/// <summary>
/// Processes the 'teams' component of the 'defaultConfigurations' section of a consolidated security contract. Either creates or updates an existing team.
/// Overwrites user the memebership of a team with the list of users defined wihtin the security contract.
/// </summary>
/// <param name="securityContractDefaultConfiguration"></param>
/// <returns></returns>
private async Task ApplyAllDefaultTeams(SecurityContractDefaultConfiguration securityContractDefaultConfiguration, Guid updatedById)
{
logger.Debug($"Applying default teams configuration for default config: '{securityContractDefaultConfiguration.Name}'");
if (securityContractDefaultConfiguration.Teams == null || securityContractDefaultConfiguration.Teams.Count == 0)
{
return;
}
// Execute only the simple team creation tasks in parallel
logger.Debug("Applying simple team...");
foreach (var simpleTeam in securityContractDefaultConfiguration.Teams.Where(x => x.Teams == null || x.Teams.Count == 0))
{
await ApplyDefaultTeam(simpleTeam, updatedById);
}
logger.Debug("Simple team applied.");
// Now that all simple teams are created, execute the compound team creation tasks in parallel
logger.Debug("Applying compound team...");
foreach (var compoundTeam in securityContractDefaultConfiguration.Teams.Where(x => x.Teams != null && x.Teams.Count > 0))
{
await ApplyDefaultTeam(compoundTeam, updatedById);
}
logger.Debug("Compound team applied.");
}
/// <summary>
/// Processes the 'roles' component of the 'defaultConfigurations' section of a security contract. Creates or updates all the roles in this list. Overwrites the
/// functions that are assigned to the role with the list of functions defined in the security contract.
/// </summary>
/// <param name="securityContractDefaultConfiguration"></param>
/// <returns></returns>
private async Task ApplyAllDefaultRoles(SecurityContractDefaultConfiguration securityContractDefaultConfiguration, Guid updatedById)
{
logger.Debug($"Applying default roles configuration for default config: '{securityContractDefaultConfiguration.Name}'");
// Ensure all default roles are created first.
// Recall, this is an optional component of the default configuration so ensure that it is persent.
if (securityContractDefaultConfiguration.Roles == null || securityContractDefaultConfiguration.Roles.Count == 0)
{
return;
}
// Execute only the simple role creation tasks in parallel
logger.Debug("Applying simple roles...");
foreach (var simpleRole in securityContractDefaultConfiguration.Roles.Where(x => x.Roles == null || x.Roles.Count == 0))
{
await ApplyDefaultRole(simpleRole, updatedById);
}
logger.Debug("Simple roles applied.");
// Now that all simple roles are created, execute the compound role creation tasks in parallel
logger.Debug("Applying compound roles...");
foreach (var compoundRole in securityContractDefaultConfiguration.Roles.Where(x => x.Roles != null && x.Roles.Count > 0))
{
await ApplyDefaultRole(compoundRole, updatedById);
}
logger.Debug("Compound roles applied.");
}
public async Task ApplyDefaultConfigurationDefinitionAsync(SecurityContractDefaultConfiguration securityContractDefaultConfiguration, Guid updatedById)
{
logger.Debug($"Applying default configuration: '{securityContractDefaultConfiguration.Name}'");
await ApplyAllDefaultApplications(securityContractDefaultConfiguration, updatedById);
await ApplyAllDefaultRoles(securityContractDefaultConfiguration, updatedById);
await ApplyAllDefaultLdapAuthModes(securityContractDefaultConfiguration, updatedById);
await ApplyAllDefaultUsers(securityContractDefaultConfiguration, updatedById);
await ApplyAllDefaultTeams(securityContractDefaultConfiguration, updatedById);
}
/// <summary>
/// Processes the 'users' component of the 'defaultConfigurations' component of a consolidated security contract. Creates or updates all the users defined
/// within the list. Overwrites all roles that the users have with the list of roles defined for each user.
/// </summary>
/// <param name="securityContractDefaultConfiguration"></param>
/// <returns></returns>
private async Task ApplyAllDefaultUsers(SecurityContractDefaultConfiguration securityContractDefaultConfiguration, Guid updatedById)
{
logger.Debug($"Applying default users configuration for default config: '{securityContractDefaultConfiguration.Name}'");
if (securityContractDefaultConfiguration.Users == null || securityContractDefaultConfiguration.Users.Count == 0)
{
return;
}
foreach (var defaultUser in securityContractDefaultConfiguration.Users)
{
await ApplyIndividualDefaultUser(defaultUser, updatedById);
}
}
/// <summary>
/// Processes the 'LdapAuthModes' component of the 'defaultConfigurations' component of a consolidated security contract. Creates or updates all the LDAP Auth modes defined
/// within the list. Overwrites all roles that the users have with the list of roles defined for each user.
/// </summary>
/// <param name="securityContractDefaultConfiguration"></param>
/// <returns></returns>
private async Task ApplyAllDefaultLdapAuthModes(SecurityContractDefaultConfiguration securityContractDefaultConfiguration, Guid updatedById)
{
logger.Debug($"Applying default LDAP Authentication modes configuration for default config: '{securityContractDefaultConfiguration.Name}'");
if (securityContractDefaultConfiguration.LdapAuthenticationModes == null || securityContractDefaultConfiguration.LdapAuthenticationModes.Count == 0)
{
return;
}
foreach (var defaultLdapAuthMode in securityContractDefaultConfiguration.LdapAuthenticationModes)
{
await ApplyIndividualDefaultLdapAuthMode(defaultLdapAuthMode, updatedById);
}
}
/// <summary>
/// Applies all the default configurations for defined applications. This is essentially creating 'business' functions comprised of permissions for
/// all applications that are defined within the applications section of the default configuration component of the security contract.
/// </summary>
/// <param name="securityContractDefaultConfiguration"></param>
/// <returns></returns>
private async Task ApplyAllDefaultApplications(SecurityContractDefaultConfiguration securityContractDefaultConfiguration, Guid updatedById)
{
logger.Debug($"Applying default application and function configuration for default config: '{securityContractDefaultConfiguration.Name}'");
if (securityContractDefaultConfiguration.Applications == null || securityContractDefaultConfiguration.Applications.Count == 0)
{
logger.Debug("No default application configuration section found...skipping.");
return;
}
foreach (var defaultApplication in securityContractDefaultConfiguration.Applications)
{
await ApplyIndividualDefaultApplication(defaultApplication, updatedById);
}
}
public async Task <SecurityContractDefaultConfiguration> GetDefaultConfigurationDefinitionAsync()
{
logger.Debug($"Retrieving default configuration security contract definitions.");
var contractDefaultConfig = new SecurityContractDefaultConfiguration()
{
Name = "A3S Default configuration"
};
contractDefaultConfig.Applications = await RetrieveDefaultConfigApplications();
contractDefaultConfig.Roles = await RetrieveDefaultConfigRoles();
contractDefaultConfig.Users = await RetrieveDefaultConfigUsers();
contractDefaultConfig.Teams = await RetrieveDefaultConfigTeams();
contractDefaultConfig.LdapAuthenticationModes = await RetrieveDefaultConfigLdapAuthenticationModes();
return(contractDefaultConfig);
}
