コード例 #1
0
        private void AddRules <TAccessRule>(
            IEntityAccessRestrictable <TAccessRule> entity,
            IEnumerable <AddOrUpdateAccessRuleCommandBase> accessRules,
            Dictionary <int, Role> roles,
            Dictionary <string, IUserAreaDefinition> userAreas,
            IExecutionContext executionContext
            )
            where TAccessRule : IEntityAccessRule, new()
        {
            foreach (var addRuleCommand in accessRules.Where(r => !r.GetId().HasValue))
            {
                var dbRule = new TAccessRule();

                var userAreaDefinition = userAreas.GetOrDefault(addRuleCommand.UserAreaCode);
                EntityNotFoundException.ThrowIfNull(userAreaDefinition, addRuleCommand.RoleId);
                dbRule.UserAreaCode = userAreaDefinition.UserAreaCode;

                if (addRuleCommand.RoleId.HasValue)
                {
                    var role = roles.GetOrDefault(addRuleCommand.RoleId.Value);
                    EntityNotFoundException.ThrowIfNull(role, addRuleCommand.RoleId);
                    ValidateRoleIsInUserArea(userAreaDefinition, role);
                    dbRule.Role = role;
                }

                _entityAuditHelper.SetCreated(dbRule, executionContext);

                entity.AccessRules.Add(dbRule);
            }
        }
コード例 #2
0
        private void UpdateRules <TAccessRule>(
            IEntityAccessRestrictable <TAccessRule> entity,
            IEnumerable <AddOrUpdateAccessRuleCommandBase> accessRules,
            Dictionary <int, Role> roles,
            Dictionary <string, IUserAreaDefinition> userAreas)
            where TAccessRule : IEntityAccessRule
        {
            foreach (var updateRuleCommand in accessRules.Where(r => r.GetId().HasValue))
            {
                var id     = updateRuleCommand.GetId();
                var dbRule = entity
                             .AccessRules
                             .FilterById(id.Value)
                             .SingleOrDefault();

                EntityNotFoundException.ThrowIfNull(dbRule, id);

                var userAreaDefinition = userAreas.GetOrDefault(updateRuleCommand.UserAreaCode);
                EntityNotFoundException.ThrowIfNull(userAreaDefinition, updateRuleCommand.RoleId);
                dbRule.UserAreaCode = userAreaDefinition.UserAreaCode;

                if (updateRuleCommand.RoleId.HasValue)
                {
                    var role = roles.GetOrDefault(updateRuleCommand.RoleId.Value);
                    EntityNotFoundException.ThrowIfNull(role, updateRuleCommand.RoleId);
                    ValidateRoleIsInUserArea(userAreaDefinition, role);
                    dbRule.Role = role;
                }
                else
                {
                    dbRule.Role = null;
                }
            }
        }
コード例 #3
0
        private static void DeleteRules <TAccessRule>(IEntityAccessRestrictable <TAccessRule> entity, IEnumerable <AddOrUpdateAccessRuleCommandBase> accessRules)
            where TAccessRule : IEntityAccessRule
        {
            var rulesToDelete = entity
                                .AccessRules
                                .Where(r => !accessRules.Any(x => x.GetId() == r.GetId()))
                                .ToList();

            foreach (var rule in rulesToDelete)
            {
                entity.AccessRules.Remove(rule);
            }
        }
コード例 #4
0
        private AccessRuleViolationAction ParseViolationAction <TAccessRule>(IEntityAccessRestrictable <TAccessRule> dbEntity) where TAccessRule : IEntityAccessRule
        {
            var violationAction = EnumParser.ParseOrNull <AccessRuleViolationAction>(dbEntity.AccessRuleViolationActionId);

            if (violationAction == null)
            {
                _logger.LogWarning(
                    "AccessRuleViolationAction of value {AccessRuleViolationAction} could not be parsed on rule type {TAccessRule}.",
                    dbEntity.AccessRuleViolationActionId,
                    typeof(TAccessRule).Name
                    );
            }

