/// <summary>
/// Gets the active client scopes.
/// </summary>
/// <param name="rockContext">The rock context.</param>
/// <returns>IEnumerable<System.String>.</returns>
/// <exception cref="System.ArgumentException"></exception>
public static IEnumerable <string> GetActiveAuthScopes(RockContext rockContext)
{
if (rockContext == null)
{
throw new ArgumentException($"{nameof( rockContext )} cannot be null.");
}
var activeAuthScopes = new AuthScopeService(rockContext)
.Queryable()
.Where(s => s.IsActive)
.Select(s => s.Name);
return(activeAuthScopes);
}
/// <summary>
/// Shows the detail.
/// </summary>
/// <param name="authScopeId">The rest user identifier.</param>
public void ShowDetail(int authScopeId)
{
var rockContext = new RockContext();
AuthScope authScope = null;
var isNew = authScopeId.Equals(0);
if (!isNew)
{
authScope = new AuthScopeService(rockContext).Get(authScopeId);
lTitle.Text = ActionTitle.Edit("Scope").FormatAsHtmlTitle();
}
else
{
lTitle.Text = ActionTitle.Add("Scope").FormatAsHtmlTitle();
}
if (authScope == null)
{
if (!isNew)
{
DisplayErrorMessage("The Auth Scope with the specified Id was found.");
return;
}
authScope = new AuthScope {
Id = 0, IsActive = true
};
}
hfRestUserId.Value = authScope.Id.ToString();
tbName.Text = authScope.Name;
tbPublicName.Text = authScope.PublicName;
cbActive.Checked = authScope.IsActive;
nbEditModeMessage.Text = string.Empty;
if (authScope.IsSystem)
{
tbName.Enabled = false;
cbActive.Enabled = false;
nbEditModeMessage.Text = EditModeMessage.System(Rock.Model.AuthScope.FriendlyTypeName);
}
var editAllowed = authScope.IsAuthorized(Authorization.EDIT, CurrentPerson);
lbSave.Visible = editAllowed;
}
/// <summary>
/// Binds the grid.
/// </summary>
private void BindGrid()
{
var rockContext = new RockContext();
var authScopeService = new AuthScopeService(rockContext);
var authScopeQuery = authScopeService.Queryable().AsNoTracking();
if (tbName.Text.IsNotNullOrWhiteSpace())
{
authScopeQuery = authScopeQuery.Where(s => s.Name.Contains(tbName.Text));
}
if (tbPublicName.Text.IsNotNullOrWhiteSpace())
{
authScopeQuery = authScopeQuery.Where(s => s.PublicName.Contains(tbPublicName.Text));
}
if (ddlActiveFilter.SelectedIndex > -1)
{
switch (ddlActiveFilter.SelectedValue)
{
case "active":
authScopeQuery = authScopeQuery.Where(s => s.IsActive);
break;
case "inactive":
authScopeQuery = authScopeQuery.Where(s => !s.IsActive);
break;
}
}
// Sort
var sortProperty = gAuthScopes.SortProperty;
if (sortProperty == null)
{
sortProperty = new SortProperty(new GridViewSortEventArgs("Name", SortDirection.Ascending));
}
authScopeQuery = authScopeQuery.Sort(sortProperty);
gAuthScopes.SetLinqDataSource(authScopeQuery);
gAuthScopes.DataBind();
}
/// <summary>
/// Saves the authentication scope.
/// </summary>
/// <param name="authScopeId">The authentication scope identifier.</param>
private void SaveAuthScope(int authScopeId)
{
var isNew = authScopeId.Equals(0);
var authScope = new AuthScope();
var editAllowed = authScope.IsAuthorized(Authorization.EDIT, CurrentPerson);
if (!editAllowed)
{
DisplayErrorMessage("The current user is not authorized to make changes.");
return;
}
var rockContext = new RockContext();
var authScopeService = new AuthScopeService(rockContext);
if (isNew)
{
authScopeService.Add(authScope);
}
else
{
authScope = authScopeService.Get(authScopeId);
}
if (authScope == null)
{
DisplayErrorMessage("The Auth Scope with the specified Id was found.");
return;
}
if (!authScope.IsSystem)
{
authScope.Name = tbName.Text;
authScope.IsActive = cbActive.Checked;
}
authScope.PublicName = tbPublicName.Text;
rockContext.SaveChanges();
}
/// <summary>
/// Gets the allowed client scopes.
/// </summary>
/// <param name="rockContext">The rock context.</param>
/// <param name="clientId">The client identifier.</param>
/// <returns></returns>
/// <exception cref="ArgumentException">
/// </exception>
public static IEnumerable <string> GetAllowedClientScopes(RockContext rockContext, string clientId)
{
if (rockContext == null)
{
throw new ArgumentException($"{nameof( rockContext )} cannot be null.");
}
if (clientId.IsNullOrWhiteSpace())
{
throw new ArgumentException($"{nameof( clientId )} cannot be null or empty.");
}
// The OpenId is required and should always be allowed.
var emptyScopeList = new List <string> {
};
var authClientService = new AuthClientService(rockContext);
var enabledClientScopes = authClientService
.Queryable()
.Where(ac => ac.ClientId == clientId)
.Select(ac => ac.AllowedScopes)
.FirstOrDefault();
if (enabledClientScopes.IsNullOrWhiteSpace())
{
return(emptyScopeList);
}
var parsedClientScopes = enabledClientScopes.FromJsonOrNull <List <string> >();
if (parsedClientScopes == null)
{
return(emptyScopeList);
}
var activeClientScopes = new AuthScopeService(rockContext)
.Queryable()
.Where(s => s.IsActive)
.Select(s => s.Name);
return(parsedClientScopes.Intersect(activeClientScopes));
}
/// <summary>
/// Handles the Delete event of the gUserLogins control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="RowEventArgs" /> instance containing the event data.</param>
protected void gAuthScopes_Delete(object sender, RowEventArgs e)
{
bool canEdit = IsUserAuthorized(Authorization.EDIT);
if (canEdit)
{
using (var rockContext = new RockContext())
{
var authScopeService = new AuthScopeService(rockContext);
var authScope = authScopeService.Get(e.RowKeyId);
if (authScope != null)
{
authScopeService.Delete(authScope);
rockContext.SaveChanges();
}
}
}
BindGrid();
}
