public async Task <string> Execute(AddPolicyParameter addPolicyParameter) { var json = addPolicyParameter == null ? string.Empty : JsonConvert.SerializeObject(addPolicyParameter); _umaServerEventSource.StartAddingAuthorizationPolicy(json); if (addPolicyParameter == null) { throw new ArgumentNullException(nameof(addPolicyParameter)); } if (addPolicyParameter.ResourceSetIds == null || !addPolicyParameter.ResourceSetIds.Any()) { throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, Constants.AddPolicyParameterNames.ResourceSetIds)); } foreach (var resourceSetId in addPolicyParameter.ResourceSetIds) { var resourceSet = await _repositoryExceptionHelper.HandleException( string.Format(ErrorDescriptions.TheResourceSetCannotBeRetrieved, resourceSetId), () => _resourceSetRepository.Get(resourceSetId)); if (resourceSet == null) { throw new BaseUmaException(ErrorCodes.InvalidResourceSetId, string.Format(ErrorDescriptions.TheResourceSetDoesntExist, resourceSetId)); } if (addPolicyParameter.Scopes.Any(r => !resourceSet.Scopes.Contains(r))) { throw new BaseUmaException(ErrorCodes.InvalidScope, ErrorDescriptions.OneOrMoreScopesDontBelongToAResourceSet); } } // Insert policy var policy = new Policy { Id = Guid.NewGuid().ToString(), ClientIds = addPolicyParameter.ClientIdsAllowed, ResourceSetIds = addPolicyParameter.ResourceSetIds, IsResourceOwnerConsentNeeded = addPolicyParameter.IsResourceOwnerConsentNeeded, Script = addPolicyParameter.Script, Scopes = addPolicyParameter.Scopes, Claims = addPolicyParameter.Claims == null ? new List <Claim>() : addPolicyParameter.Claims.Select(c => new Claim { Type = c.Type, Value = c.Value }).ToList() }; await _repositoryExceptionHelper.HandleException(ErrorDescriptions.ThePolicyCannotBeInserted, () => _policyRepository.Add(policy)); _umaServerEventSource.FinishToAddAuthorizationPolicy(JsonConvert.SerializeObject(policy)); return(policy.Id); }