/// <summary>
/// Get policies from permissions
/// </summary>
/// <param name="options"></param>
/// <returns></returns>
public static AuthorizationOptions GetPoliciesFromPermissions(this AuthorizationOptions options)
{
foreach (var _ in PermissionsConstants.PermissionsList())
{
options.AddPolicy(_, policy => policy.RequireClaim(_));
}
return(options);
}
public static async Task SeedAsync <TIdentityServer4Configurator>(TIdentityServer4Configurator configurator, ConfigurationDbContext context, ApplicationDbContext applicationDbContext,
IConfiguration configuration, IHostingEnvironment env) where TIdentityServer4Configurator : IdentityServer4Configurator
{
var clientUrls = new Dictionary <string, string>
{
["CORE"] = GetClientUrl(env, configuration, "CORE"),
["BPMApi"] = GetClientUrl(env, configuration, "BPMApi")
};
//Seed clients
if (!context.Clients.Any())
{
try
{
var clients = configurator.GetClients(clientUrls).GetSeedClients(context);
await context.Clients.AddRangeAsync(clients);
await context.SaveChangesAsync();
}
catch (Exception ex)
{
Debug.WriteLine(ex);
}
}
//Seed Identity resources
if (!context.IdentityResources.Any())
{
var resources = configurator.GetResources().GetSeedResources(context);
await context.IdentityResources.AddRangeAsync(resources);
await context.SaveChangesAsync();
}
//Seed api resources
if (!context.ApiResources.Any())
{
var apiResources = configurator.GetApis().GetSeedApiResources(context);
context.ApiResources.AddRange(apiResources);
await context.SaveChangesAsync();
}
//Seed permissions
if (!applicationDbContext.Permissions.Any())
{
var clients = context.Clients.ToList();
var permissionsList = (from item in PermissionsConstants.PermissionsList()
let permissionConfig = item.Split('_')
where permissionConfig.Length == 2
let client = clients.FirstOrDefault(x => x.ClientId.ToLower().Equals(permissionConfig[0].ToLower()))
select new Permission
{
Author = "System",
Created = DateTime.Now,
PermissionKey = item,
PermissionName = permissionConfig[1],
ClientId = client?.Id ?? 0,
Description = $"Permission for module {permissionConfig[0]}",
Changed = DateTime.Now
}).ToList();
try
{
await applicationDbContext.Permissions.AddRangeAsync(permissionsList);
await applicationDbContext.SaveChangesAsync();
}
catch (Exception e)
{
Console.WriteLine(e);
}
var baseDirectory = AppContext.BaseDirectory;
var entity = JsonParser.ReadObjectDataFromJsonFile <ApplicationDbContextSeed.SeedApplication>(Path.Combine(baseDirectory, "Configuration/IdentityConfiguration.json"));
//Set core permissions for roles
var coreClientId = clients.FirstOrDefault(y => y.ClientId.Equals("core"))?.Id;
var corePermissions = applicationDbContext.Permissions.Where(x => x.ClientId.Equals(coreClientId));
if (corePermissions.Any())
{
await applicationDbContext.Roles.Where(x => x.ClientId.Equals(coreClientId))
.ForEachAsync(async x =>
{
var configuredPermissions =
entity.ApplicationRoles.FirstOrDefault(y => y.Name.Equals(x.Name));
if (configuredPermissions == null)
{
return;
}
if (configuredPermissions.Permissions == null || !configuredPermissions.Permissions.Any())
{
await applicationDbContext.RolePermissions.AddRangeAsync(corePermissions.Select(o =>
new RolePermission
{
RoleId = x.Id,
PermissionId = o.Id,
PermissionCode = o.PermissionKey
}));
}
else
{
await applicationDbContext.RolePermissions.AddRangeAsync(configuredPermissions.Permissions.Select(
o =>
{
var permission = corePermissions.FirstOrDefault(c =>
c.PermissionKey.Equals(o));
var rolePermission = new RolePermission
{
RoleId = x.Id,
PermissionId = permission?.Id ?? Guid.Empty,
PermissionCode = o
};
return(rolePermission);
}));
}
});
try
{
await applicationDbContext.SaveChangesAsync();
}
catch (Exception ex)
{
Debug.WriteLine(ex);
}
}
}
}
