public async Task <Role> AddPermissionsToRole(Role role, ICollection <Permission> allowPermissions, ICollection <Permission> denyPermissions)
{
// TODO: handle case where role.Id may not exist in Roles table
foreach (var permission in allowPermissions)
{
_authorizationDbContext.RolePermissions.Add(new RolePermission
{
RoleId = role.Id,
PermissionId = permission.Id,
PermissionAction = PermissionAction.Allow
});
role.Permissions.Add(permission);
}
foreach (var permission in denyPermissions)
{
_authorizationDbContext.RolePermissions.Add(new RolePermission
{
RoleId = role.Id,
PermissionId = permission.Id,
PermissionAction = PermissionAction.Deny
});
role.Permissions.Add(permission);
}
await _authorizationDbContext.SaveChangesAsync();
return(role);
}
public async Task Delete(Role model)
{
var role = await _authorizationDbContext.Roles
.Include(r => r.RolePermissions)
.Include(r => r.GroupRoles)
.SingleOrDefaultAsync(r =>
r.RoleId == model.Id &&
!r.IsDeleted);
if (role == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {model.Id}");
}
role.IsDeleted = true;
foreach (var rolePermission in role.RolePermissions)
{
rolePermission.IsDeleted = true;
}
foreach (var groupRole in role.GroupRoles)
{
groupRole.IsDeleted = true;
}
await _authorizationDbContext.SaveChangesAsync();
}
public async Task <Role> RemovePermissionsFromRole(Role role, Guid[] permissionIds)
{
var roleEntity = await _authorizationDbContext.Roles
.Include(r => r.RolePermissions)
.SingleOrDefaultAsync(r =>
r.RoleId == role.Id &&
!r.IsDeleted);
if (roleEntity == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {role.Id}");
}
foreach (var permissionId in permissionIds)
{
var rolePermissionToRemove = roleEntity.RolePermissions.Single(
rp => rp.RoleId == roleEntity.RoleId &&
rp.PermissionId == permissionId);
rolePermissionToRemove.IsDeleted = true;
_authorizationDbContext.RolePermissions.Update(rolePermissionToRemove);
}
await _authorizationDbContext.SaveChangesAsync();
return(roleEntity.ToModel());
}
public async Task Delete(Role role)
{
var roleEntity = await AuthorizationDbContext.Roles
.Include(r => r.RolePermissions)
.Include(r => r.GroupRoles)
.SingleOrDefaultAsync(r =>
r.RoleId == role.Id &&
!r.IsDeleted);
if (roleEntity == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {role.Id}");
}
roleEntity.IsDeleted = true;
foreach (var rolePermission in roleEntity.RolePermissions)
{
rolePermission.IsDeleted = true;
}
foreach (var groupRole in roleEntity.GroupRoles)
{
groupRole.IsDeleted = true;
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityDeletedEvent, role.Id.ToString(), roleEntity.ToModel()));
}
public async Task <Role> Add(Role role)
{
role.Id = Guid.NewGuid();
var roleEntity = role.ToEntity();
roleEntity.SecurableItem =
AuthorizationDbContext.SecurableItems.First(s => !s.IsDeleted && s.Name == role.SecurableItem);
if (role.ChildRoles.Any())
{
var childRoles = await AuthorizationDbContext.Roles.Where(r => role.ChildRoles.Contains(r.RoleId))
.ToListAsync();
foreach (var childRole in childRoles)
{
childRole.ParentRole = roleEntity;
}
}
AuthorizationDbContext.Roles.Add(roleEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityCreatedEvent, role.Id.ToString(), roleEntity.ToModel()));
return(roleEntity.ToModel());
}
public async Task <Role> AddPermissionsToRole(Role role, ICollection <Permission> allowPermissions,
ICollection <Permission> denyPermissions)
{
// TODO: handle case where role.Id may not exist in Roles table
foreach (var permission in allowPermissions)
{
AuthorizationDbContext.RolePermissions.Add(new RolePermission
{
RoleId = role.Id,
PermissionId = permission.Id,
PermissionAction = PermissionAction.Allow
});
role.Permissions.Add(permission);
}
foreach (var permission in denyPermissions)
{
AuthorizationDbContext.RolePermissions.Add(new RolePermission
{
RoleId = role.Id,
PermissionId = permission.Id,
PermissionAction = PermissionAction.Deny
});
role.Permissions.Add(permission);
}
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityUpdatedEvent, role.Id.ToString(), role));
return(role);
}
public async Task <Role> Add(Role model)
{
model.Id = Guid.NewGuid();
var entity = model.ToEntity();
entity.SecurableItem =
_authorizationDbContext.SecurableItems.First(s => !s.IsDeleted && s.Name == model.SecurableItem);
_authorizationDbContext.Roles.Add(entity);
await _authorizationDbContext.SaveChangesAsync();
return(entity.ToModel());
}
public async Task <Group> DeleteRoleFromGroup(Group group, Role role)
{
var groupRoleToRemove = await _authorizationDbContext.GroupRoles
.SingleOrDefaultAsync(gr => gr.RoleId.Equals(role.Id) &&
gr.GroupId == Guid.Parse(group.Id));
if (groupRoleToRemove != null)
{
groupRoleToRemove.IsDeleted = true;
_authorizationDbContext.GroupRoles.Update(groupRoleToRemove);
await _authorizationDbContext.SaveChangesAsync();
}
return(group);
}
public async Task <Group> AddRoleToGroup(Group group, Role role)
{
var groupRole = new GroupRole
{
GroupId = Guid.Parse(group.Id),
RoleId = role.Id
};
group.Roles.Add(role);
_authorizationDbContext.GroupRoles.Add(groupRole);
await _authorizationDbContext.SaveChangesAsync();
return(group);
}
public async Task Update(Role model)
{
var role = await _authorizationDbContext.Roles
.SingleOrDefaultAsync(r =>
r.RoleId == model.Id &&
!r.IsDeleted);
if (role == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {model.Id}");
}
model.ToEntity(role);
_authorizationDbContext.Roles.Update(role);
await _authorizationDbContext.SaveChangesAsync();
}
public async Task Update(Role role)
{
var roleEntity = await AuthorizationDbContext.Roles
.SingleOrDefaultAsync(r =>
r.RoleId == role.Id &&
!r.IsDeleted);
if (roleEntity == null)
{
throw new NotFoundException <Role>($"Could not find {typeof(Role).Name} entity with ID {role.Id}");
}
role.ToEntity(roleEntity);
AuthorizationDbContext.Roles.Update(roleEntity);
await AuthorizationDbContext.SaveChangesAsync();
await EventService.RaiseEventAsync(new EntityAuditEvent <Role>(EventTypes.EntityUpdatedEvent, role.Id.ToString(), roleEntity.ToModel()));
}
