/// <summary> /// Saves the authentication claim. /// </summary> /// <param name="authClaimId">The authentication claim identifier.</param> private void SaveAuthClaim(int authClaimId) { var isNew = authClaimId.Equals(0); var authScopeId = AuthScopeId; if (authScopeId == null) { DisplayErrorMessage("The auth scope id is required to create a auth claim."); return; } var authClaim = new AuthClaim(); var editAllowed = authClaim.IsAuthorized(Authorization.EDIT, CurrentPerson); if (!editAllowed) { DisplayErrorMessage("The current user is not authorized to make changes."); return; } using (var rockContext = new RockContext()) { var authClaimService = new AuthClaimService(rockContext); if (isNew) { authClaim.ScopeId = authScopeId.Value; authClaimService.Add(authClaim); } else { authClaim = authClaimService.Get(authClaimId); } if (authClaim == null) { DisplayErrorMessage("The Auth Claim with the specified Id was found."); return; } if (!authClaim.IsSystem) { authClaim.Name = tbClaimName.Text; authClaim.Value = tbClaimValue.Text; authClaim.IsActive = cbClaimActive.Checked; } authClaim.PublicName = tbClaimPublicName.Text; rockContext.SaveChanges(); } dlgClaimDetails.Hide(); BindGrid(); }
/// <summary> /// Binds the grid. /// </summary> private void BindGrid() { var authScopeId = AuthScopeId; if (authScopeId == null) { return; } using (var rockContext = new RockContext()) { var authClaimService = new AuthClaimService(rockContext); var authClaimQuery = authClaimService .Queryable() .AsNoTracking() .Where(ac => ac.ScopeId == authScopeId); if (tbName.Text.IsNotNullOrWhiteSpace()) { authClaimQuery = authClaimQuery.Where(s => s.Name.Contains(tbName.Text)); } if (tbPublicName.Text.IsNotNullOrWhiteSpace()) { authClaimQuery = authClaimQuery.Where(s => s.PublicName.Contains(tbPublicName.Text)); } if (ddlActiveFilter.SelectedIndex > -1) { switch (ddlActiveFilter.SelectedValue) { case "active": authClaimQuery = authClaimQuery.Where(s => s.IsActive); break; case "inactive": authClaimQuery = authClaimQuery.Where(s => !s.IsActive); break; } } // Sort var sortProperty = gAuthClaims.SortProperty; if (sortProperty == null) { sortProperty = new SortProperty(new GridViewSortEventArgs("Name", SortDirection.Ascending)); } authClaimQuery = authClaimQuery.Sort(sortProperty); gAuthClaims.SetLinqDataSource(authClaimQuery); gAuthClaims.DataBind(); } }
/// <summary> /// Shows the detail. /// </summary> /// <param name="authClaimId">The authentication claim identifier.</param> public void ShowDetail(int authClaimId) { AuthClaim authClaim = null; var isNew = authClaimId.Equals(0); if (!isNew) { dlgClaimDetails.Title = ActionTitle.Edit("Claim").FormatAsHtmlTitle(); using (var rockContext = new RockContext()) { authClaim = new AuthClaimService(rockContext).Get(authClaimId); } } else { dlgClaimDetails.Title = ActionTitle.Add("Claim").FormatAsHtmlTitle(); } if (authClaim == null) { if (!isNew) { DisplayErrorMessage("The Auth Claim with the specified Id was found."); return; } authClaim = new AuthClaim { Id = 0, IsActive = true }; } hfAuthClaimId.Value = authClaim.Id.ToString(); tbClaimName.Text = authClaim.Name; tbClaimPublicName.Text = authClaim.PublicName; tbClaimValue.Text = authClaim.Value; cbClaimActive.Checked = authClaim.IsActive; nbEditModeMessage.Text = string.Empty; if (authClaim.IsSystem) { tbClaimName.Enabled = false; tbClaimValue.Visible = false; cbClaimActive.Enabled = false; nbEditModeMessage.Text = EditModeMessage.System(Rock.Model.AuthClaim.FriendlyTypeName); } dlgClaimDetails.Show(); }
/// <summary> /// Gets the active claims. /// </summary> /// <param name="rockContext">The rock context.</param> /// <returns></returns> private IEnumerable <ClaimsModel> GetActiveClaims(RockContext rockContext) { var authClaimService = new AuthClaimService(rockContext); return(authClaimService .Queryable() .AsNoTracking() .Where(ac => ac.IsActive) .Where(ac => ac.Scope.IsActive) .Select(ac => new ClaimsModel { ClaimName = ac.Name, ClaimPublicName = ac.PublicName, ScopeName = ac.Scope.Name, ScopePublicName = ac.Scope.PublicName }) .OrderBy(ac => ac.ScopePublicName) .ThenBy(ac => ac.ClaimName)); }
/// <summary> /// Handles the Delete event of the gUserLogins control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param> protected void gAuthClaims_Delete(object sender, RowEventArgs e) { bool canEdit = IsUserAuthorized(Authorization.EDIT); if (canEdit) { using (var rockContext = new RockContext()) { var authClaimService = new AuthClaimService(rockContext); var authClaim = authClaimService.Get(e.RowKeyId); if (authClaim != null) { authClaimService.Delete(authClaim); rockContext.SaveChanges(); } } } BindGrid(); }
/// <summary> /// Gets the requested scopes. /// </summary> /// <returns></returns> private List <string> GetRequestedScopes() { var scopes = new List <string> { "Authorization" }; var owinContext = Context.GetOwinContext(); var request = owinContext.GetOpenIdConnectRequest(); var requestedScopes = request.GetScopes(); var rockContext = new RockContext(); var authClientService = new AuthClientService(rockContext); var clientAllowedClaims = authClientService .Queryable() .Where(ac => ac.ClientId == request.ClientId) .Select(ac => ac.AllowedClaims).FirstOrDefault(); var parsedAllowedClientClaims = clientAllowedClaims.FromJsonOrNull <List <string> >(); if (parsedAllowedClientClaims == null) { return(new List <string>()); } var authClaimService = new AuthClaimService(rockContext); var activeAllowedClientClaims = authClaimService .Queryable() .Where(ac => parsedAllowedClientClaims.Contains(ac.Name)) .Where(ac => ac.IsActive) .Where(ac => requestedScopes.Contains(ac.Scope.Name)) .Select(ac => new { Scope = ac.Scope.PublicName, Claim = ac.PublicName }) .GroupBy(ac => ac.Scope, ac => ac.Claim) .ToList() .Select(ac => new { Scope = ac.Key, Claims = string.Join(", ", ac.ToArray()) }); scopes.AddRange(activeAllowedClientClaims.Select(ac => ac.Scope == ac.Claims ? ac.Scope : ac.Scope + " (" + ac.Claims + ")")); return(scopes); //return scopeString.SplitDelimitedValues().ToList(); }