public void RevokeRole(PolicyUser user, string roleName)
{
Ensure.NotNull(user, nameof(user));
Ensure.NotNullOrEmpty(roleName, nameof(roleName));
Ensure.Equal(Id, user.PolicyId, nameof(user));
if (!_rolesByName.TryGetValue(roleName, out var roleId))
{
throw new ArgumentOutOfRangeException($"Policy {ClientId} does not contain Role {roleName}");
}
user.RemoveRole(roleName, roleId);
}
public CommandResponse Handle(PolicyUserMsgs.AddPolicyUser cmd)
{
var policy = _repo.GetById <Domain.SecuredApplication>(cmd.ApplicationId, cmd).DefaultPolicy;
if (policy.Id != cmd.PolicyId)
{
throw new NotSupportedException("Multiple Policies per Application is not supported. (or bad policy id)");
}
var policyUser = new Domain.PolicyUser(cmd.PolicyUserId, policy.Id, cmd.UserId, policy.OneRolePerUser, cmd);
_repo.Save(policyUser);
return(cmd.Succeed());
}
