description = "The customer's review", Type = "file"
                },
            }, new[]
            {
                customerSubTag
            })
            //If you need to add something that is not a parameter to DescribeRoute,
            //the function will return the OperationBuilder so you can add it.
            .ProduceMimeTypes(new[] { "multipart/form-data", "application/x-www-form-urlencoded" });
        }
        public GroupsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            modelCatalog.AddModels(
                typeof(GroupRoleApiModel),
                typeof(GroupUserApiModel),
                typeof(UserApiModel));

            RouteDescriber.DescribeRouteWithParams(
                "AddGroup",
                "GroupSource can be either \"Custom\" for creating custom groups in Fabric or the displayName of the 3rd party identity provider if the group is from an external Idp. If groupSource is empty, it will be defaulted to the group source defined in the appsettings.json",
                "Adds a new group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Group already exists"
                }
            },
                new[]
            {
                new BodyParameter <GroupRoleApiModel>(modelCatalog)
                {
                    Name        = "Group",
                    Description = "The group to add"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadWriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "UpdateGroups",
                "",
                "Updates a list of groups, useful for syncing 3rd party ID Provider groups with Fabric.Authorization groups.",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Groups updated"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Group already exists"
                }
            },
                new[]
            {
                new BodyParameter <IEnumerable <GroupRoleApiModel> >(modelCatalog)
                {
                    Name        = "Group",
                    Description = "The groups to update"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetGroup",
                "",
                "Gets a group by name",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteGroup",
                "",
                "Deletes a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Group deleted"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            #region Group -> Role Mapping Docs

            RouteDescriber.DescribeRouteWithParams(
                "GetRolesFromGroup",
                "",
                "Gets roles for a group by group name",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                _securableItemParameter,
                _grainParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddRoleToGroup",
                "",
                "Adds a role to a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found or the role was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                _roleIdParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteRoleFromGroup",
                "",
                "Deletes a role from a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Updated group entity including any mapped roles"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found or the role was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                _roleIdParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            #endregion

            #region Group -> User Mapping Docs

            RouteDescriber.DescribeRouteWithParams(
                "GetUsersFromGroup",
                "",
                "Gets users for a custom group by group name",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupUserApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddUserToGroup",
                "1) This operation is only valid for custom groups. 2) The user specified by SubjectId parameter will be added silently if not found.",
                "Adds a user to a group.",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupUserApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "1) Group is not a custom group or 2) User is already a member of the group"
                }
            },
                new[]
            {
                _groupNameParameter,
                _subjectIdParameter,
                _identityProviderParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteUserFromGroup",
                "",
                "Deletes a user from a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupUserApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Updated group entity including any mapped users"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found or the user was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                _subjectIdParameter,
                _identityProviderParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            #endregion
        }
        public PermissionsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            RouteDescriber.DescribeRouteWithParams(
                "GetPermissionsForSecurableItem",
                "",
                "Get permissions for a particular grain and securable item",
                new[]
            {
                new HttpResponseMetadata <IEnumerable <PermissionApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                Parameters.GrainParameter,
                Parameters.SecurableItemParameter
            },
                new[]
            {
                _permissionsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetPermissionByName",
                "",
                "Get permissions for a particular grain, securable item, and permission name",
                new[]
            {
                new HttpResponseMetadata <IEnumerable <PermissionApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                Parameters.GrainParameter,
                Parameters.SecurableItemParameter,
                _permissionNameParameter
            },
                new[]
            {
                _permissionsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetPermissionById",
                "",
                "Get a permission by permission id",
                new[]
            {
                new HttpResponseMetadata <PermissionApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Permission was found"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Permission id must be a Guid"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Permission with the specified id was not found"
                }
            },
                new[]
            {
                _permissionIdParameter
            },
                new[]
            {
                _permissionsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddPermission",
                "",
                "Adds a new permissions",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Permission was created"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Permission data in body is invalid"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "Permission with the specified id already exists"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <PermissionApiModel>(modelCatalog)
                {
                    Name        = "Permission",
                    Description = "The permission to add"
                }
            },
                new[]
            {
                _permissionsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeletePermission",
                "",
                "Deletes a permission",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Permission with the specified id was deleted"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Permission id must be a guid"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Permission with specified id was not found"
                }
            },
                new[]
            {
                _permissionIdParameter
            },
                new[]
            {
                _permissionsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);
        }
Example #7
0
        public RolesMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            modelCatalog.AddModels(
                typeof(Guid),
                typeof(Guid?),
                typeof(PermissionApiModel));

