public async Task <object> Post(AssignRoles request)
        {
            if (!Request.IsInProcessRequest())
            {
                await RequiredRoleAttribute.AssertRequiredRoleAsync(Request, RoleNames.Admin);
            }

            if (string.IsNullOrEmpty(request.UserName))
            {
                throw new ArgumentNullException(nameof(request.UserName));
            }

            var userAuth = await AuthRepositoryAsync.GetUserAuthByUserNameAsync(request.UserName).ConfigAwait();

            if (userAuth == null)
            {
                throw HttpError.NotFound(request.UserName);
            }

            await AuthRepositoryAsync.AssignRolesAsync(userAuth, request.Roles, request.Permissions).ConfigAwait();

            return(new AssignRolesResponse
            {
                AllRoles = (await AuthRepositoryAsync.GetRolesAsync(userAuth).ConfigAwait()).ToList(),
                AllPermissions = (await AuthRepositoryAsync.GetPermissionsAsync(userAuth).ConfigAwait()).ToList(),
            });
        }
 public static async Task AssertAccessRoleAsync(IRequest req, string accessRole = null, string authSecret = null, CancellationToken token = default)
 {
     if (HostContext.Config.AdminAuthSecret == null || HostContext.Config.AdminAuthSecret != authSecret)
     {
         await RequiredRoleAttribute.AssertRequiredRoleAsync(req, accessRole, token);
     }
 }
Exemple #3
0
        public async Task Does_validate_AssertRequiredRoles_with_UserAuthRepo_When_Role_not_in_Session()
        {
            var registrationService = GetRegistrationService();

            var request = registrationService.Request;

            HostContext.Container.Register(userAuth);

            await RequiredRoleAttribute.AssertRequiredRoleAsync(request, RoleNames.Admin);

            Assert.That(!request.Response.IsClosed);
        }