Exemple #1
0
        public async Task <ApplicationFunctionModel> UpdateAsync(ApplicationFunctionModel applicationFunction)
        {
            a3SContext.Entry(applicationFunction).State = EntityState.Modified;
            await a3SContext.SaveChangesAsync();

            return(applicationFunction);
        }
Exemple #2
0
        public async Task <ApplicationFunctionModel> CreateAsync(ApplicationFunctionModel applicationFunction)
        {
            a3SContext.ApplicationFunction.Add(applicationFunction);
            await a3SContext.SaveChangesAsync();

            return(applicationFunction);
        }
Exemple #3
0
        private void AddResourcePermissionToFunction(ApplicationFunctionModel applicationFuction, SecurityContractPermission permission)
        {
            logger.Debug($"Assinging permission {permission.Name} to function: {applicationFuction.Name}.");
            // Check if there is an existing permission within the database. Add this one if found, else create a new one and add it.
            var existingPermission = permissionRepository.GetByName(permission.Name);

            PermissionModel permissionToAdd = new PermissionModel
            {
                Name        = permission.Name,
                Description = permission.Description
            };

            if (existingPermission != null)
            {
                logger.Debug($"Permission {permission.Name} already exists within the database. Not adding it.");
                permissionToAdd = existingPermission;
            }
            else
            {
                logger.Debug($"Permission {permission.Name} does not exist in the database. Adding it.");
            }

            applicationFuction.ApplicationFunctionPermissions.Add(new ApplicationFunctionPermissionModel
            {
                ApplicationFunction = applicationFuction,
                Permission          = permissionToAdd
            });
        }
Exemple #4
0
        private void AddPermissionToFunctionIfNotAlreadyAssigned(ApplicationFunctionModel applicationFunction, SecurityContractPermission permission)
        {
            // add the permission if it does not exist.
            var applicationPermission = applicationFunction.ApplicationFunctionPermissions.Find(fp => fp.Permission.Name == permission.Name);

            if (applicationPermission == null)
            {
                AddResourcePermissionToFunction(applicationFunction, permission);
            }
        }
 private void DetectAndUnassignPermissionsRemovedFromFunctions(ApplicationFunctionModel applicationFunction, SecurityContractFunction functionResource)
 {
     // Remove any permissions from the application function that are not within the updated definition.
     // Note! We are deleting items from the List so we cannot use a foreach.
     for (int i = applicationFunction.ApplicationFunctionPermissions.Count - 1; i >= 0; i--)
     {
         if (!functionResource.Permissions.Exists(fp => fp.Name == applicationFunction.ApplicationFunctionPermissions[i].Permission.Name))
         {
             logger.Debug($"[applications.fullname: '{applicationFunction.Application.Name}'].[applicationFunctions.name: '{applicationFunction.Name}'].[permissions.name: '{applicationFunction.ApplicationFunctionPermissions[i].Permission.Name}']: Permission: {applicationFunction.ApplicationFunctionPermissions[i].Permission.Name} was previously assigned to applicationFunction: '{applicationFunction.Name}' but is no longer assigned in the security contract being processed. Removing permission '{applicationFunction.ApplicationFunctionPermissions[i].Permission.Name}' from function '{applicationFunction.Name}'!");
             // Note: This only removes the function permissions association. The permission will still exist.
             applicationFunction.ApplicationFunctionPermissions.Remove(applicationFunction.ApplicationFunctionPermissions[i]);
         }
     }
 }
        public ApplicationFunctionService_Tests()
        {
            var config = new MapperConfiguration(cfg =>
            {
                cfg.AddProfile(new ApplicationFunctionResourceApplicationFunctionModelProfile());
                cfg.AddProfile(new UserResourceUserModelProfile());
            });

            mapper = config.CreateMapper();
            applicationFunctionGuid = Guid.NewGuid();

