public void ReadAndCreatePerformanceLevelDescriptors() { var resource = _securityContext.ResourceClaims.FirstOrDefault(x => x.ResourceName == "performanceLevelDescriptor"); if (resource == null) { return; } var claimSet = _securityContext.ClaimSets.FirstOrDefault(x => x.ClaimSetName == "Assessment Vendor"); if (claimSet == null) { return; } var createAction = _securityContext.Actions.Single(x => x.ActionName == "Create"); var readAction = _securityContext.Actions.Single(x => x.ActionName == "Read"); _securityContext.ClaimSetResourceClaims.AddRange(new[] { new ClaimSetResourceClaim { Action = createAction, ClaimSet = claimSet, ResourceClaim = resource }, new ClaimSetResourceClaim { Action = readAction, ClaimSet = claimSet, ResourceClaim = resource } }); _securityContext.SaveChanges(); }
public int Execute(ICopyClaimSetModel claimSet) { var newClaimSet = new Security.DataAccess.Models.ClaimSet { ClaimSetName = claimSet.Name, Application = _context.Applications.Single() }; var originalResourceClaims = _context.ClaimSetResourceClaims .Where(x => x.ClaimSet.ClaimSetId == claimSet.OriginalId) .Include(x => x.ResourceClaim) .Include(x => x.Action) .Include(x => x.AuthorizationStrategyOverride) .ToList(); _context.ClaimSets.Add(newClaimSet); foreach (var resourceClaim in originalResourceClaims) { var copyResourceClaim = new ClaimSetResourceClaim { ClaimSet = newClaimSet, Action = resourceClaim.Action, AuthorizationStrategyOverride = resourceClaim.AuthorizationStrategyOverride, ResourceClaim = resourceClaim.ResourceClaim }; _context.ClaimSetResourceClaims.Add(copyResourceClaim); } _context.SaveChanges(); return(newClaimSet.ClaimSetId); }
public void Execute(IDeleteResourceOnClaimSetModel model) { var resourceClaimsToRemove = _context.ClaimSetResourceClaims.Where(x => x.ResourceClaim.ResourceClaimId == model.ResourceClaimId && x.ClaimSet.ClaimSetId == model.ClaimSetId).ToList(); _context.ClaimSetResourceClaims.RemoveRange(resourceClaimsToRemove); _context.SaveChanges(); }
public int Execute(IEditClaimSetModel claimSet) { var existingClaimSet = _context.ClaimSets.Single(x => x.ClaimSetId == claimSet.ClaimSetId); existingClaimSet.ClaimSetName = claimSet.ClaimSetName; _context.SaveChanges(); return(existingClaimSet.ClaimSetId); }
public void Execute(IDeleteClaimSetModel claimSet) { var claimSetToDelete = _context.ClaimSets.Single(x => x.ClaimSetId == claimSet.Id); var resourceClaimsForClaimSetId = _context.ClaimSetResourceClaims.Where(x => x.ClaimSet.ClaimSetId == claimSet.Id).ToList(); _context.ClaimSetResourceClaims.RemoveRange(resourceClaimsForClaimSetId); _context.ClaimSets.Remove(claimSetToDelete); _context.SaveChanges(); }
private void AddIdentitiesToRole(string[] identityNames, int roleId) { foreach (string identityName in identityNames) { if (!securityContext.EDWIdentities.Any(identity => identity.Name == identityName)) { securityContext.EDWIdentities.Add(new EDWIdentity { Name = identityName }); } } securityContext.SaveChanges(); var roleToAdd = securityContext.EDWRoles.FirstOrDefault(role => role.Id == roleId); if (roleToAdd == null) { throw new ArgumentException("Role not found."); } var targetIdentities = securityContext.EDWIdentities.Include(identity => identity.EDWIdentityRoles) .Where(identity => identityNames.Contains(identity.Name) && !identity.EDWRoles.Any(role => role.Id == roleId)) .ToList(); foreach (var identity in targetIdentities) { if (identity.EDWIdentityRoles.Where(ir => ir.RoleID == roleId).Any()) { continue; } EDWIdentityRole identityRoleMappingToAdd = new EDWIdentityRole { RoleID = roleId, IdentityID = identity.Id }; roleToAdd.EDWIdentityRoles.Add(identityRoleMappingToAdd); } securityContext.SaveChanges(); }
private void CreateEDWAdminRole(ISecurityContext securityContext, string roleName, string description) { if (!securityContext.EDWRoles.Where(p => p.Name == roleName).Any()) { securityContext.EDWRoles.Add(new Persistence.SqlServer.EntityModels.EDW.EDWRole() { Name = roleName, Description = description }); securityContext.SaveChanges(); } }
public int Execute(IAddClaimSetModel claimSet) { var newClaimSet = new Security.DataAccess.Models.ClaimSet { ClaimSetName = claimSet.ClaimSetName, Application = _context.Applications.Single() }; _context.ClaimSets.Add(newClaimSet); _context.SaveChanges(); return(newClaimSet.ClaimSetId); }
private Task AddUserToIdentityBASEAsync(ISecurityContext securityContext, UserApiModel user) { return(Task.Run(() => { if (!securityContext.EDWIdentities.Where(p => p.Name == user.SubjectId).Any()) { securityContext.EDWIdentities.Add(new Persistence.SqlServer.EntityModels.EDW.EDWIdentity() { Name = user.SubjectId }); securityContext.SaveChanges(); } })); }
