public async Task SetEntityPermissions(Guid entityId, RuleSubject subject, IEnumerable <SecurityRule> rules) { await _mediator.Send(new SetPermissionsCommand <TContext>( entityId, subject, rules)); }
public async Task ClearRules(Guid entityId, RuleSubject subject) { await Delete(x => x.EntityId == entityId && x.Subject.SubjectId == subject.SubjectId && x.Subject.SubjectType == subject.SubjectType); }
public async Task SetRules(Guid entityId, RuleSubject subject, IEnumerable <SecurityRule> rules) { foreach (var rule in rules) { await SetRule(entityId, subject, rule); } }
private Expression <Func <EntitySecurityRule, bool> > Filter(Guid entityId, RuleSubject subject, SecurityRule rule) { return(x => x.EntityId == entityId && x.Subject.SubjectId == subject.SubjectId && x.Subject.SubjectType == subject.SubjectType && x.Rule.Right == rule.Right); }
public async Task SetRule(Guid entityId, RuleSubject subject, SecurityRule rule) { var entityRule = await GetRule(entityId, subject, rule); if (entityRule != null) { entityRule.Rule = rule; await Update(entityRule); return; } await Add(new EntitySecurityRule { EntityId = entityId, Subject = subject, Rule = rule, }); }
public async Task Create_derived_item() { using (var server = CreateServerWithAuthentication()) using (server.Host.Services .GetRequiredService <ISecurityImpersonationService>() .ImpersonateUser("User1")) { var context = GetEntityContext <TestEntityContext>(server); #region create root var rootItem = await context.Commands.Add(new TestEntity { Name = "root" }); #endregion #region create var item = await context.Commands.Add(new DerivedTestEntity { Name = "gigi" }, rootItem); #endregion //#region AsQueryable retreive //Assert.NotEqual(Guid.Empty, item.Id); //var foundItem = context.Query // .AsQueryable<DerivedTestEntity>() // .FirstOrDefault(x => x.Id == item.Id); //Assert.NotNull(foundItem); //Assert.Equal(item.Id, foundItem.Id); //Assert.Equal(item.Name, foundItem.Name); //#endregion #region GetItem retreive var foundItem = await context.Query.GetItem <DerivedTestEntity>(item.Id); Assert.NotNull(foundItem); Assert.Equal(item.Id, foundItem.Id); Assert.Equal(item.Name, foundItem.Name); var foundItems = await context.Query.GetItems <TestEntity>("/root/gigi"); Assert.NotEmpty(foundItems); Assert.Contains(foundItems, x => x.Id == item.Id); Assert.Contains(foundItems, x => x.Name == item.Name); #endregion #region GetChild retreive foundItem = await context.Query.GetChild <DerivedTestEntity>(rootItem); Assert.NotNull(foundItem); Assert.Equal(item.Id, foundItem.Id); Assert.Equal(item.Name, foundItem.Name); #endregion #region filtered GetChild retreive foundItem = await context.Query.GetChild <DerivedTestEntity>(rootItem, x => x.Name == "gigio"); Assert.Null(foundItem); foundItem = await context.Query.GetChild <DerivedTestEntity>(rootItem, x => x.Name == "gigi"); Assert.NotNull(foundItem); Assert.Equal(item.Id, foundItem.Id); Assert.Equal(item.Name, foundItem.Name); #endregion #region Update var itemToUpdate = await context.Query.GetItem <DerivedTestEntity>(item.Id); itemToUpdate.Name = "gigi-new"; var updatedItem = await context.Commands.Update(itemToUpdate); Assert.NotNull(updatedItem); Assert.Equal(itemToUpdate.Name, updatedItem.Name); #endregion #region partial update var partialUpdatedItem = await context.Commands.Update <DerivedTestEntity, string>(itemToUpdate.Id, x => x.Val2, "val-2"); Assert.NotNull(partialUpdatedItem); Assert.Equal("val-2", partialUpdatedItem.Val2); var partialUpdatedItem2 = await