            mockedApplicationFunction      = new ApplicationFunctionModel();
            mockedApplicationFunction.Name = "Test applicationFunction";
            mockedApplicationFunction.Id   = applicationFunctionGuid;
        }
Exemple #7
0
 private void DetectAndUnassignPermissionsRemovedFromFunctions(ApplicationFunctionModel applicationFunction, SecurityContractFunction functionResource)
 {
     // Remove any permissions from the application function that are not within the updated definition.
     // Note! We are deleting items from the List so we cannot use a foreach.
     for (int i = applicationFunction.ApplicationFunctionPermissions.Count - 1; i >= 0; i--)
     {
         logger.Debug($"Checking whether permission: {applicationFunction.ApplicationFunctionPermissions[i].Permission.Name} should unassigned from function '" + applicationFunction.Name + "'.");
         if (!functionResource.Permissions.Exists(fp => fp.Name == applicationFunction.ApplicationFunctionPermissions[i].Permission.Name))
         {
             logger.Debug($"Permission: {applicationFunction.ApplicationFunctionPermissions[i].Permission.Name} is being unassigned from function {applicationFunction.Name}!");
             // Note: This only removes the function permissions association. The permission will still exist.
             applicationFunction.ApplicationFunctionPermissions.Remove(applicationFunction.ApplicationFunctionPermissions[i]);
         }
     }
 }
Exemple #8
0
        private ApplicationFunctionModel CreateNewFunctionFromResourceServerFunction(SecurityContractFunction functionResource, Guid updatedByGuid)
        {
            ApplicationFunctionModel newFunction = new ApplicationFunctionModel
            {
                Name        = functionResource.Name,
                Description = functionResource.Description,
                ChangedBy   = updatedByGuid
            };

            newFunction.ApplicationFunctionPermissions = new List <ApplicationFunctionPermissionModel>();

            if (functionResource.Permissions != null)
            {
                foreach (var permission in functionResource.Permissions)
                {
                    AddResourcePermissionToFunction(newFunction, permission);
                }
            }

            return(newFunction);
        }
        private ApplicationFunctionModel CreateNewApplicationFunctionFromSecurityContractApplicationFunction(SecurityContractFunction functionResource, Guid updatedByGuid, string applicationName, bool dryRun, SecurityContractDryRunResult securityContractDryRunResult)
        {
            logger.Debug($"[applications.fullname: '{applicationName}'].[applicationFunctions.name: '{functionResource.Name}']: Adding function '{functionResource.Name}' to application '{applicationName}'.");
            ApplicationFunctionModel newFunction = new ApplicationFunctionModel
            {
                Name        = functionResource.Name,
                Description = functionResource.Description,
                ChangedBy   = updatedByGuid
            };

            newFunction.ApplicationFunctionPermissions = new List <ApplicationFunctionPermissionModel>();

            if (functionResource.Permissions != null)
            {
                foreach (var permission in functionResource.Permissions)
                {
                    AddSecurityContractPermissionToApplicationFunctionAndUpdatePermissionIfChanged(newFunction, permission, updatedByGuid, applicationName, dryRun, securityContractDryRunResult);
                }
            }

            return(newFunction);
        }
        public SecurityContractApplicationService_Tests()
        {
            //set up some Guids.
            applicationGuid = Guid.NewGuid();
            permissionGuid1 = Guid.NewGuid();
            permissionGuid2 = Guid.NewGuid();
            permissionGuid3 = Guid.NewGuid();
            functionGuid1   = Guid.NewGuid();
            functionGuid2   = Guid.NewGuid();


            // Set up an application mock
            mockedApplication = new ApplicationModel();

            mockedApplication.Name = "Mocked Application Name";
            mockedApplication.Id   = applicationGuid;

            // Set up some permissions to assign to mocked functions
            PermissionModel permissionTest1 = new PermissionModel
            {
                Id   = permissionGuid1,
                Name = "Permissions 1"
            };

            PermissionModel permissionTest2 = new PermissionModel
            {
                Id   = permissionGuid2,
                Name = "Permissions 2"
            };

            PermissionModel permissionTest3 = new PermissionModel
            {
                Id   = permissionGuid3,
                Name = "Permissions 3"
            };

            // Define function 1 and add permission 1 to it.
            ApplicationFunctionModel applicationFunction1 = new ApplicationFunctionModel();

            applicationFunction1.Id          = functionGuid1;
            applicationFunction1.Name        = "Function 1";
            applicationFunction1.Description = "Function 1 Description";

            applicationFunction1.ApplicationFunctionPermissions = new List <ApplicationFunctionPermissionModel>
            {
                new ApplicationFunctionPermissionModel
                {
                    ApplicationFunction = applicationFunction1,
                    Permission          = permissionTest1
                }
            };

