public Task <IList <Permission> > GetPermissionsAsync(int userId, PermissionMode permissionMode = PermissionMode.All) { return((Repository as IPermissionRepository).GetPermissionsAsync(userId, permissionMode)); }
public IFakeCommandAttribute BuildCreateFakeCommandByRouting <T>(PermissionMode permission, T target, IRoutingAttribute routing, IObjectAttribute objectAttribute, PropertyInfo[] properties) where T : IAlbianObject { if (null == routing) { throw new ArgumentNullException("routing"); } if (null == properties || 0 == properties.Length) { throw new ArgumentNullException("properties"); } if (null == objectAttribute) { throw new ArgumentNullException("objectAttribute"); } if (0 == (permission & routing.Permission)) { if (null != Logger) { Logger.WarnFormat("The routing permission {0} is no enough.", permission); } return(null); } //create the connection string IStorageAttribute storageAttr = (IStorageAttribute)StorageCache.Get(routing.StorageName); if (null == storageAttr) { if (null != Logger) { Logger.WarnFormat( "No {0} rounting mapping storage attribute in the sotrage cache.Use default storage.", routing.Name); } storageAttr = (IStorageAttribute)StorageCache.Get(StorageParser.DefaultStorageName); } if (!storageAttr.IsHealth) { if (null != Logger) { Logger.WarnFormat("Routing:{0},Storage:{1} is not health.", routing.Name, storageAttr.Name); } return(null); } var sbInsert = new StringBuilder(); var sbCols = new StringBuilder(); var sbValues = new StringBuilder(); IList <DbParameter> paras = new List <DbParameter>(); //create the hash table name string tableFullName = Utils.GetTableFullName(routing, target); //build the command text IDictionary <string, IMemberAttribute> members = objectAttribute.MemberAttributes; foreach (PropertyInfo property in properties) { object value = property.GetValue(target, null); if (null == value) { continue; } IMemberAttribute member = members[property.Name]; if (!member.IsSave) { continue; } sbCols.AppendFormat("{0},", member.FieldName); string paraName = DatabaseFactory.GetParameterName(storageAttr.DatabaseStyle, member.FieldName); sbValues.AppendFormat("{0},", paraName); paras.Add(DatabaseFactory.GetDbParameter(storageAttr.DatabaseStyle, paraName, member.DBType, value, member.Length)); } int colsLen = sbCols.Length; if (0 < colsLen) { sbCols.Remove(colsLen - 1, 1); } int valLen = sbValues.Length; if (0 < valLen) { sbValues.Remove(valLen - 1, 1); } sbInsert.AppendFormat("INSERT INTO {0} ({1}) VALUES({2}) ", tableFullName, sbCols, sbValues); IFakeCommandAttribute fakeCmd = new FakeCommandAttribute { CommandText = sbInsert.ToString(), Paras = ((List <DbParameter>)paras).ToArray(), StorageName = routing.StorageName }; return(fakeCmd); }
public IList <Permission> GetPermissions(int userId, PermissionMode permissionMode = PermissionMode.All) { return((Repository as IPermissionRepository).GetPermissions(userId, permissionMode)); }
private static async Task<Permission> CreatePermissionAsync(string resourceLink, string userLink, PermissionMode mode) { Permission permission = new Permission { Id = Guid.NewGuid().ToString("N"), PermissionMode = mode, ResourceLink = resourceLink }; return (Permission)await client.CreatePermissionAsync(userLink, permission); }
/// <summary>默认构造</summary> /// <param name="Mode">认证模式</param> public AuthorizeFilterAttribute(PermissionMode Mode) { _customMode = Mode; }
private static async Task <PermissionToken> GetPermissionToken(string userId, CosmosDBRepository repo, PermissionMode permissionMode) { string permissionDocumentId = $"{userId}_{COLLECTION}Collection_PermissionId"; PermissionToken permissionToken = null; permissionToken = await GetPermissionAsync(userId, repo, permissionDocumentId, PermissionMode.All); return(permissionToken); }
private async static Task <Permission> CreatePermission(DocumentClient client, User user, string permId, PermissionMode permissionMode, string resourceLink) { Console.WriteLine(); Console.WriteLine($">>> Create Permission {permId} for {user.Id} <<<"); var permDefinition = new Permission { Id = permId, PermissionMode = permissionMode, ResourceLink = resourceLink }; var result = await client.CreatePermissionAsync(user.SelfLink, permDefinition); var perm = result.Resource; Console.WriteLine("Created new permission"); ViewPermission(perm); return(perm); }