            RouteDescriber.DescribeRouteWithParams(
                "GetRolesBySecurableItem",
                "",
                "Get roles associated with a securable item",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                Parameters.GrainParameter,
                Parameters.SecurableItemParameter
            },
                new[]
            {
                _rolesTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetRoleByName",
                "",
                "Get a role by role name",
                new[]
            {
                new HttpResponseMetadata <IEnumerable <RoleApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Role with specified name was found"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                Parameters.GrainParameter,
                Parameters.SecurableItemParameter,
                _roleNameParameter
            },
                new[]
            {
                _rolesTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddRole",
                "",
                "Add a new role",
                new[]
            {
                new HttpResponseMetadata <RoleApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Role with specified id already exists or Role object in body failed validation"
                }
            },
                new[]
            {
                new BodyParameter <RoleApiModel>(modelCatalog)
                {
                    Name        = "Role",
                    Description = "The role to add"
                }
            },
                new[]
            {
                _rolesTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteRole",
                "",
                "Deletes a role",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Role with the specified id was deleted"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Invalid roled id provided"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Role with specified id was not found"
                }
            },
                new[]
            {
                _roleIdParameter
            },
                new[]
            {
                _rolesTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddPermissionsToRole",
                "",
                "Add permissions to an existing role",
                new[]
            {
                new HttpResponseMetadata <RoleApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Permission added to role"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message =
                        "Invalid role id, no permissions specified to add, or incompatible permission provided"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Role not found or permission not found"
                }
            },
                new[]
            {
                _roleIdParameter,
                new BodyParameter <IEnumerable <PermissionApiModel> >(modelCatalog)
                {
                    Name        = "List of permissions",
                    Description = "The list of permissions to add to the role"
                }
            },
                new[]
            {
                _rolesTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeletePermissionsFromRole",
                "",
                "Delete permissions from an existing role",
                new[]
            {
                new HttpResponseMetadata <RoleApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Permission removed from role"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Invalid role id or no permissions specified to delete from role"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Role not found or permission not found"
                }
            },
                new[]
            {
                _roleIdParameter,
                new BodyParameter <IEnumerable <PermissionApiModel> >(modelCatalog)
                {
                    Name        = "List of permissions",
                    Description = "The list of permissions to add to the role"
                }
            },
                new[]
            {
                _rolesTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);
        }
        public SecurableItemsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            RouteDescriber.DescribeRoute(
                "GetSecurableItem",
                "",
                "Gets the top level securable item by client id",
                new[]
            {
                new HttpResponseMetadata <SecurableItemApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "The client was not found by client id"
                }
            },
                new[]
            {
                _securableItemsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetSecurableItemById",
                "",
                "Gets a securable item by client id and securable item id",
                new[]
            {
                new HttpResponseMetadata <SecurableItemApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "The client was not found by client id or the securable item was not found"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "The securable item id must be a guid"
                }
            },
                new[]
            {
                _securableItemIdParameter
            },
                new[]
            {
                _securableItemsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddSecurableItem",
                "",
                "Add a new securable item to the specified securable item hierarchy",
                new[]
            {
                new HttpResponseMetadata <SecurableItemApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message =
                        "The securable item id is not a guid or the securable item failed validation"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message =
                        "The client was not found by client id or the specified securable item by id was not found"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "The securable item with the specified id already exists"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                _securableItemIdParameter,
                new BodyParameter <SecurableItemApiModel>(modelCatalog)
                {
                    Name        = "Securable Item",
                    Description = "The securable item to add"
                }
            },
                new[]
            {
                _securableItemsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);
        }
Example #9
0
        public GroupsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            modelCatalog.AddModels(
                typeof(GroupRoleApiModel),
                typeof(GroupUserApiModel),
                typeof(PermissionApiModel),
                typeof(PermissionAction),
                typeof(RoleApiModel),
                typeof(UserApiModel),
                typeof(UserIdentifierApiRequest),
                typeof(RoleIdentifierApiRequest),
                typeof(GroupPatchApiRequest));