            // Define function 2 and add permissions 2 and 3 to it.
            ApplicationFunctionModel applicationFunction2 = new ApplicationFunctionModel();

            applicationFunction2.Id          = functionGuid2;
            applicationFunction2.Name        = "Function 2";
            applicationFunction2.Description = "Function 2 Description";
            applicationFunction2.ApplicationFunctionPermissions = new List <ApplicationFunctionPermissionModel>
            {
                new ApplicationFunctionPermissionModel
                {
                    ApplicationFunction = applicationFunction2,
                    Permission          = permissionTest2
                },
                new ApplicationFunctionPermissionModel
                {
                    ApplicationFunction = applicationFunction2,
                    Permission          = permissionTest3
                }
            };

            mockedApplication.ApplicationFunctions = new List <ApplicationFunctionModel>
            {
                applicationFunction1,
                applicationFunction2
            };
        }
Exemple #11
0
 public async Task DeleteAsync(ApplicationFunctionModel applicationFunction)
 {
     a3SContext.ApplicationFunction.Remove(applicationFunction);
     await a3SContext.SaveChangesAsync();
 }
        private void AssignExistingPermissionToApplicationFunction(PermissionModel existingPermission, string applicationName, ApplicationFunctionModel applicationFunction, SecurityContractPermission permission, bool dryRun, SecurityContractDryRunResult securityContractDryRunResult, Guid updatedByGuid)
        {
            if (ExistingPermissionIsAssignedToAnotherApplication(existingPermission, applicationName))
            {
                var errorMessage = $"[applications.fullname: '{applicationName}'].[applicationFunctions.name: '{applicationFunction.Name}'].[permissions.name: '{permission.Name}']: Permission name exists, but is not assigned to application '{applicationName}'. Cannot assign it to application '{applicationName}', as permissions can only be assigned to a single application";
                if (dryRun)
                {
                    securityContractDryRunResult.ValidationErrors.Add(errorMessage);
                    return;
                }

                throw new ItemNotProcessableException(errorMessage);
            }

            logger.Debug($"[applications.fullname: '{applicationName}'].[applicationFunctions.name: '{applicationFunction.Name}'].[permissions.name: '{permission.Name}']: Permission '{permission.Name}' already assigned to application '{applicationName}'. Updating it.");
            var applicationFunctionPermission = applicationFunction.ApplicationFunctionPermissions.Find(fp => fp.Permission.Name == permission.Name);

            // This check will be true if the permission was assigned to another function attached to the same application. Prevent this!
            if (applicationFunctionPermission == null)
            {
                var errorMessage = $"[applications.fullname: '{applicationName}'].[applicationFunctions.name: '{applicationFunction.Name}'].[permissions.name: '{permission.Name}']: Permission '{permission.Name}' already assigned to another application function within application '{applicationName}'. This is prohibited.";
                if (dryRun)
                {
                    securityContractDryRunResult.ValidationErrors.Add(errorMessage);
                    return;
                }

                throw new ItemNotProcessableException(errorMessage);
            }

            // Still check if the permission is to be updated.
            if (applicationFunctionPermission.Permission.Description != permission.Description)
            {
                applicationFunctionPermission.Permission.Description = permission.Description;
                applicationFunctionPermission.Permission.ChangedBy   = updatedByGuid;
            }
        }
        private void AssignNewPermissionToApplicationFunction(string applicationName, ApplicationFunctionModel applicationFunction, SecurityContractPermission permission, Guid updatedByGuid)
        {
            logger.Debug($"[applications.fullname: '{applicationName}'].[applicationFunctions.name: '{applicationFunction.Name}'].[permissions.name: '{permission.Name}']: Permission '{permission.Name}' does not exist in A3S. Adding it.");

            applicationFunction.ApplicationFunctionPermissions.Add(new ApplicationFunctionPermissionModel
            {
                ApplicationFunction = applicationFunction,
                Permission          = new PermissionModel
                {
                    Name        = permission.Name,
                    Description = permission.Description,
                    ChangedBy   = updatedByGuid
                },
                ChangedBy = updatedByGuid
            });
        }
        private void AddSecurityContractPermissionToApplicationFunctionAndUpdatePermissionIfChanged(ApplicationFunctionModel applicationFunction, SecurityContractPermission permission, Guid updatedByGuid, string applicationName, bool dryRun, SecurityContractDryRunResult securityContractDryRunResult)
        {
            logger.Debug($"[applications.fullname: '{applicationName}'].[applicationFunctions.name: '{applicationFunction.Name}'].[permissions.name: '{permission.Name}']: Attempting to assign permission '{permission.Name}' to function: {applicationFunction.Name}.");
            // Check if there is an existing permission within the database. Add this one if found, but only if it is assigned to the current application, else create a new one and add it.
            var existingPermission = permissionRepository.GetByName(permission.Name, true);

            if (existingPermission != null)
            {
                AssignExistingPermissionToApplicationFunction(existingPermission, applicationName, applicationFunction, permission, dryRun, securityContractDryRunResult, updatedByGuid);
            }
            else
            {
                AssignNewPermissionToApplicationFunction(applicationName, applicationFunction, permission, updatedByGuid);
            }
        }