public async Task CreateRoleAsync_Should_Return_CreatedAtRouteResult_With_GetRoleResponse()
{
var createRoleRequest = new CreateRoleRequest {
Name = DefaultRoleEnumeration.Administrator.DisplayName
};
var createRoleCommand = new CreateRoleCommand(Guid.NewGuid(), createRoleRequest.Name);
var roleOutputQuery = new RoleOutputQuery(createRoleCommand.RoleId, Array.Empty <byte>(), createRoleCommand.Name);
var getRoleResponse = new GetRoleResponse(roleOutputQuery.Id, roleOutputQuery.RowVersion, roleOutputQuery.Name);
_mapperMock.Setup(x => x.Map <CreateRoleRequest, CreateRoleCommand>(It.IsAny <CreateRoleRequest>())).Returns(createRoleCommand);
_communicationBusMock.Setup(x => x.SendCommandAsync(It.IsAny <CreateRoleCommand>(), It.IsAny <CancellationToken>()))
.Returns(Task.CompletedTask);
_getRoleQueryHandlerMock
.Setup(x => x.HandleAsync(It.IsAny <GetRoleInputQuery>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(roleOutputQuery);
_mapperMock.Setup(x => x.Map <RoleOutputQuery, GetRoleResponse>(It.IsAny <RoleOutputQuery>())).Returns(getRoleResponse);
var result = await _controller.CreateRoleAsync(createRoleRequest);
var createdAtRouteResult = result.As <CreatedAtRouteResult>();
createdAtRouteResult.Value.Should().BeEquivalentTo(getRoleResponse);
createdAtRouteResult.RouteName.Should().BeEquivalentTo("GetRole");
createdAtRouteResult.RouteValues.Should().BeEquivalentTo(new Microsoft.AspNetCore.Routing.RouteValueDictionary(new { id = roleOutputQuery.Id }));
}
private static void CreateRole(String RoleName, String PolicyDocumentFile, String Path = null)
{
if (String.IsNullOrEmpty(Token))
{
stsClient = new AmazonIdentityManagementServiceClient(AccessKeyId, SecretKey, iamconfig);
}
else
{
stsClient = new AmazonIdentityManagementServiceClient(AccessKeyId, SecretKey, Token, iamconfig);
}
CreateRoleRequest Req = new CreateRoleRequest();
if (File.Exists(PolicyDocumentFile))
{
String policy = File.ReadAllText(PolicyDocumentFile);
Req.RoleName = RoleName;
Req.AssumeRolePolicyDocument = policy;
if (!string.IsNullOrEmpty(Path))
{
Req.Path = Path;
}
CreateRoleResponse Response = stsClient.CreateRole(Req);
Console.WriteLine("Role created successfully");
}
else
{
Console.WriteLine("Assertion file missing");
}
}
public static Role CreateRole(string name, string projectId, string title,
string description, IList <string> permissions, string stage)
{
var credential = GoogleCredential.GetApplicationDefault()
.CreateScoped(IamService.Scope.CloudPlatform);
var service = new IamService(new IamService.Initializer
{
HttpClientInitializer = credential
});
var role = new Role
{
Title = title,
Description = description,
IncludedPermissions = permissions,
Stage = stage
};
var request = new CreateRoleRequest
{
Role = role,
RoleId = name
};
role = service.Projects.Roles.Create(request,
"projects/" + projectId).Execute();
Console.WriteLine("Created role: " + role.Name);
return(role);
}
public async Task<ActionResult<Role>> PostRole(
[FromBody] CreateRoleRequest request)
{
if (await appsService.IsRequestValidOnThisLicense(
request.AppId,
request.License,
request.RequestorId))
{
var result = await rolesService
.CreateRole(request.Name, request.RoleLevel);
if (result.Success)
{
result.Message = ControllerMessages.StatusCode201(result.Message);
return StatusCode((int)HttpStatusCode.Created, result);
}
else
{
result.Message = ControllerMessages.StatusCode404(result.Message);
return NotFound(result);
}
}
else
{
return BadRequest(ControllerMessages.InvalidLicenseRequestMessage);
}
}
virtual public string PrepMode_CreateRole(AmazonIdentityManagementServiceClient iamClient, string roleName,
string policyText, string trustRelationshipText)
{
var roleArn = String.Empty;
// Use the CreateRoleRequest object to define the role. The AssumeRolePolicyDocument property should be
// set to the value of the trustRelationshipText parameter.
var createRoleRequest = new CreateRoleRequest
{
AssumeRolePolicyDocument = trustRelationshipText,
RoleName = roleName
};
roleArn = iamClient.CreateRole(createRoleRequest).Role.Arn;
// Use the PutRolePolicyRequest object to define the request. Select whatever policy name you would like.