            RouteDescriber.DescribeRouteWithParams(
                "AddGroup",
                "GroupSource can be either \"Custom\" for creating custom groups in Fabric or the displayName of the 3rd party identity provider if the group is from an external Idp. If groupSource is empty, it will be defaulted to the group source defined in the appsettings.json",
                "Adds a new group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "Group already exists"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <GroupRoleApiModel>(modelCatalog)
                {
                    Name        = "Group",
                    Description = "The group to add"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadWriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "UpdateGroup",
                "",
                "Updates an existing group",
                new[]
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Updated"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name does not exist"
                }
                ,
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                _groupNameParameter,
                new BodyParameter <GroupPatchApiRequest>(modelCatalog)
                {
                    Name        = "GroupPatchApiRequest",
                    Description = "The model containing the fields to update (currently only DisplayName and Description can be modified)"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "UpdateGroups",
                "",
                "Updates a list of groups, useful for syncing 3rd party ID Provider groups with Fabric.Authorization groups.",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Groups updated"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "Group already exists"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <IEnumerable <GroupRoleApiModel> >(modelCatalog)
                {
                    Name        = "Group",
                    Description = "The groups to update"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetGroup",
                "",
                "Gets a group by name",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetGroups",
                "",
                "Gets groups by name and an optional type",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "No name parameter was provided or an invalid type parameter was provided"
                }
            },
                new[]
            {
                new Parameter()
                {
                    Name        = "name",
                    Description = "the group name",
                    Required    = true,
                    Type        = "string",
                    In          = ParameterIn.Query
                },
                new Parameter()
                {
                    Name        = "type",
                    Description = "the type of group, either 'custom' or 'directory'",
                    Required    = false,
                    Type        = "string",
                    In          = ParameterIn.Query
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteGroup",
                "",
                "Deletes a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Group deleted"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            #region Group -> Role Mapping Docs

            RouteDescriber.DescribeRouteWithParams(
                "GetRolesFromGroup",
                "",
                "Gets roles for a group by group name",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <IEnumerable <RoleApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                _securableItemParameter,
                _grainParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddRolesToGroup",
                "",
                "Adds a collection of roles to a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Roles added to group"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access or User does not have access to add the specified roles."
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found or the role was not found"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "Role with specified name already exists for the group"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "List of roles in body failed validation"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                _groupNameParameter,
                new BodyParameter <List <RoleApiModel> >(modelCatalog)
                {
                    Name        = "Roles",
                    Description = "The roles to add"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteRolesFromGroup",
                "",
                "Deletes 1 or more roles from a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupRoleApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Updated group entity including any mapped roles"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found or the role was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                new BodyParameter <List <RoleIdentifierApiRequest> >(modelCatalog)
                {
                    Name        = "Roles",
                    Description = "The roles to delete"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            #endregion

