//TODO: maybe instead of for accepting a collection here, just take in one by one
private async Task <List <Permission> > GetReadOnlyCollectionPermissions(string userId, List <string> collectionNames)
{
List <Permission> collectionPermissions = new List <Permission>();
foreach (var collName in collectionNames)
{
Permission collPermission = new Permission();
try
{
// permission names are unique to the user
var collPermissionId = $"{userId}-{collName}";
// Read the permission from Cosmos (will throw a 404 if it doesn't exist)
collPermission = await Client.ReadPermissionAsync(UriFactory.CreatePermissionUri(databaseId, userId, collPermissionId));
}
catch (DocumentClientException dcx)
{
if (dcx.StatusCode == HttpStatusCode.NotFound)
{
// Permission doesn't exist. First make sure the user exists
await CreateUserIfNotExistAsync(userId);
// New up a permissions for that user
var newPermission = new Permission
{
PermissionMode = PermissionMode.Read,
Id = $"{userId}-{collName}",
ResourceLink = UriFactory.CreateDocumentCollectionUri(databaseId, collName).ToString()
};
collPermission = await Client.CreatePermissionAsync(UriFactory.CreateUserUri(databaseId, userId), newPermission);
}
else
{
throw dcx;
}
}
// Add a document of this permission to Cosmos for caching reasons (so we don't have to grab it if it hasn't expired)
var expires = Convert.ToInt32(DateTime.UtcNow.Subtract(BeginningOfTime).TotalSeconds) + 3600;
var permissionToken = new CollectionPermissionToken
{
Expires = expires,
UserId = userId,
ResourceId = collName,
SerializedPermission = SerializePermission(collPermission)
};
await CacheUserCollectionToken(permissionToken);
collectionPermissions.Add(collPermission);
}
return(collectionPermissions);
}
private async Task <Permission> RetrieveCachedPermission(string userId, string objectToGet)
{
CollectionPermissionToken permissionDocument = await Client.ReadDocumentAsync <CollectionPermissionToken>(
UriFactory.CreateDocumentUri(databaseId, collectionId, $"{userId}-{objectToGet}-permission")
);
if (permissionDocument == null)
{
return(null);
}
int expires = permissionDocument.Expires;
int fiveMinAgo = Convert.ToInt32(DateTime.UtcNow.AddMinutes(-5).Subtract(BeginningOfTime).TotalSeconds);
if (expires > fiveMinAgo)
{
// deserialize the permission
string serializedPermission = permissionDocument.SerializedPermission;
using (var memStream = new MemoryStream())
{
using (var streamWriter = new StreamWriter(memStream))
{
streamWriter.Write(serializedPermission.ToString());
streamWriter.Flush();
memStream.Position = 0;
var permission = Permission.LoadFrom <Permission>(memStream);
streamWriter.Close();
return(permission);
}
}
}
return(null);
}
private async Task CacheUserCollectionToken(CollectionPermissionToken token)
{
token.Id = $"{token.UserId}-{token.ResourceId}-permission";
await Client.UpsertDocumentAsync(UriFactory.CreateDocumentCollectionUri(databaseId, collectionId), token);
}