// The PolicyDocument property is there the policy is described.
var putRolePolicyRequest = new PutRolePolicyRequest
{
RoleName = roleName,
PolicyName = String.Format("{0}_policy", roleName),
PolicyDocument = policyText
};
iamClient.PutRolePolicy(putRolePolicyRequest);
return(roleArn);
}
public CreateRoleRequestBuilder(string name)
{
_request = new CreateRoleRequest
{
Name = name
};
}
public async Task <IActionResult> PostRole([FromBody] CreateRoleRequest request,
CancellationToken cancellationToken)
{
CreateRoleResponse result = await this.Manager.CreateRole(request, cancellationToken);
return(this.Ok(result));
}
public async Task <IActionResult> CreateRoleAsync([FromForm] CreateRoleRequest request)
{
if (ModelState.IsValid)
{
IdentityRole identityRole = new IdentityRole()
{
Name = request.RoleName
};
IdentityResult result = await _roleManager.CreateAsync(identityRole);
if (result.Succeeded)
{
return(Ok());
}
}
ErrorResponse response = new ErrorResponse
{
Error = new Error
{
Code = "400",
Message = "An error has occured"
}
};
return(BadRequest(response));
}
/// <summary>
/// Creates the role.
/// </summary>
/// <param name="createRoleRequest">The create role request.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns></returns>
public async Task <CreateRoleResponse> CreateRole(CreateRoleRequest createRoleRequest,
CancellationToken cancellationToken)
{
CreateRoleResponse response = null;
String requestUri = this.BuildRequestUrl("/api/roles");
try
{
String requestSerialised = JsonConvert.SerializeObject(createRoleRequest);
StringContent httpContent = new StringContent(requestSerialised, Encoding.UTF8, "application/json");
// Add the access token to the client headers
//this.HttpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
// Make the Http Call here
HttpResponseMessage httpResponse = await this.HttpClient.PostAsync(requestUri, httpContent, cancellationToken);
// Process the response
String content = await this.HandleResponse(httpResponse, cancellationToken);
// call was successful so now deserialise the body to the response object
response = JsonConvert.DeserializeObject <CreateRoleResponse>(content);
}
catch (Exception ex)
{
// An exception has occurred, add some additional information to the message
Exception exception = new Exception($"Error creating role {createRoleRequest.RoleName}.", ex);
throw exception;
}
return(response);
}
private async static Task CreateRole(RoleServiceDefinition.RoleServiceDefinitionClient roleClient)
{
var input = new CreateRoleRequest {
Name = "Deleter"
};
var reply = await roleClient.CreateRoleAsync(input);
}
public DbRole Map(CreateRoleRequest request)
{
if (request == null)
{
return(null);
}
var roleId = Guid.NewGuid();
var createdAtUtc = DateTime.UtcNow;
var creatorId = _httpContextAccessor.HttpContext.GetUserId();
return(new DbRole
{
Id = roleId,
CreatedBy = creatorId,
CreatedAtUtc = createdAtUtc,
IsActive = true,
RoleLocalizations = request.Localizations.Select(rl => _localizationMapper.Map(rl, roleId)).ToList(),
RoleRights = request.Rights?.Select(x => new DbRoleRight
{
Id = Guid.NewGuid(),
RoleId = roleId,
CreatedBy = creatorId,
CreatedAtUtc = createdAtUtc,
RightId = x,
}).ToList()
});
}
public CreateRoleResponse CreateRole(CreateRoleRequest request)
{
CreateRoleResponse response = new CreateRoleResponse();
Role role = new Role();
role.RoleName = request.RoleName;
role.Description = request.Description;
role.Permissions = request.Permissions.ConvertToPermissions();
role.Users = request.Users.ConvertToUsers();
if (role.GetBrokenRules().Count() > 0)
{
response.Errors = role.GetBrokenRules().ToList();
}
else
{
try {
_roleRepository.Add(role);
_uow.Commit();
response.Errors = new List <BusinessRule>();