            #region Group -> User Mapping Docs

            RouteDescriber.DescribeRouteWithParams(
                "GetUsersFromGroup",
                "",
                "Gets users for a custom group by group name",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <IEnumerable <UserApiModel> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                }
            },
                new[]
            {
                _groupNameParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddUsersToGroup",
                "1) This operation is only valid for custom groups. 2) The user specified by SubjectId parameter will be added silently if not found.",
                "Adds 1 or more users to a group.",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupUserApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Subject Id or Identity Provider were missing or group is not a custom group"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "User is already a member of the group"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                _groupNameParameter,
                new BodyParameter <List <UserIdentifierApiRequest> >(modelCatalog)
                {
                    Name        = "Users",
                    Description = "The users to add"
                }
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteUserFromGroup",
                "",
                "Deletes a user from a group",
                new List <HttpResponseMetadata>
            {
                new HttpResponseMetadata <GroupUserApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Updated group entity including any mapped users"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Group with specified name was not found or the user was not found"
                }
            },
                new[]
            {
                _groupNameParameter,
                _subjectIdParameter,
                _identityProviderParameter
            },
                new[]
            {
                _groupsTag
            }).SecurityRequirement(OAuth2WriteScopeBuilder);

            #endregion
        }
Example #10
0
        public ClientsMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            modelCatalog.AddModels(
                typeof(SecurableItemApiModel),
                typeof(DateTime?),
                typeof(InnerError));

            RouteDescriber.DescribeRoute(
                "GetClients",
                "",
                "Gets all registered clients",
                new[]
            {
                new HttpResponseMetadata <ClientApiModel> {
                    Code = (int)HttpStatusCode.OK, Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                _clientsTag
            }).SecurityRequirement(OAuth2ManageClientsAndReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetClient",
                "",
                "Gets a single client",
                new[]
            {
                new HttpResponseMetadata <ClientApiModel>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Client found"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Client with specified id was not found"
                }
            },
                new[]
            {
                _clientIdParameter
            },
                new[]
            {
                _clientsTag
            }).SecurityRequirement(OAuth2ManageClientsAndReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddClient",
                "",
                "Registers a new client",
                new[]
            {
                new HttpResponseMetadata <ClientApiModel>
                {
                    Code    = (int)HttpStatusCode.Created,
                    Message = "Created"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Client object in body failed validation"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.Conflict,
                    Message = "Client with specified id already exists"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.UnsupportedMediaType,
                    Message = "Content-Type header was not included in request"
                }
            },
                new[]
            {
                new BodyParameter <ClientApiModel>(modelCatalog)
                {
                    Name        = "Client",
                    Description = "The client to register"
                }
            },
                new[]
            {
                _clientsTag
            }).SecurityRequirement(OAuth2ManageClientsAndWriteScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteClient",
                "",
                "Deletes a client",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NoContent,
                    Message = "Client deleted"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Client with specified id was not found"
                }
            },
                new[]
            {
                _clientIdParameter
            },
                new[]
            {
                _clientsTag
            }).SecurityRequirement(OAuth2ManageClientsAndWriteScopeBuilder);
        }
        public HeroMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog) : base(modelCatalog, tagCatalog)
        {
            //modelCatalog.AddModels(typeof(Hero));
            //modelCatalog.AddModel<Hero>();

            RouteDescriber.AddBaseTag(new Swagger.ObjectModel.Tag()
            {
                Name = "Hero", Description = "Operations for handling hero objects"
            });

            RouteDescriber.DescribeRouteWithParams <Hero>("GetHero", "", "Get Hero", new[]
            {
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.OK, Message = "A hero object is returned."
                },
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.NotFound, Message = "No hero was found with the name specified in the request."
                }
            },
                                                          new[]
            {
                new Swagger.ObjectModel.Parameter
                {
                    Name        = "name",
                    In          = Swagger.ObjectModel.ParameterIn.Path,
                    Description = "The name of the hero to return.",
                    Required    = true,
                    Type        = "string"
                }
            });

            RouteDescriber.DescribeRouteWithParams("DeleteHero", "", "Delete Hero", new[]
            {
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.NoContent, Message = "The object was successfully deleted or did not exist to begin with."
                }
            },
                                                   new[]
            {
                new Swagger.ObjectModel.Parameter
                {
                    Name        = "name",
                    In          = Swagger.ObjectModel.ParameterIn.Path,
                    Description = "The name of the hero to delete.",
                    Required    = true,
                    Type        = "string"
                }
            });