context.Commands.Update <DerivedTestEntity, string>(itemToUpdate.Id, x => x.Val2, null); Assert.NotNull(partialUpdatedItem2); Assert.Null(partialUpdatedItem2.Val2); #endregion #region Rename await context.Commands.Rename(rootItem, "root-new"); var renamedRootItems = await context.Query.GetItems <TestEntity>("/root-new"); var renamedRootItem = renamedRootItems.FirstOrDefault(x => x.Id == rootItem.Id); Assert.NotNull(renamedRootItem); var renamedItems = await context.Query.GetItems <DerivedTestEntity>("/root-new/gigi"); var renamedItem = renamedItems.FirstOrDefault(x => x.Id == item.Id); Assert.NotNull(renamedItem); #endregion #region Move var rootItem2 = await context.Commands.Add(new TestEntity { Name = "root2" }); await context.Commands.Move(rootItem, rootItem2); var movedItems = await context.Query.GetItems <DerivedTestEntity>("/root2/root-new/gigi"); var movedItem = movedItems.FirstOrDefault(x => x.Id == item.Id); Assert.NotNull(movedItem); await context.Commands.Move(movedItem, rootItem2); var secondMovedItems = await context.Query.GetItems <DerivedTestEntity>("/root2/gigi"); var secondMovedItem = secondMovedItems.FirstOrDefault(x => x.Id == item.Id); Assert.NotNull(secondMovedItem); #endregion #region permissions await context.Commands.SetEntityPermission(rootItem2.Id, RuleSubject.User("User1"), SecurityRule.DenyRead(true)); var readDeniedItem = await context.Query.GetItem <TestEntity>(rootItem2.Id); Assert.Null(readDeniedItem); await context.Commands.ClearEntityPermissions(rootItem2.Id, RuleSubject.User("User1")); readDeniedItem = await context.Query.GetItem <TestEntity>(rootItem2.Id); Assert.NotNull(readDeniedItem); #endregion #region delete await context.Commands.Delete(rootItem2); var foundItemAfterDelete = await context.Query .GetItem <DerivedTestEntity>(item.Id); Assert.Null(foundItemAfterDelete); #endregion #region filtered delete await context.Commands.Add(new DerivedTestEntity() { Name = "derived-entity-to-delete" }); Assert.NotNull(await context.Query.GetItem <DerivedTestEntity>(x => x.Name == "derived-entity-to-delete")); await context.Commands.Delete <DerivedTestEntity>(x => x.Name == "derived-entity-to-delete"); Assert.Null(await context.Query.GetItem <DerivedTestEntity>(x => x.Name == "derived-entity-to-delete")); #endregion } }
public async Task ClearEntityPermissions(Guid entityId, RuleSubject subject) { await SetEntityPermissions(entityId, subject, null); }
public async Task SetEntityPermission(Guid entityId, RuleSubject subject, SecurityRule rule) { await SetEntityPermissions(entityId, subject, new List <SecurityRule> { rule }); }
public SetPermissionsCommand(Guid entityId, RuleSubject subject, IEnumerable <SecurityRule> rules) { EntityId = entityId; Subject = subject; Rules = rules; }
public async Task ClearPermissions(RuleSubject subject) { ChekId(_entity); await _context.Commands.ClearEntityPermissions(Id, subject); }
public async Task SetPermissions(RuleSubject subject, IEnumerable <SecurityRule> rules) { ChekId(_entity); await _context.Commands.SetEntityPermissions(Id, subject, rules); }
public async Task DeleteSubjectRule(RuleSubject subject) { await Delete(x => x.Subject.SubjectId == subject.SubjectId && x.Subject.SubjectType == subject.SubjectType); }
public async Task DeleteRule(Guid entityId, RuleSubject subject, SecurityRule rule) { await Delete(Filter(entityId, subject, rule)); }
public async Task <EntitySecurityRule> GetRule(Guid entityId, RuleSubject subject, SecurityRule rule) { return(await GetItem(Filter(entityId, subject, rule))); }