            return(violationAction ?? AccessRuleViolationAction.Error);
        }
コード例 #5
0
        public EntityAccessRuleSet Map <TAccessRule>(IEntityAccessRestrictable <TAccessRule> entity)
            where TAccessRule : IEntityAccessRule
        {
            if (entity == null)
            {
                throw new ArgumentNullException(nameof(entity));
            }
            MissingIncludeException.ThrowIfNull(entity, e => e.AccessRules);

            if (!entity.AccessRules.Any())
            {
                // no rules, so return null rather than an empty ruleset
                return(null);
            }

            var violationAction = EnumParser.ParseOrNull <AccessRuleViolationAction>(entity.AccessRuleViolationActionId);

            if (violationAction == null)
            {
                _logger.LogWarning(
                    "AccessRuleViolationAction of value {AccessRuleViolationAction} could not be parsed on rule type {TAccessRule}.",
                    entity.AccessRuleViolationActionId,
                    typeof(TAccessRule).Name
                    );
            }


            var result = new EntityAccessRuleSet()
            {
                ViolationAction = violationAction ?? AccessRuleViolationAction.Error
            };

            if (!string.IsNullOrWhiteSpace(entity.UserAreaCodeForSignInRedirect))
            {
                var userArea = _userAreaDefinitionRepository.GetRequiredByCode(entity.UserAreaCodeForSignInRedirect);
                result.UserAreaCodeForSignInRedirect = userArea.UserAreaCode;
            }

            result.AccessRules = entity
                                 .AccessRules
                                 .OrderByDefault()
                                 .Select(r => MapAccessRule(r))
                                 .ToArray();

            return(result);
        }
コード例 #6
0
        public async Task UpdateAsync <TAccessRule, TAddOrUpdateAccessRuleCommand>(
            IEntityAccessRestrictable <TAccessRule> entity,
            UpdateAccessRuleSetCommandBase <TAddOrUpdateAccessRuleCommand> command,
            IExecutionContext executionContext
            )
            where TAccessRule : IEntityAccessRule, new()
            where TAddOrUpdateAccessRuleCommand : AddOrUpdateAccessRuleCommandBase
        {
            var accessRules = EnumerableHelper.Enumerate(command.AccessRules);
            var roles       = await GetRolesAsync(accessRules);

            var userAreas = await GetUserAreasAsync(accessRules, executionContext);

            DeleteRules(entity, accessRules);
            UpdateRules(entity, accessRules, roles, userAreas);
            AddRules(entity, accessRules, roles, userAreas, executionContext);
            UpdateEntity(entity, command, userAreas);
        }
コード例 #7
0
        private async Task MapAccessRules <TAccessRule, TEntityAccessRuleSummary>(
            IEntityAccessRestrictable <TAccessRule> dbEntity,
            IEntityAccessRuleSetDetails <TEntityAccessRuleSummary> result,
            IExecutionContext executionContext,
            Action <TAccessRule, TEntityAccessRuleSummary> ruleMapper
            )
            where TAccessRule : IEntityAccessRule
            where TEntityAccessRuleSummary : IEntityAccessRuleSummary, new()
        {
            var userAreas = await _queryExecutor.ExecuteAsync(new GetAllUserAreaMicroSummariesQuery(), executionContext);

            var roleIds = dbEntity
                          .AccessRules
                          .Where(r => r.RoleId.HasValue)
                          .Select(r => r.RoleId.Value)
                          .ToArray();