/// <summary> /// Creates a permission with an access token for the specified user and the specified collection /// </summary> public async Task <Permission> CreateUserPermission(User user, DocumentCollection collection, PermissionMode permission) { var permissionId = permission + collection.Id; // The permission may already exists on database, try to find it var collectionPermission = Client.CreatePermissionQuery("/dbs/" + Database.ResourceId + "/users/" + user.ResourceId + "/permissions") .AsEnumerable() .FirstOrDefault(u => u.Id == permissionId); // If permission not found, create a new one if (collectionPermission == null) { collectionPermission = new Permission { PermissionMode = permission, ResourceLink = collection.SelfLink, Id = permissionId }; } return(await Client.CreatePermissionAsync(user.SelfLink, collectionPermission)); }
private static async Task <Permission> CreatePermission(IDocumentClient client, User user, string permId, PermissionMode permissionMode, string resourceLink) { Console.WriteLine($">>> Create Permission {permId} for {user.Id} <<<"); Permission permissionDefinition = new Permission { Id = permId, PermissionMode = permissionMode, ResourceLink = resourceLink }; ResourceResponse <Permission> result = await client.CreatePermissionAsync(user.SelfLink, permissionDefinition); Permission permission = result.Resource; Console.WriteLine("Created new permission"); PrintPermission(permission); return(permission); }
static string GetUserPermissionId(string databaseId, string userId, PermissionMode permissionMode) => $"{databaseId}-{userId}-{permissionMode.ToString().ToUpper()}";
private static async Task<Permission> CreatePermissionAsync(string resourceLink, string userLink, PermissionMode mode, string resourcePartitionKey = null) { Permission permission = new Permission { Id = Guid.NewGuid().ToString("N"), PermissionMode = mode, ResourceLink = resourceLink }; if (resourcePartitionKey != null) { permission.ResourcePartitionKey = new PartitionKey(resourcePartitionKey); } ResourceResponse<Permission> response = await DocumentClientHelper.ExecuteWithRetries<ResourceResponse<Permission>>( client, () => client.CreatePermissionAsync(userLink, permission)); return response.Resource; }
public static async Task <Permission> GetOrCreatePermission(this DocumentClient client, string databaseId, string collectionId, string resourceLink, string userId, PermissionMode permissionMode, int durationInSeconds, TraceWriter log) { var permissionId = string.Empty; try { Database database = null; DocumentCollection documentCollection = null; if (!string.IsNullOrEmpty(collectionId)) { await client.EnsureCollection(databaseId, collectionId, log); log?.Info($" ... getting collection ({collectionId}) in database ({databaseId})"); var collectionResponse = await client.ReadDocumentCollectionAsync(UriFactory.CreateDocumentCollectionUri(databaseId, collectionId)); documentCollection = collectionResponse?.Resource ?? throw new Exception($"Could not find Document Collection in Database {databaseId} with CollectionId: {collectionId}"); } else if (!string.IsNullOrEmpty(databaseId)) { await client.EnsureDatabase(databaseId, log); log?.Info($" ... collectionId == null, getting database ({databaseId})"); var databaseResponse = await client.ReadDatabaseAsync(UriFactory.CreateDatabaseUri(databaseId)); database = databaseResponse?.Resource ?? throw new Exception($"Could not find Database {databaseId}"); } else { throw new Exception($"databaseId and collectionId must be provided"); } var link = resourceLink ?? documentCollection?.SelfLink; //?? throw new Exception($"Could not get selfLink for Document Collection in Database {databaseId} with CollectionId: {collectionId}"); var userTup = await client.GetOrCreateUser(databaseId, userId, log); var user = userTup.user; Permission permission; permissionId = GetUserPermissionId(databaseId, collectionId, user.Id, permissionMode); // if the user was newly created, go ahead and create the permission if (userTup.created && !string.IsNullOrEmpty(user?.Id)) { permission = await client.CreateNewPermission(databaseId, link, user, permissionId, permissionMode, durationInSeconds, log); } else // else look for an existing permission with the id { var