/// <summary> /// Assign permissions to a user. /// </summary> /// <param name="id">The ID of the user to assign permissions to.</param> /// <param name="request">A <see cref="AssignPermissionsRequest" /> containing the permission identifiers to assign to the user.</param> /// <returns>A <see cref="Task"/> that represents the asynchronous assignment operation.</returns> public Task AssignPermissionsAsync(string id, AssignPermissionsRequest request) { return(Connection.PostAsync <object>("users/{id}/permissions", request, null, null, new Dictionary <string, string> { { "id", id }, }, null, null)); }
/// <summary> /// Remove permissions assigned to a role. /// </summary> /// <param name="id">The ID of the role to remove permissions from.</param> /// <param name="request">A <see cref="AssignPermissionsRequest" /> containing the permission identifiers to remove from the role.</param> /// <returns>A <see cref="Task"/> that represents the asynchronous remove operation.</returns> public Task RemovePermissionsAsync(string id, AssignPermissionsRequest request) { return(Connection.DeleteAsync <object>("roles/{id}/permissions", request, new Dictionary <string, string> { { "id", id }, }, null)); }
public async Task Test_permissions_can_be_retrieved() { var newRoleRequest = new RoleCreateRequest { Name = $"{Guid.NewGuid():N}role", Description = $"{Guid.NewGuid():N}description", }; var role = await _apiClient.Roles.CreateAsync(newRoleRequest); var assignPermissionsRequest = new AssignPermissionsRequest { Permissions = new List <PermissionIdentity> { new PermissionIdentity { Name = "dotnet:testing", Identifier = "dotnet-testing", } } }; await _apiClient.Roles.AssignPermissionsAsync(role.Id, assignPermissionsRequest); var userPermissions = await _apiClient.Roles.GetPermissionsAsync(role.Id, new PaginationInfo(0, 50, true)); Assert.Equal(1, userPermissions.Count); await _apiClient.Roles.RemovePermissionsAsync(role.Id, assignPermissionsRequest); await _apiClient.Roles.DeleteAsync(role.Id); }
public async Task Test_roles_assign_unassign_permission_to_role() { // Add a new role var newRoleRequest = new RoleCreateRequest { Name = $"{Guid.NewGuid():N}role", Description = $"{Guid.NewGuid():N}description", }; var role = await _apiClient.Roles.CreateAsync(newRoleRequest); role.Should().NotBeNull(); role.Name.Should().Be(newRoleRequest.Name); role.Description.Should().Be(newRoleRequest.Description); // Get a resource server var resourceServer = await _apiClient.ResourceServers.GetAsync("5cccc711773967081270a036"); var originalScopes = resourceServer.Scopes.ToList(); // Create a permission/scope var newScope = new ResourceServerScope { Value = $"{Guid.NewGuid():N}scope", Description = "Integration test" }; // Update resource server with new scope resourceServer = await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes.Concat(new[] { newScope }).ToList(), }); // Associate a permission with the role var assignPermissionsRequest = new AssignPermissionsRequest() { Permissions = new[] { new PermissionIdentity { Identifier = resourceServer.Identifier, Name = newScope.Value } } }; await _apiClient.Roles.AssignPermissionsAsync(role.Id, assignPermissionsRequest); // Ensure the permission is associated with the role var associatedPermissions = await _apiClient.Roles.GetPermissionsAsync(role.Id, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(1); associatedPermissions.First().Identifier.Should().Be(resourceServer.Identifier); associatedPermissions.First().Name.Should().Be(newScope.Value); // Unassociate a permission with the role await _apiClient.Roles.RemovePermissionsAsync(role.Id, assignPermissionsRequest); // Ensure the permission is unassociated with the role associatedPermissions = await _apiClient.Roles.GetPermissionsAsync(role.Id, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(0); // Clean Up - Remove the permission from the resource server resourceServer = await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes }); // Clean Up - Remove the role await _apiClient.Roles.DeleteAsync(role.Id); }
/// <summary> /// Removes permissions assigned to a user. /// </summary> /// <param name="id">The ID of the user to remove permissions from.</param> /// <param name="request">A <see cref="AssignPermissionsRequest" /> containing the permission identifiers to remove from the user.</param> /// <returns>A <see cref="Task"/> that represents the asynchronous remove operation.</returns> public Task RemovePermissionsAsync(string id, AssignPermissionsRequest request) { return(Connection.SendAsync <object>(HttpMethod.Delete, BuildUri($"users/{EncodePath(id)}/permissions"), request, DefaultHeaders)); }
public async Task Test_roles_assign_unassign_permission_to_user() { var userCreateRequest = new UserCreateRequest { Connection = _connection.Name, Email = $"{Guid.NewGuid():N}@nonexistingdomain.aaa", EmailVerified = true, Password = Password }; var user = await _apiClient.Users.CreateAsync(userCreateRequest); // Get a resource server var resourceServer = await _apiClient.ResourceServers.GetAsync("5cccc711773967081270a036"); var originalScopes = resourceServer.Scopes.ToList(); // Create a permission/scope var newScope = new ResourceServerScope { Value = $"{Guid.NewGuid():N}scope", Description = "Integration test" }; // Update resource server with new scope resourceServer = await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes.Concat(new[] { newScope }).ToList(), }); // Associate a permission with the user var assignPermissionsRequest = new AssignPermissionsRequest() { Permissions = new[] { new PermissionIdentity { Identifier = resourceServer.Identifier, Name = newScope.Value } } }; await _apiClient.Users.AssignPermissionsAsync(user.UserId, assignPermissionsRequest); // Ensure the permission is associated with the user var associatedPermissions = await _apiClient.Users.GetPermissionsAsync(user.UserId, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(1); associatedPermissions.First().Identifier.Should().Be(resourceServer.Identifier); associatedPermissions.First().Name.Should().Be(newScope.Value); // Unassociate a permission with the user await _apiClient.Users.RemovePermissionsAsync(user.UserId, assignPermissionsRequest); // Ensure the permission is unassociated with the user associatedPermissions = await _apiClient.Users.GetPermissionsAsync(user.UserId, new PaginationInfo()); associatedPermissions.Should().NotBeNull(); associatedPermissions.Should().HaveCount(0); // Clean Up - Remove the permission from the resource server await _apiClient.ResourceServers.UpdateAsync(resourceServer.Id, new ResourceServerUpdateRequest { Scopes = originalScopes }); // Clean Up - Remove the user await _apiClient.Users.DeleteAsync(user.UserId); }
/// <summary> /// Assign permissions to a user. /// </summary> /// <param name="id">The ID of the user to assign permissions to.</param> /// <param name="request">A <see cref="AssignPermissionsRequest" /> containing the permission identifiers to assign to the user.</param> /// <returns>A <see cref="Task"/> that represents the asynchronous assignment operation.</returns> public Task AssignPermissionsAsync(string id, AssignPermissionsRequest request) { return(Connection.SendAsync <object>(HttpMethod.Post, BuildUri($"users/{id}/permissions"), request, DefaultHeaders)); }