            RouteDescriber.DescribeRoute <Hero[]>("GetHeroList", "", "Get Hero List", new[]
            {
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.OK, Message = "An array with hero objects is returned."
                }
            });

            RouteDescriber.DescribeRouteWithParams("PutHero", "", "Put Hero", new[]
            {
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.Created, Message = "The hero object was created/updated."
                },
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.BadRequest, Message = "The body of the request does not conform to the Hero model."
                }
            },
                                                   new[]
            {
                new Swagger.ObjectModel.Parameter
                {
                    Name        = "hero",
                    In          = Swagger.ObjectModel.ParameterIn.Body,
                    Description = "The Hero object to put. If an object with the same name exists it will be replaced.",
                    Required    = true,
                    Type        = "Hero"
                }
            });
        }
        public ConfigurationNancyMetadataModule(
            ISwaggerModelCatalog modelCatalog,
            ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            var configurationStoreTag = new Tag
            {
                Name        = "Configuration",
                Description = "Operations to manage configuration values"
            };

            RouteDescriber
            .AddAdditionalModels(typeof(Nav));
            RouteDescriber
            .AddAdditionalModels(typeof(ConfigKeyListItem));
            RouteDescriber
            .AddAdditionalModels(typeof(ValueType));

            RouteDescriber.DescribeRoute <IEnumerable <ConfigKeyListItem> >(
                RouteRegistry.Api.Configuration.GetConfigs.Name,
                "Gets a summary of all configuration keys available",
                "Gets a summary of all configuration keys available",
                new[]
            {
                new HttpResponseMetadata <IEnumerable <ConfigKeyListItem> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                }
            },
                new[]
            {
                configurationStoreTag
            });

            RouteDescriber.DescribeRouteWithParams <ConfigValueListItem>(
                RouteRegistry.Api.Configuration.GetConfigForVersion.Name,
                "Gets the latest configuration value for the environment tag specified in the defined version",
                "Gets configuration value for environment",
                new[]
            {
                new HttpResponseMetadata <ConfigValueListItem>
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "Configuration key or value for environment not found"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.NotModified,
                    Message = "Configuration value found for environment, but no change from client version"
                }
            },
                new[]
            {
                new Parameter
                {
                    Name        = "configKey",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration's key",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "configVersion:version",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration's value version (semantic version format)",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "envTag",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration's environment",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "seq",
                    In          = ParameterIn.Query,
                    Required    = false,
                    Description = "Current sequence value held by client",
                    Type        = "integer"
                }
            },
                new[]
            {
                configurationStoreTag
            });

            RouteDescriber.DescribeRouteWithParams(
                RouteRegistry.Api.Configuration.AddNewConfiguration.Name,
                "Adds a new configuration key with a given value type",
                "Add a new configuration key",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Request received does not match expectation"
                }
            },
                new[]
            {
                new Parameter
                {
                    Name        = "configKey",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration's key",
                    Type        = "string"
                },
                new BodyParameter <NewConfigurationRequest>(modelCatalog)
                {
                    Name        = "new configuration",
                    Required    = true,
                    Description = "The configuration definition"
                }
            },
                new[]
            {
                configurationStoreTag
            });

            RouteDescriber.DescribeRouteWithParams(
                RouteRegistry.Api.Configuration.AddNewValueToConfiguration.Name,
                "Adds a new configuration value to an existing key, used to add values to a different set of environments",
                "Add a new configuration value for the key",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Request received does not match expectation"
                }
            },
                new[]
            {
                new Parameter
                {
                    Name        = "configKey",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "configVersion:version",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key's version",
                    Type        = "string"
                },
                new BodyParameter <NewValueToConfigurationRequest>(modelCatalog)
                {
                    Name        = "new configuration value",
                    Required    = true,
                    Description = "The configuration value definition"
                }
            },
                new[]
            {
                configurationStoreTag
            });