} catch (Exception ex)
{
List <BusinessRule> errors = new List <BusinessRule>();
do
{
errors.Add(new BusinessRule("DAL", "DAL_ERROR: " + ex.Message));
ex = ex.InnerException;
} while (ex != null);
response.Errors = errors;
}
}
return(response);
}
public CreateRoleResponse CreateRole(CreateRoleRequest request)
{
IRoleService roleService = IoC.Container.Resolve <IRoleService>();
CreateRoleResponse role = roleService.Create(request);
return(role);
}
/// <summary> Creates a new role. </summary>
public async Task <Role> CreateRole(string name, ServerPermissions?permissions = null, Color color = null, bool isHoisted = false, bool isMentionable = false)
{
if (name == null)
{
throw new ArgumentNullException(nameof(name));
}
var createRequest = new CreateRoleRequest(Id);
var createResponse = await Client.ClientAPI.Send(createRequest).ConfigureAwait(false);
var role = AddRole(createResponse.Id);
role.Update(createResponse, false);
var editRequest = new UpdateRoleRequest(role.Server.Id, role.Id)
{
Name = name,
Permissions = (permissions ?? role.Permissions).RawValue,
Color = (color ?? Color.Default).RawValue,
IsHoisted = isHoisted,
IsMentionable = isMentionable
};
var editResponse = await Client.ClientAPI.Send(editRequest).ConfigureAwait(false);
role.Update(editResponse, true);
return(role);
}
/// <summary>
/// Create the role if it's not there already.
/// Return true if it already existed.
/// </summary>
/// <returns></returns>
private static async Task <bool> ValidateAndSetIamRoleArn(AmazonIdentityManagementServiceClient iamClient)
{
var getRoleRequest = new GetRoleRequest
{
RoleName = ExecutionRoleName
};
try
{
ExecutionRoleArn = (await iamClient.GetRoleAsync(getRoleRequest)).Role.Arn;
return(true);
}
catch (NoSuchEntityException)
{
// create the role
var createRoleRequest = new CreateRoleRequest
{
RoleName = ExecutionRoleName,
Description = "Test role for CustomRuntimeTests.",
AssumeRolePolicyDocument = LAMBDA_ASSUME_ROLE_POLICY
};
ExecutionRoleArn = (await iamClient.CreateRoleAsync(createRoleRequest)).Role.Arn;
// Wait for role to propagate.
await Task.Delay(10000);
return(false);
}
}
public async Task <ApiResult <bool> > CreateRole(CreateRoleRequest request)
{
var role = await _roleManager.FindByNameAsync(request.Name);
if (role != null)
{
return(new ApiErrorResult <bool>("Quyền đã tồn tại"));
}
role = new AppRole()
{
Name = request.Name,
Description = request.Description,
DateCreate = DateTime.UtcNow.AddHours(7),
DateUpdate = DateTime.UtcNow.AddHours(7)
};
var result = await _roleManager.CreateAsync(role);
if (result.Succeeded)
{
return(new ApiSuccessResult <bool>("Tạo thành công"));
}
else
{
return(new ApiErrorResult <bool>("Tạo không thành công"));
}
}
public async override Task <RoleDto> Handle(CreateRoleCommand command, CancellationToken cancellationToken = default)
{
using var client = _awsClientFactory.Create <AmazonIdentityManagementServiceClient>(command.AssumeProfile);
var request = new CreateRoleRequest()
{
RoleName = command.RoleName,
AssumeRolePolicyDocument = command.PolicyDocument,
Description = command.Description,
Tags = command.Tags?.Select(tag => new Tag()
{
Key = tag.Key, Value = tag.Value
}).ToList()
};
RoleDto result;
try
{
result = _mapper.Map <Amazon.IdentityManagement.Model.Role, RoleDto>((await client.CreateRoleAsync(request, cancellationToken)).Role);
}
catch (AmazonServiceException e)
{
throw new Exception(e.Message, e);
}
return(result);
}
private void Validate(CreateRoleRequest request)
{
Role role = new Role(request.Name, request.Description, null);
IRoleRepository roleRepo = IoC.Container.Resolve <IRoleRepository>();
ValidationForCreating(role, roleRepo);
}
public JObject FunctionHandler(JObject input)
{
