/// <inheritdoc />
        public async Task ModifyClaimMapping(ulong roleId, AuthorizationClaim claim, ClaimMappingType?newType)
        {
            RequireAuthenticatedUser();
            RequireClaims(AuthorizationClaim.AuthorizationConfigure);

            var foundClaims = await ClaimMappingRepository.SearchBriefsAsync(new ClaimMappingSearchCriteria
            {
                Claims  = new[] { claim },
                RoleIds = new[] { roleId },
                GuildId = CurrentGuildId
            });

            using (var transaction = await ClaimMappingRepository.BeginCreateTransactionAsync())
            {
                foreach (var existing in foundClaims)
                {
                    await ClaimMappingRepository.TryDeleteAsync(existing.Id, CurrentUserId.Value);
                }

                if (newType.HasValue)
                {
                    await ClaimMappingRepository.CreateAsync(new ClaimMappingCreationData()
                    {
                        GuildId     = CurrentGuildId.Value,
                        Type        = newType.Value,
                        RoleId      = roleId,
                        Claim       = claim,
                        CreatedById = CurrentUserId.Value
                    });
                }

                transaction.Commit();
            }
        }
Esempio n. 2
0
        /// <inheritdoc />
        public async Task RemoveClaimMappingAsync(IRole role, ClaimMappingType type, AuthorizationClaim claim)
        {
            RequireClaims(AuthorizationClaim.AuthorizationConfigure);

            using (var transaction = await ClaimMappingRepository.BeginDeleteTransactionAsync())
            {
                var mappingIds = await ClaimMappingRepository.SearchIdsAsync(new ClaimMappingSearchCriteria()
                {
                    Types     = new[] { type },
                    GuildId   = role.Guild.Id,
                    RoleIds   = new[] { role.Id },
                    Claims    = new[] { claim },
                    IsDeleted = false,
                });

                if (!mappingIds.Any())
                {
                    throw new InvalidOperationException($"A claim mapping of type {type} to claim {claim} for role {role.Name} does not exist");
                }

                await ClaimMappingRepository.TryDeleteAsync(mappingIds.First(), CurrentUserId.Value);

                transaction.Commit();
            }
        }
        /// <inheritdoc />
        public async Task AddClaimMapping(IGuildUser user, ClaimMappingType type, AuthorizationClaim claim)
        {
            RequireAuthenticatedUser();
            RequireClaims(AuthorizationClaim.AuthorizationConfigure);

            using (var transaction = await ClaimMappingRepository.BeginCreateTransactionAsync())
            {
                if (await ClaimMappingRepository.AnyAsync(new ClaimMappingSearchCriteria()
                {
                    Types = new[] { type },
                    GuildId = user.Guild.Id,
                    UserId = user.Id,
                    Claims = new[] { claim },
                    IsDeleted = false,
                }))
                {
                    throw new InvalidOperationException($"A claim mapping of type {type} to claim {claim} for user {user.GetDisplayName()} already exists");
                }

                await ClaimMappingRepository.CreateAsync(new ClaimMappingCreationData()
                {
                    GuildId     = user.Guild.Id,
                    Type        = type,
                    UserId      = user.Id,
                    Claim       = claim,
                    CreatedById = CurrentUserId.Value
                });

                transaction.Commit();
            }
        }
Esempio n. 4
0
 public Task AddClaimMapping(
     [Summary("The claim to be added.")]
     AuthorizationClaim claim,
     [Summary("The type of claim mapping, E.G. granted or denied.")]
     ClaimMappingType type,
     [Summary("The role to which the claim is to be added.")]
     IRole role)
 => AuthorizationService.AddClaimMapping(role, type, claim);
Esempio n. 5
0
 public Task RemoveClaimMapping(
     [Summary("The claim to be removed.")]
     AuthorizationClaim claim,
     [Summary("The type of claim mapping, E.G. granted or denied.")]
     ClaimMappingType type,
     [Summary("The role from which the claim is to be removed.")]
     IRole role)
 => AuthorizationService.RemoveClaimMapping(role, type, claim);
Esempio n. 6
0
 public Task RemoveClaimMapping(
     [Summary("The claim to be removed.")]
     AuthorizationClaim claim,
     [Summary("The type of claim mapping, E.G. granted or denied.")]
     ClaimMappingType type,
     [Summary("The user from which the claim is to be removed.")]
     IGuildUser user)
 => AuthorizationService.RemoveClaimMapping(user, type, claim);
Esempio n. 7
0
 public Task AddClaimMapping(
     [Summary("The claim to be added.")]
     AuthorizationClaim claim,
     [Summary("The type of claim mapping, E.G. granted or denied.")]
     ClaimMappingType type,
     [Summary("The user to which the claim is to be added.")]
     IGuildUser user)
 => AuthorizationService.AddClaimMappingAsync(user, type, claim);
Esempio n. 8
0
        public void Constructor_OwnedAndRequiredClaimsEmpty_IsSuccess()
        {
            var requiredClaims = new AuthorizationClaim[] { };
            var ownedClaims    = new AuthorizationClaim[] { };