permissionUri = UriFactory.CreatePermissionUri(databaseId, user.Id, permissionId); try { log?.Info($" ... getting permission ({permissionId}) at uri: {permissionUri}"); var permissionResponse = await client.ReadPermissionAsync(permissionUri, PermissionRequestOptions(durationInSeconds)); permission = permissionResponse?.Resource; if (permission != null) { log?.Info($" ... found existing permission ({permission.Id})"); } } catch (DocumentClientException dcx) { dcx.Print(log); switch (dcx.StatusCode) { case HttpStatusCode.NotFound: log?.Info($" ... could not find permission ({permissionId}) at uri: {permissionUri} - creating..."); permission = await client.CreateNewPermission(databaseId, link, user, permissionId, permissionMode, durationInSeconds, log); break; default: throw; } } } return(permission); } catch (Exception ex) { var resourceComponent = string.IsNullOrEmpty(resourceLink) ? "" : $" Resource: {resourceLink} "; log?.Error($"Error creating new new {permissionMode.ToString().ToUpper()} Permission [Database: {databaseId} Collection: {collectionId}{resourceComponent} User: {userId} Permission: {permissionId}", ex); throw; } }
static string GetUserPermissionId(string databaseId, string collectionId, string userId, PermissionMode permissionMode) { return(string.IsNullOrEmpty(collectionId) ? GetUserPermissionId(databaseId, userId, permissionMode) : $"{databaseId}-{collectionId}-{userId}-{permissionMode.ToString().ToUpper()}"); }
static async Task <Permission> CreateNewPermission(this DocumentClient client, string databaseId, string resourceLink, User user, string permissionId, PermissionMode permissionMode, int durationInSeconds, TraceWriter log) { log?.Info($" ... creating new permission ({permissionId}) for resource at ({resourceLink})"); var newPermission = new Permission { Id = permissionId, PermissionMode = permissionMode }; if (!string.IsNullOrEmpty(resourceLink)) { newPermission.ResourceLink = resourceLink; } try { var permissionResponse = await client.CreatePermissionAsync(user.SelfLink, newPermission, PermissionRequestOptions(durationInSeconds)); var permission = permissionResponse?.Resource; if (permission != null) { log?.Info($" ... created new permission ({permission.Id})"); } return(permission); } catch (DocumentClientException dcx) { dcx.Print(log); switch (dcx.StatusCode) { case HttpStatusCode.Conflict: // check for an existing permission with a different permissionMode var oldPermissionId = permissionId.Replace(permissionMode.ToString().ToUpper(), permissionMode == PermissionMode.All ? PermissionMode.Read.ToString().ToUpper() : PermissionMode.All.ToString().ToUpper()); log?.Info($" ... deleting old permission ({oldPermissionId})"); await client.DeletePermissionAsync(UriFactory.CreatePermissionUri(databaseId, user.Id, oldPermissionId)); log?.Info($" ... creating new permission ({permissionId}) for resource at ({resourceLink})"); var permissionResponse = await client.CreatePermissionAsync(user.SelfLink, newPermission, PermissionRequestOptions(durationInSeconds)); var permission = permissionResponse?.Resource; if (permission != null) { log?.Info($" ... created new permission ({permission.Id})"); } return(permission); default: throw; } } catch (Exception ex) { log?.Error($"Error creating new Permission with Id: {permissionId} for resource at: {resourceLink}", ex); throw; } }
private static async Task <Permission> CreatePermissionAsync(string resourceLink, string userLink, PermissionMode mode, string resourcePartitionKey = null) { Permission permission = new Permission { Id = Guid.NewGuid().ToString("N"), PermissionMode = mode, ResourceLink = resourceLink }; if (resourcePartitionKey != null) { permission.ResourcePartitionKey = new PartitionKey(resourcePartitionKey); } ResourceResponse <Permission> response = await DocumentClientHelperEx.ExecuteWithRetries <ResourceResponse <Permission> >( client, () => client.CreatePermissionAsync(userLink, permission)); return(response.Resource); }
internal ApiPermissionBinding(PermissionMode mode, IEnumerable <string> requiredPermissions) { this.Mode = mode; this.RequiredPermissions = requiredPermissions; }
/// <summary>默认构造</summary> /// <param name="Mode">认证模式</param> public HandlerAuthorizeAttribute(PermissionMode Mode) { _customMode = Mode; }