JObject createAccountResponseObject = JObject.FromObject(input.SelectToken("CreateAccountResponse"));
string accountId = createAccountResponseObject.SelectToken("CreateAccountStatus.AccountId").ToString();
var credentials = AssumeIdentity.AssumeRole(accountId).Credentials;
string accessKey = credentials.AccessKeyId;
string secretkey = credentials.SecretAccessKey;
string sessionToken = credentials.SessionToken;
AmazonIdentityManagementServiceClient client = new AmazonIdentityManagementServiceClient(accessKey, secretkey, sessionToken);
CreateRoleRequest request = new CreateRoleRequest()
{
RoleName = input.SelectToken("EventData.roleName").ToString(),
MaxSessionDuration = 43200,
AssumeRolePolicyDocument = "{ \"Version\": \"2012-10-17\", \"Statement\": { \"Effect\": \"Allow\", \"Action\": \"sts:AssumeRoleWithSAML\", \"Principal\": {\"Federated\": \"arn:aws:iam::" + accountId + ":saml-provider/ADFS\"}, \"Condition\": {\"StringEquals\": {\"SAML:aud\": \"https://signin.aws.amazon.com/saml\"}} } }"
};
CreateRoleResponse response = client.CreateRoleAsync(request).Result;
JObject outputObject = new JObject();
outputObject.Add("CreateAccountResponse", createAccountResponseObject);
outputObject.Add("CreateRoleResponse", JObject.FromObject(response));
outputObject.Add("EventData", input.SelectToken("EventData"));
return(outputObject);
}
public static void DetachRolePolicy()
{
var client = new AmazonIdentityManagementServiceClient();
string policy = GenerateRolePolicyDocument();
CreateRoleRequest roleRequest = new CreateRoleRequest()
{
RoleName = "tester",
AssumeRolePolicyDocument = policy
};
var request = new DetachRolePolicyRequest()
{
PolicyArn = "arn:aws:iam::123456789:policy/DemoEC2Permissions",
RoleName = "tester"
};
try
{
var response = client.DetachRolePolicy(request);
Console.WriteLine("Policy DemoEC2Permissions detached from Role 'tester'");
}
catch (NoSuchEntityException e)
{
Console.WriteLine
(e.Message);
}
catch (InvalidInputException i)
{
Console.WriteLine
(i.Message);
}
}
public async Task <OperationResultResponse <Guid> > ExecuteAsync(CreateRoleRequest request)
{
if (!await _accessValidator.IsAdminAsync())
{
return(_responseCreator.CreateFailureResponse <Guid>(HttpStatusCode.Forbidden));
}
ValidationResult validationResult = await _validator.ValidateAsync(request);
if (!validationResult.IsValid)
{
return(_responseCreator.CreateFailureResponse <Guid>(
HttpStatusCode.BadRequest,
validationResult.Errors.Select(validationFailure => validationFailure.ErrorMessage).ToList()));
}
OperationResultResponse <Guid> response = new();
response.Body = await _roleRepository.CreateAsync(_mapper.Map(request));
_httpContextAccessor.HttpContext.Response.StatusCode = (int)HttpStatusCode.Created;
await UpdateCacheAsync(request.Rights, response.Body);
return(response);
}
public async Task <IActionResult> Create([FromBody] CreateRoleRequest createRoleRequest)
{
IdentityRole identityRole = new IdentityRole(roleName: createRoleRequest.Role);
var result = await _roleManager.CreateAsync(identityRole);
return(Ok(result));
}
public Role CreateCustomRole(IamService service)
{
var role = new Role
{
Title = "C# Test Custom Role",
Description = "Role for AccessTest",
IncludedPermissions = new List <string> {
"iam.roles.get"
},
Stage = "GA"
};
var request = new CreateRoleRequest
{
Role = role,
RoleId = "csharpTestCustomRole" + new Random().Next()
};
try
{
return(service.Projects.Roles.Create(request, "projects/" + _project).Execute());
}
catch (GoogleApiException ex) when(ex.HttpStatusCode == HttpStatusCode.TooManyRequests && ex.Error.Message.Contains("Maximum number of roles reached"))
{
Skip.If(true, "Maximum number of roles reached.");
throw; // We should never throw here (Skip throws), but we need to make the compiler happy.