public void ApplyConfiguration(CloudOdsClaimSet configuration) { var claimSetExists = Queryable.Any(_securityContext.ClaimSets, cs => cs.ClaimSetName == configuration.ClaimSetName); if (claimSetExists) { return; } var resourceTypes = configuration.Claims.Select(c => c.EntityName); var actionNames = Enumerable.Distinct <string>(configuration.Claims.SelectMany(c => c.Actions).Select(x => x.ActionName)); var apiApplication = Queryable.Single(_securityContext.Applications, a => a.ApplicationName == configuration.ApplicationName); var resourceClaims = _securityContext.ResourceClaims.Where(rc => Enumerable.Contains(resourceTypes, rc.ResourceName)).ToList(); var actions = _securityContext.Actions.Where(a => actionNames.Contains(a.ActionName)).ToList(); var claimSet = new ClaimSet { Application = apiApplication, ClaimSetName = configuration.ClaimSetName }; _securityContext.ClaimSets.Add(claimSet); foreach (var requiredClaim in configuration.Claims) { var resourceClaim = resourceClaims.Single(rc => rc.ResourceName.Equals(requiredClaim.EntityName)); var authOverride = requiredClaim.AuthorizationStrategy != null ? Queryable.FirstOrDefault(_securityContext.AuthorizationStrategies, a => a.Application.ApplicationId == apiApplication.ApplicationId && a.AuthorizationStrategyName == requiredClaim.AuthorizationStrategy.StrategyName) : null; foreach (var claimSetResourceClaim in requiredClaim.Actions.Select(action => new ClaimSetResourceClaim { Action = actions.Single(a => a.ActionName == action.ActionName), AuthorizationStrategyOverride = authOverride, ClaimSet = claimSet, ResourceClaim = resourceClaim })) { _securityContext.ClaimSetResourceClaims.Add(claimSetResourceClaim); } } _securityContext.SaveChanges(); }
public void Execute(IResetToDefaultAuthStrategyModel model) { var claimSetResourceClaimsToEdit = _context.ClaimSetResourceClaims .Include(x => x.ResourceClaim) .Include(x => x.Action) .Include(x => x.ClaimSet) .Include(x => x.AuthorizationStrategyOverride) .Where(x => x.ResourceClaim.ResourceClaimId == model.ResourceClaimId && x.ClaimSet.ClaimSetId == model.ClaimSetId) .ToList(); foreach (var claimSetResourceClaim in claimSetResourceClaimsToEdit) { claimSetResourceClaim.AuthorizationStrategyOverride = null; } _context.SaveChanges(); }
public void Execute(IEditResourceOnClaimSetModel model) { var resourceClaimToEdit = model.ResourceClaim; var claimSetToEdit = _context.ClaimSets.Single(x => x.ClaimSetId == model.ClaimSetId); var claimSetResourceClaimsToEdit = _context.ClaimSetResourceClaims .Include(x => x.ResourceClaim) .Include(x => x.Action) .Include(x => x.ClaimSet) .Where(x => x.ResourceClaim.ResourceClaimId == resourceClaimToEdit.Id && x.ClaimSet.ClaimSetId == claimSetToEdit.ClaimSetId) .ToList(); AddEnabledActionsToClaimSet(resourceClaimToEdit, claimSetResourceClaimsToEdit, claimSetToEdit); RemoveDisabledActionsFromClaimSet(resourceClaimToEdit, claimSetResourceClaimsToEdit); _context.SaveChanges(); }
public void Execute(IOverrideDefaultAuthorizationStrategyModel model) { var claimSetResourceClaimsToEdit = _context.ClaimSetResourceClaims .Include(x => x.ResourceClaim) .Include(x => x.Action) .Include(x => x.ClaimSet) .Include(x => x.AuthorizationStrategyOverride) .Where(x => x.ResourceClaim.ResourceClaimId == model.ResourceClaimId && x.ClaimSet.ClaimSetId == model.ClaimSetId) .ToList(); var parentResourceClaimId = _context.ResourceClaims .Single(x => x.ResourceClaimId == model.ResourceClaimId).ParentResourceClaimId; var parentResourceClaims = new List <ClaimSetResourceClaim>(); if (parentResourceClaimId != null) { parentResourceClaims = _context.ClaimSetResourceClaims .Include(x => x.ResourceClaim) .Include(x => x.Action) .Include(x => x.ClaimSet) .Include(x => x.AuthorizationStrategyOverride) .Where(x => x.ResourceClaim.ResourceClaimId == parentResourceClaimId && x.ClaimSet.ClaimSetId == model.ClaimSetId) .ToList(); } var authorizationStrategiesDictionary = new Dictionary <int, Security.DataAccess.Models.AuthorizationStrategy>(); foreach (var authStrategy in _context.AuthorizationStrategies.ToList()) { authorizationStrategiesDictionary[authStrategy.AuthorizationStrategyId] = authStrategy; } claimSetResourceClaimsToEdit = RemoveOverrides(model, claimSetResourceClaimsToEdit); AddOverrides(model, claimSetResourceClaimsToEdit, authorizationStrategiesDictionary, parentResourceClaims); _context.SaveChanges(); }