            IDictionary <int, RoleMicroSummary> roles = null;

            if (roleIds.Any())
            {
                roles = await _queryExecutor.ExecuteAsync(new GetRoleMicroSummariesByIdRangeQuery(roleIds), executionContext);
            }

            foreach (var dbRule in dbEntity
                     .AccessRules
                     .OrderByDefault())
            {
                var rule = new TEntityAccessRuleSummary();
                ruleMapper(dbRule, rule);
                rule.UserArea = userAreas.SingleOrDefault(a => a.UserAreaCode == dbRule.UserAreaCode);
                EntityNotFoundException.ThrowIfNull(rule.UserArea, dbRule.UserAreaCode);

                if (dbRule.RoleId.HasValue)
                {
                    rule.Role = roles.GetOrDefault(dbRule.RoleId.Value);
                    EntityNotFoundException.ThrowIfNull(rule.Role, dbRule.RoleId.Value);
                }

                result.AccessRules.Add(rule);
            }
        }
コード例 #8
0
        public async Task MapAsync <TAccessRule, TEntityAccessRuleSummary>(
            IEntityAccessRestrictable <TAccessRule> dbEntity,
            IEntityAccessRuleSetDetails <TEntityAccessRuleSummary> result,
            IExecutionContext executionContext,
            Action <TAccessRule, TEntityAccessRuleSummary> ruleMapper
            )
            where TAccessRule : IEntityAccessRule
            where TEntityAccessRuleSummary : IEntityAccessRuleSummary, new()
        {
            if (dbEntity == null)
            {
                throw new ArgumentNullException(nameof(dbEntity));
            }
            if (result == null)
            {
                throw new ArgumentNullException(nameof(result));
            }
            if (executionContext == null)
            {
                throw new ArgumentNullException(nameof(executionContext));
            }
            if (ruleMapper == null)
            {
                throw new ArgumentNullException(nameof(ruleMapper));
            }

            result.ViolationAction = ParseViolationAction(dbEntity);

            if (result.AccessRules == null)
            {
                result.AccessRules = new List <TEntityAccessRuleSummary>();
            }

            if (!dbEntity.AccessRules.Any())
            {
                return;
            }

            await MapAccessRules(dbEntity, result, executionContext, ruleMapper);

            MapUserAreaForSignInRedirect(dbEntity, result);
        }
コード例 #9
0
        private static void UpdateEntity <TAccessRule, TAddOrUpdateAccessRuleCommand>(
            IEntityAccessRestrictable <TAccessRule> entity,
            UpdateAccessRuleSetCommandBase <TAddOrUpdateAccessRuleCommand> command,
            Dictionary <string, IUserAreaDefinition> userAreas
            )
            where TAccessRule : IEntityAccessRule
            where TAddOrUpdateAccessRuleCommand : AddOrUpdateAccessRuleCommandBase
        {
            entity.AccessRuleViolationActionId = (int)command.ViolationAction;

            if (string.IsNullOrEmpty(command.UserAreaCodeForSignInRedirect))
            {
                entity.UserAreaCodeForSignInRedirect = null;
            }
            else
            {
                var userArea = userAreas.GetOrDefault(command.UserAreaCodeForSignInRedirect);
                EntityNotFoundException.ThrowIfNull(userArea, command.UserAreaCodeForSignInRedirect);
                entity.UserAreaCodeForSignInRedirect = userArea.UserAreaCode;
            }
        }
コード例 #10
0
        private void MapUserAreaForSignInRedirect <TAccessRule, TEntityAccessRuleSummary>(
            IEntityAccessRestrictable <TAccessRule> dbEntity,
            IEntityAccessRuleSetDetails <TEntityAccessRuleSummary> result
            )
            where TAccessRule : IEntityAccessRule
            where TEntityAccessRuleSummary : IEntityAccessRuleSummary
        {
            if (dbEntity.UserAreaCodeForSignInRedirect != null)
            {
                result.UserAreaForSignInRedirect = result
                                                   .AccessRules
                                                   .Select(r => r.UserArea)
                                                   .Where(a => a.UserAreaCode == dbEntity.UserAreaCodeForSignInRedirect)
                                                   .FirstOrDefault();

                if (result.UserAreaForSignInRedirect == null)
                {
                    _logger.LogWarning(
                        "UserAreaCodeForSignInRedirect of value '{UserAreaCodeForSignInRedirect}' is expected to exist in the AccessRules collection, but could not be found.",
                        dbEntity.UserAreaCodeForSignInRedirect
                        );
                }
            }
        }