public async Task <OpenApiResult> GetClaimPermissionResourceAccessRulesAsync( IOpenApiContext context, string claimPermissionsId) { if (context is null) { throw new ArgumentNullException(nameof(context)); } if (claimPermissionsId is null) { throw new ArgumentNullException(nameof(claimPermissionsId)); } ITenant tenant = await this.marainServicesTenancy.GetRequestingTenantAsync(context.CurrentTenantId).ConfigureAwait(false); IClaimPermissionsStore store = await this.permissionsStoreFactory.GetClaimPermissionsStoreAsync(tenant).ConfigureAwait(false); try { ClaimPermissions claimPermissions = await store.GetAsync(claimPermissionsId).ConfigureAwait(false); return(this.OkResult(claimPermissions.AllResourceAccessRules, "application/json")); } catch (ClaimPermissionsNotFoundException) { return(this.NotFoundResult()); } }
public async Task <OpenApiResult> CreateClaimPermissionsAsync( IOpenApiContext context, ClaimPermissions body) { if (context is null) { throw new ArgumentNullException(nameof(context)); } if (body is null) { throw new ArgumentNullException(nameof(body)); } ITenant tenant = await this.marainServicesTenancy.GetRequestingTenantAsync(context.CurrentTenantId).ConfigureAwait(false); (bool allRulesExist, OpenApiResult failureResult) = await this.CheckRuleSetsExist(tenant, body.ResourceAccessRuleSets); if (!allRulesExist) { return(failureResult); } IClaimPermissionsStore claimPermissionsStore = await this.permissionsStoreFactory.GetClaimPermissionsStoreAsync(tenant).ConfigureAwait(false); try { ClaimPermissions result = await claimPermissionsStore.CreateAsync(body).ConfigureAwait(false); return(this.OkResult(result, "application/json")); } catch (InvalidOperationException) { var response = new JObject { ["status"] = 400, ["detail"] = "A ClaimPermissions with this ID has already been created", }; return(new OpenApiResult { StatusCode = 400, Results = { { "application/json", response } }, }); } }
public async Task <OpenApiResult> UpdateClaimPermissionsResourceAccessRulesAsync( IOpenApiContext context, string claimPermissionsId, UpdateOperation operation, IEnumerable <ResourceAccessRule> body) { if (context is null) { throw new ArgumentNullException(nameof(context)); } if (claimPermissionsId is null) { throw new ArgumentNullException(nameof(claimPermissionsId)); } if (body is null) { throw new ArgumentNullException(nameof(body)); } ITenant tenant = await this.marainServicesTenancy.GetRequestingTenantAsync(context.CurrentTenantId).ConfigureAwait(false); IClaimPermissionsStore store = await this.permissionsStoreFactory.GetClaimPermissionsStoreAsync(tenant).ConfigureAwait(false); ClaimPermissions claimPermissions; try { claimPermissions = await store.GetAsync(claimPermissionsId).ConfigureAwait(false); } catch (ClaimPermissionsNotFoundException) { return(this.NotFoundResult()); } var inputRules = body.ToList(); if (inputRules.Distinct().Count() != inputRules.Count) { var response = new JObject { ["status"] = 400, ["detail"] = "Request contains duplicate rules", }; return(new OpenApiResult { StatusCode = 400, Results = { { "application/json", response } }, }); } var existingRules = new HashSet <ResourceAccessRule>(claimPermissions.ResourceAccessRules); var incomingRulesMatchingExistingRules = inputRules.Where(inputRule => existingRules.Contains(inputRule)).ToList(); switch (operation) { case UpdateOperation.Add: if (incomingRulesMatchingExistingRules.Count != 0) { string existingRulesText = string.Join( ", ", incomingRulesMatchingExistingRules.Select(FormatRuleForError)); var response = new JObject { ["status"] = 400, ["detail"] = $"Request contains rules that are already present: {existingRulesText}", }; return(new OpenApiResult { StatusCode = 400, Results = { { "application/json", response } }, }); } claimPermissions.ResourceAccessRules.AddRange(body); break; case UpdateOperation.Remove: if (incomingRulesMatchingExistingRules.Count != inputRules.Count) { string wrongRulesText = string.Join( ", ", inputRules.Where(r => !existingRules.Contains(r)).Select(FormatRuleForError)); var response = new JObject { ["status"] = 400, ["detail"] = $"Request contains rules that are not present: {wrongRulesText}", }; return(new OpenApiResult { StatusCode = 400, Results = { { "application/json", response } }, }); } body.ForEach(rc => claimPermissions.ResourceAccessRules.RemoveAll(r => r == rc)); break; } await store.UpdateAsync(claimPermissions).ConfigureAwait(false); return(this.CreatedResult());