            RouteDescriber.DescribeRouteWithParams(
                RouteRegistry.Api.Configuration.UpdateValueOnConfiguration.Name,
                "Updates a specific configuration value, bumping the sequence number",
                "Updates a configuration value",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.BadRequest,
                    Message = "Request received does not match expectation"
                }
            },
                new[]
            {
                new Parameter
                {
                    Name        = "configKey",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "configVersion:version",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key's version",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "valueId:guid",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration value's identifier",
                    Type        = "string"
                },
                new BodyParameter <UpdateValueOnConfigurationRequest>(modelCatalog)
                {
                    Name        = "new configuration value",
                    Required    = true,
                    Description = "The configuration value definition"
                }
            },
                new[]
            {
                configurationStoreTag
            });

            RouteDescriber.DescribeRouteWithParams(
                RouteRegistry.Api.Configuration.DeleteConfiguration.Name,
                "Deletes a specific configuration key, with all versions and all their values",
                "Deletes a configuration key",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Deleted configuration key"
                },
            },
                new[]
            {
                new Parameter
                {
                    Name        = "configKey",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key",
                    Type        = "string"
                }
            },
                new[]
            {
                configurationStoreTag
            });

            RouteDescriber.DescribeRouteWithParams(
                RouteRegistry.Api.Configuration.DeleteValueFromConfiguration.Name,
                "Deletes a specific configuration value for a key with a specific version",
                "Deletes a configuration key",
                new[]
            {
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "Deleted configuration key"
                },
            },
                new[]
            {
                new Parameter
                {
                    Name        = "configKey",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "configVersion:version",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration key's version",
                    Type        = "string"
                },
                new Parameter
                {
                    Name        = "valueId:guid",
                    In          = ParameterIn.Path,
                    Required    = true,
                    Description = "The configuration value's identifier",
                    Type        = "string"
                }
            },
                new[]
            {
                configurationStoreTag
            });
        }
        public UsersMetadataModule(ISwaggerModelCatalog modelCatalog, ISwaggerTagCatalog tagCatalog)
            : base(modelCatalog, tagCatalog)
        {
            ModelCatalog.AddModels(typeof(PermissionAction));

            RouteDescriber.DescribeRoute(
                "GetUserPermissions",
                "",
                "Gets permissions for a user",
                new[]
            {
                new HttpResponseMetadata <UserPermissionsApiModel> {
                    Code = (int)HttpStatusCode.OK, Message = "OK"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "AddGranularPermissions",
                "",
                "Adds granular permissions for a user, either to allow or deny",
                new[]
            {
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.NoContent
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                _identityProviderParameter,
                _subjectIdParameter,
                new BodyParameter <List <PermissionApiModel> >(modelCatalog)
                {
                    Name        = "GranularPermissions",
                    Description = "The permissions to add for the user."
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ManageClientsScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "DeleteGranularPermissions",
                "",
                "Deletes granular permissions for a user",
                new[]
            {
                new HttpResponseMetadata {
                    Code = (int)HttpStatusCode.NoContent
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                }
            },
                new[]
            {
                _identityProviderParameter,
                _subjectIdParameter,
                new BodyParameter <List <PermissionApiModel> >(modelCatalog)
                {
                    Name        = "GranularPermissions",
                    Description = "The permissions to delete from the user."
                }
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ManageClientsScopeBuilder);

            RouteDescriber.DescribeRouteWithParams(
                "GetUserGroups",
                "",
                "Gets custom groups for a user",
                new[]
            {
                new HttpResponseMetadata <IEnumerable <string> >
                {
                    Code    = (int)HttpStatusCode.OK,
                    Message = "List of strings representing group names in which the user belongs"
                },
                new HttpResponseMetadata
                {
                    Code    = (int)HttpStatusCode.Forbidden,
                    Message = "Client does not have access"
                },
                new HttpResponseMetadata <Error>
                {
                    Code    = (int)HttpStatusCode.NotFound,
                    Message = "User was not found"
                }
            },
                new[]
            {
                _subjectIdParameter
            },
                new[]
            {
                _usersTag
            }).SecurityRequirement(OAuth2ReadScopeBuilder);
        }