internal ApiPermissionValueProvider(PermissionMode mode, IEnumerable <string> requiredPermissions, string accessToken) { this.Mode = mode; this.RequiredPermissions = requiredPermissions; this.AccessToken = accessToken; }
private static async Task <PermissionToken> GetPermissionAsync(string userId, CosmosDBRepository repo, string permissionId, PermissionMode permissionMode = PermissionMode.Read) { Permission permission = null; User user = await CreateUserIfNotExistAsync(userId, repo); string userStr = userId; string[] userArr = userStr.Split('@'); userStr = userArr[0]; try { permission = await repo.GetPermissionAsync(user, permissionId, new RequestOptions { ResourceTokenExpirySeconds = (int)TOKEN_EXPIRY.TotalSeconds }); // System.Diagnostics.Debug.WriteLine($"Retreived Existing Permission. {permission.Id}"); } catch (DocumentClientException e) { if (e.StatusCode == System.Net.HttpStatusCode.NotFound) { DocumentCollection collection = await repo.GetDocumentCollectionAsync(); permission = new Permission { PermissionMode = permissionMode, ResourceLink = collection.SelfLink, // Permission restricts access to this partition key ResourcePartitionKey = new PartitionKey(userStr), // Unique per user Id = permissionId }; try { permission = await repo.UpsertPermissionAsync(user, permission, new RequestOptions { ResourceTokenExpirySeconds = (int)TOKEN_EXPIRY.TotalSeconds }); } catch (Exception ex) { throw ex; } } else { throw e; } } var expires = DateTimeOffset.Now.Add(TOKEN_EXPIRY).ToUnixTimeSeconds(); return(new PermissionToken() { Token = permission.Token, Expires = expires, UserId = userId }); }
public PermissionGatewayAttribute(PermissionMode mode, params string[] permissions) { this.Mode = mode; this.Permissions = permissions ?? new string[0]; }
/// <summary>默认构造</summary> /// <param name="Mode">权限认证模式</param> public ManagerPermissionAttribute(PermissionMode Mode) { _CustomMode = Mode; }
/// <summary>默认构造</summary> /// <param name="Mode">权限认证模式</param> public ManagerPermissionAttribute(PermissionMode Mode) { _customMode = Mode; }
/// <summary> /// Creates a permission with an access token for the specified user and the specified collection /// </summary> public async Task<Permission> CreateUserPermission(User user, DocumentCollection collection, PermissionMode permission) { var permissionId = permission + collection.Id; // The permission may already exists on database, try to find it var collectionPermission = Client.CreatePermissionQuery("/dbs/" + Database.ResourceId + "/users/" + user.ResourceId + "/permissions") .AsEnumerable() .FirstOrDefault(u => u.Id == permissionId); // If permission not found, create a new one if (collectionPermission == null) { collectionPermission = new Permission { PermissionMode = permission, ResourceLink = collection.SelfLink, Id = permissionId }; } return await Client.CreatePermissionAsync(user.SelfLink, collectionPermission); }
/// <summary> /// Serialize the object /// </summary> /// <returns> /// Returns the json model for the type Permission /// </returns> public virtual JToken SerializeJson(JToken outputObject) { if (outputObject == null) { outputObject = new JObject(); } if (Id == null) { throw new ArgumentNullException(nameof(Id)); } var mode = PermissionMode as ILazyCollection; if (mode != null && !mode.IsInitialized || PermissionMode == null) { throw new ArgumentNullException(nameof(PermissionMode)); } if (Resource == null) { throw new ArgumentNullException(nameof(Resource)); } if (Etag != null) { outputObject["_etag"] = Etag; } if (Rid != null) { outputObject["_rid"] = Rid; } if (Self != null) { outputObject["_self"] = Self; } if (Token != null) { outputObject["_token"] = Token; } if (Ts != null) { outputObject["_ts"] = Ts; } if (Id != null) { outputObject["id"] = Id; } if (PermissionMode != null) { var collection = PermissionMode as ILazyCollection; if (collection != null == false || ((ILazyCollection)PermissionMode).IsInitialized) { var permissionModeSequence = new JArray(); outputObject["permissionMode"] = permissionModeSequence; foreach (var permissionModeItem in PermissionMode.Where(permissionModeItem => permissionModeItem != null)) { permissionModeSequence.Add(permissionModeItem); } } } if (Resource != null) { outputObject["resource"] = Resource; } return(outputObject); }