            var authResult = new AuthResult(requiredClaims, ownedClaims);

            authResult.ShouldBeSuccessful();
        }
Esempio n. 9
0
 public Task RemoveClaimAsync(
     [Summary("Claim to be added")]
     AuthorizationClaim claim,
     [Summary("Access of a claim, whether granted or denied")]
     ClaimMappingType type,
     [Summary("User to add the claim to")]
     IGuildUser user)
 {
     return(_authorizationService.RemoveClaimMappingAsync(user, type, claim));
 }
Esempio n. 10
0
 public Task RemoveClaimAsync(
     [Summary("Claim to be removed")]
     AuthorizationClaim claim,
     [Summary("Access of the claim, whether granted or denied")]
     ClaimMappingType type,
     [Summary("Role from which the claim is to be removed")]
     IRole role)
 {
     return(_authorizationService.RemoveClaimMappingAsync(role, type, claim));
 }
Esempio n. 11
0
 public Task AddClaimAsync(
     [Summary("Claim to be added")]
     AuthorizationClaim claim,
     [Summary("Access of a claim, whether granted or denied")]
     ClaimMappingType type,
     [Summary("Role which to add the claim to")]
     IRole role)
 {
     return(_authorizationService.AddClaimMappingAsync(role, type, claim));
 }
Esempio n. 12
0
        public async Task RemoveClaimMapping(
            [Summary("The claim to be removed.")]
            AuthorizationClaim claim,
            [Summary("The type of claim mapping, E.G. granted or denied.")]
            ClaimMappingType type,
            [Summary("The user from which the claim is to be removed.")]
            IGuildUser user)
        {
            await AuthorizationService.RemoveClaimMappingAsync(user, type, claim);

            await Context.AddConfirmation();
        }
Esempio n. 13
0
        public async Task AddClaimMapping(
            [Summary("The claim to be added.")]
            AuthorizationClaim claim,
            [Summary("The type of claim mapping, E.G. granted or denied.")]
            ClaimMappingType type,
            [Summary("The role to which the claim is to be added.")]
            IRole role)
        {
            await AuthorizationService.AddClaimMappingAsync(role, type, claim);

            await Context.AddConfirmation();
        }
Esempio n. 14
0
        public async Task RemoveClaimAsync(
            [Summary("Claim to be removed")]
            AuthorizationClaim claim,
            [Summary("Access of the claim, whether granted or denied")]
            ClaimMappingType type,
            [Remainder]
            [Summary("Role from which the claim is to be removed")]
            IRole role)
        {
            await _authorizationService.RemoveClaimMappingAsync(role, type, claim);

            await Context.AddConfirmation();
        }
Esempio n. 15
0
        public async Task AddClaimAsync(
            [Summary("Claim to be added")]
            AuthorizationClaim claim,
            [Summary("Access of a claim, whether granted or denied")]
            ClaimMappingType type,
            [Remainder]
            [Summary("User to add the claim to")]
            IGuildUser user)
        {
            await _authorizationService.AddClaimMappingAsync(user, type, claim);

            await Context.AddConfirmation();
        }
Esempio n. 16
0
        public void Constructor_OwnedClaimsEmpty_IsFailure()
        {
            var requiredClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationWarn
            };

            var ownedClaims = new AuthorizationClaim[] { };

            var authResult = new AuthResult(requiredClaims, ownedClaims);

            authResult.ShouldBeFailure();
        }
Esempio n. 17
0
        public void AddClaim(Claim claim, HttpContextBase httpContext, string username)
        {
            var authorizationData = GetAuthorizationData(httpContext, username);

            var claims             = authorizationData.Claims.ToList();
            var authorizationClaim = new AuthorizationClaim {
                Type = claim.Type, Value = claim.Value
            };

            claims.Add(authorizationClaim);
            authorizationData.Claims = claims.ToArray();
            SetCookie(httpContext, authorizationData);
        }
Esempio n. 18
0
        public async Task Claim()
        {
            var required = new AuthorizationClaim[]
            {
                AuthorizationClaim.PromotionsCloseCampaign,
                AuthorizationClaim.PromotionsComment,
                AuthorizationClaim.PromotionsCreateCampaign
            };

            var has = new AuthorizationClaim[]
            {
                AuthorizationClaim.PromotionsComment
            };

