public Task <IActionResult> Get([FromRoute] string id) => WithContextAsync <Project>(async(contextUser, project) =>
{
if (string.IsNullOrWhiteSpace(id))
{
return(ErrorResult
.BadRequest($"The id provided in the url path is invalid. Must be a non-empty string.", ResultErrorCode.ValidationError)
.ToActionResult());
}
var projectTemplate = await projectTemplateRepository
.GetAsync(project.Organization, project.Template)
.ConfigureAwait(false);
var componentTemplate = await componentTemplateRepository
.GetAsync(project.Organization, project.Id, id)
.ConfigureAwait(false);
if (!(componentTemplate?.ParentId?.Equals(projectTemplate.Id, StringComparison.Ordinal) ?? false))
{
return(ErrorResult
.NotFound($"A Component Template with the id '{id}' could not be found for Project {project.Id}.")
.ToActionResult());
}
return(DataResult <ComponentTemplate>
.Ok(componentTemplate)
.ToActionResult());
});
private async Task <Dictionary <string, IEnumerable <Guid> > > GetRoleAssignmentsAsync(Component component)
{
var session = await azureResourceService.AzureSessionService
.CreateSessionAsync()
.ConfigureAwait(false);
var template = await componentTemplateRepository
.GetAsync(component.Organization, component.ProjectId, component.TemplateId)
.ConfigureAwait(false);
return(await userRepository
.ListAsync(component.Organization, component.ProjectId)
.SelectAwait(async user => new KeyValuePair <string, IEnumerable <Guid> >(user.Id, await GetUserRoleDefinitionIdsAsync(user).ConfigureAwait(false)))
.ToDictionaryAsync(kvp => kvp.Key, kvp => kvp.Value)
.ConfigureAwait(false));
async Task <IEnumerable <Guid> > GetUserRoleDefinitionIdsAsync(User user)
{
var roleDefinitionIds = new HashSet <Guid>();
if (template.Permissions?.Any() ?? false)
{
if (user.IsOwner(component.ProjectId) && template.Permissions.TryGetValue(ProjectUserRole.Owner, out var ownerPermissions))
{
var tasks = ownerPermissions.Select(permission => ResolveRoleDefinitionIdAsync(permission));
roleDefinitionIds.UnionWith(await Task.WhenAll(tasks).ConfigureAwait(false));
}
else if (user.IsAdmin(component.ProjectId) && template.Permissions.TryGetValue(ProjectUserRole.Admin, out var adminPermissions))
{
var tasks = adminPermissions.Select(permission => ResolveRoleDefinitionIdAsync(permission));
roleDefinitionIds.UnionWith(await Task.WhenAll(tasks).ConfigureAwait(false));
}
else if (user.IsMember(component.ProjectId) && template.Permissions.TryGetValue(ProjectUserRole.Member, out var memberPermissions))
{
var tasks = memberPermissions.Select(permission => ResolveRoleDefinitionIdAsync(permission));
roleDefinitionIds.UnionWith(await Task.WhenAll(tasks).ConfigureAwait(false));
}
}
// strip out unresolved role defintion ids
roleDefinitionIds.RemoveWhere(id => id == Guid.Empty);
if (!roleDefinitionIds.Any())
{
// if no role definition id was resolved use default
roleDefinitionIds.Add(AzureRoleDefinition.Reader);
}
return(roleDefinitionIds);
}
async Task <Guid> ResolveRoleDefinitionIdAsync(string permission)
{
if (Guid.TryParse(permission, out var roleDefinitionId))
{
return(roleDefinitionId);
}
try
{
var roleDefinition = await session.RoleDefinitions
.GetByScopeAndRoleNameAsync(component.ResourceId, permission)
.ConfigureAwait(false);
if (roleDefinition is null)
{
return(Guid.Empty);
}
return(Guid.Parse(roleDefinition.Id.Split('/').LastOrDefault()));
}
catch
{
return(Guid.Empty);
}
}
}