}
}
public CreateRoleModel(IRoleService roleService, ICacheManager cache)
{
_roleService = roleService;
_cache = cache;
PermissionsLookup = new List <PermissionEntity>();
FormData = new CreateRoleRequest();
}
private async Task <CreateRoleResponse> CreateRole(CreateRoleRequest createRoleRequest,
CancellationToken cancellationToken)
{
CreateRoleResponse createRoleResponse = await this.TestingContext.DockerHelper.SecurityServiceClient.CreateRole(createRoleRequest, cancellationToken).ConfigureAwait(false);
return(createRoleResponse);
}
public static void AttachRolePolicy()
{
var client = new AmazonIdentityManagementServiceClient();
string policy = GenerateRolePolicyDocument();
CreateRoleRequest roleRequest = new CreateRoleRequest()
{
RoleName = "tester",
AssumeRolePolicyDocument = policy
};
var request = new AttachRolePolicyRequest()
{
PolicyArn = "arn:aws:iam::123456789:policy/DemoEC2Permissions",
RoleName = "tester"
};
try
{
var response = client.AttachRolePolicy(request);
Console.WriteLine("Policy DemoEC2Permissions attached to Role TestUser");
}
catch (NoSuchEntityException)
{
Console.WriteLine
("Policy 'DemoEC2Permissions' does not exist");
}
catch (InvalidInputException)
{
Console.WriteLine
("One of the parameters is incorrect");
}
}
public async Task <IActionResult> CreateAsync([FromBody] CreateRoleRequest request)
{
request.Type = RoleTypeCode.SystemRole;
request.IsSystem = true;
var id = await RoleService.CreateAsync(request);
return(Success(id));
}
/// <summary>
/// Creates the role.
/// </summary>
/// <param name="request">The request.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns></returns>
public async Task <CreateRoleResponse> CreateRole(CreateRoleRequest request,
CancellationToken cancellationToken)
{
return(new CreateRoleResponse
{
RoleId = Guid.NewGuid()
});
}
/// <summary>
/// 创建角色
/// </summary>
/// <param name="request">创建请求参数</param>
public async Task <Guid> CreateAsync(CreateRoleRequest request)
{
var role = ToEntity(request);
await RoleManager.CreateAsync(role);
await UnitOfWork.CommitAsync();
return(role.Id);
}
public async Task <IActionResult> CreateTenantAsync([FromBody] CreateRoleRequest request)
{
request.Type = RoleTypeCode.TenantRole;
request.IsSystem = false;
request.TenantId = CurrentUser.GetTenantCode();
var id = await RoleService.CreateAsync(request);
return(Success(id));
}
/// <summary> Creates a new role. </summary>
public async Task<Role> CreateRole(string name, ServerPermissions? permissions = null, Color color = null, bool isHoisted = false)
{
if (name == null) throw new ArgumentNullException(nameof(name));
var createRequest = new CreateRoleRequest(Id);
var createResponse = await Client.ClientAPI.Send(createRequest).ConfigureAwait(false);
var role = AddRole(createResponse.Id);
role.Update(createResponse);
var editRequest = new UpdateRoleRequest(role.Server.Id, role.Id)
{
Name = name,
Permissions = (permissions ?? role.Permissions).RawValue,
Color = (color ?? Color.Default).RawValue,
IsHoisted = isHoisted
};
var editResponse = await Client.ClientAPI.Send(editRequest).ConfigureAwait(false);
role.Update(editResponse);
return role;
}