            await HandleResultAsync(new AuthResult(required, has));
        }
Esempio n. 19
0
        public void HadRequiredClaim_OwnedClaimsMissingARequiredClaim_IsFalse()
        {
            var requiredClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationRead,
                AuthorizationClaim.ModerationWarn
            };

            var ownedClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationWarn
            };

            var authResult = new AuthResult(requiredClaims, ownedClaims);

            authResult.HadRequiredClaim(AuthorizationClaim.ModerationRead).ShouldBeFalse();
        }
Esempio n. 20
0
        public void HadRequiredClaim_CheckedClaimWasNotRequired_IsFalse()
        {
            var requiredClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationRead,
                AuthorizationClaim.ModerationWarn
            };

            var ownedClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationWarn
            };

            var authResult = new AuthResult(requiredClaims, ownedClaims);

            authResult.HadRequiredClaim(AuthorizationClaim.PostInviteLink).ShouldBeFalse();
        }
Esempio n. 21
0
        public void Constructor_OwnedClaimsContainsRequiredClaims_IsSuccess()
        {
            var requiredClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationWarn
            };

            var ownedClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationRead,
                AuthorizationClaim.ModerationWarn
            };

            var authResult = new AuthResult(requiredClaims, ownedClaims);

            authResult.ShouldBeSuccessful();
        }
Esempio n. 22
0
        public void HadRequiredClaim_OwnedClaimsContainsARequiredClaim_IsTrue()
        {
            var requiredClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationRead,
                AuthorizationClaim.ModerationWarn
            };

            var ownedClaims = new AuthorizationClaim[]
            {
                AuthorizationClaim.ModerationRead,
                AuthorizationClaim.ModerationWarn
            };

            var authResult = new AuthResult(requiredClaims, ownedClaims);

            authResult.HadRequiredClaim(AuthorizationClaim.ModerationRead).ShouldBeTrue();
        }
Esempio n. 23
0
        /// <inheritdoc />
        public async Task RemoveClaimMapping(IGuildUser user, ClaimMappingType type, AuthorizationClaim claim)
        {
            RequireAuthenticatedUser();
            RequireClaims(AuthorizationClaim.AuthorizationConfigure);

            var mappingIds = (await ClaimMappingRepository.SearchIdsAsync(new ClaimMappingSearchCriteria()
            {
                Types = new[] { type },
                GuildId = user.Guild.Id,
                UserId = user.Id,
                Claims = new[] { claim },
                IsDeleted = false,
            }));

            if (!mappingIds.Any())
            {
                throw new InvalidOperationException($"A claim mapping of type {type} to claim {claim} for user {user.GetDisplayName()} does not exist");
            }

            await ClaimMappingRepository.TryDeleteAsync(mappingIds.First(), CurrentUserId.Value);
        }
 public AuthorizationData()
 {
     Claims = new AuthorizationClaim[0];
 }
Esempio n. 25
0
        /// <summary>
        /// Returns true if the user had the given required claim when the request was executed, false if not
        /// </summary>
        /// <param name="claim">The claim to check for - must have been required</param>
        /// <remarks>Will return false if the given claim is not within the RequiredClaims</remarks>
        public bool HadRequiredClaim(AuthorizationClaim claim)
        {
            var hasKey = _hasClaimLookup.TryGetValue(claim, out var hasClaim);

            return(hasKey ? hasClaim : false);
        }
Esempio n. 26
0
 public bool HasClaim(AuthorizationClaim claim)
 {
     RequireAuthenticatedUser();
     return(CurrentClaims.Contains(claim));
 }
Esempio n. 27
0
        private async Task CreateClaimMappingUnauthorized(ClaimMappingType type, ulong guildId, ulong?roleId, ulong?userId, AuthorizationClaim claim, ulong createdById)
        {
            if ((roleId == null) && (userId == null))
            {
                throw new ArgumentException($"{nameof(roleId)} and {nameof(userId)} cannot both be null");
            }

            if ((roleId != null) && (userId != null))
            {
                throw new ArgumentException($"{nameof(roleId)} and {nameof(userId)} cannot both be given");
            }

            var claimMappingId = await ClaimMappingRepository.TryCreateAsync(new ClaimMappingCreationData()
            {
                Type        = type,
                GuildId     = guildId,
                RoleId      = roleId,
                UserId      = userId,
                Claim       = claim,
                CreatedById = createdById
            });

            if (claimMappingId == null)
            {
                var toClause = (roleId == null)
                    ? $"user {userId}"
                    : $"role {roleId}";
                throw new InvalidOperationException($"A claim mapping on guild {guildId} to {toClause} for {claim} already exists");
            }
        }