private IEnumerable <Permission> GetPermissionsFromViewModel(AddApiKeyViewModel viewModel)
{
List <Permission> permissions = new List <Permission>();
foreach (var p in viewModel.PermissionValues.Where(tuple => !tuple.Forbidden))
{
if (Policies.IsStorePolicy(p.Permission))
{
if (p.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.AllStores && p.Value)
{
permissions.Add(Permission.Create(p.Permission));
}
else if (p.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific)
{
permissions.AddRange(p.SpecificStores.Select(s => Permission.Create(p.Permission, s)));
}
}
else if (p.Value && Permission.TryCreatePermission(p.Permission, null, out var pp))
{
permissions.Add(pp);
}
}
return(permissions.Distinct());
}
private IActionResult HandleCommands(AddApiKeyViewModel viewModel)
{
switch (viewModel.Command)
{
case "change-store-mode":
viewModel.StoreMode = viewModel.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific
? AddApiKeyViewModel.ApiKeyStoreMode.AllStores
: AddApiKeyViewModel.ApiKeyStoreMode.Specific;
if (viewModel.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific &&
!viewModel.SpecificStores.Any() && viewModel.Stores.Any())
{
viewModel.SpecificStores.Add(null);
}
return(View(viewModel));
case "add-store":
viewModel.SpecificStores.Add(null);
return(View(viewModel));
case string x when x.StartsWith("remove-store", StringComparison.InvariantCultureIgnoreCase):
{
ModelState.Clear();
var index = int.Parse(
viewModel.Command.Substring(
viewModel.Command.IndexOf(":", StringComparison.InvariantCultureIgnoreCase) + 1),
CultureInfo.InvariantCulture);
viewModel.SpecificStores.RemoveAt(index);
return(View(viewModel));
}
}
return(null);
}
public async Task <IActionResult> AddApiKey(AddApiKeyViewModel viewModel)
{
await SetViewModelValues(viewModel);
var ar = HandleCommands(viewModel);
if (ar != null)
{
return(ar);
}
if (!ModelState.IsValid)
{
return(View(viewModel));
}
var key = await CreateKey(viewModel);
TempData.SetStatusMessageModel(new StatusMessageModel()
{
Severity = StatusMessageModel.StatusSeverity.Success,
Html = $"API key generated! <code class='alert-link'>{key.Id}</code>"
});
return(RedirectToAction("APIKeys"));
}
private IActionResult HandleCommands(AddApiKeyViewModel viewModel)
{
if (string.IsNullOrEmpty(viewModel.Command))
{
return(null);
}
var parts = viewModel.Command.Split(':', StringSplitOptions.RemoveEmptyEntries);
var permission = parts[0];
if (!Policies.IsStorePolicy(permission))
{
return(null);
}
var permissionValueItem = viewModel.PermissionValues.Single(item => item.Permission == permission);
var command = parts[1];
var storeIndex = parts.Length == 3 ? parts[2] : null;
ModelState.Clear();
switch (command)
{
case "change-store-mode":
permissionValueItem.StoreMode = permissionValueItem.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific
? AddApiKeyViewModel.ApiKeyStoreMode.AllStores
: AddApiKeyViewModel.ApiKeyStoreMode.Specific;
// Reset values for "all stores" option to their original values
if (permissionValueItem.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.AllStores)
{
permissionValueItem.SpecificStores = new List <string>();
permissionValueItem.Value = true;
}
if (permissionValueItem.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific &&
!permissionValueItem.SpecificStores.Any() && viewModel.Stores.Any())
{
permissionValueItem.SpecificStores.Add(null);
}
return(View(viewModel));
case "add-store":
permissionValueItem.SpecificStores.Add(null);
return(View(viewModel));
case "remove-store":
{
if (storeIndex != null)
{
permissionValueItem.SpecificStores.RemoveAt(int.Parse(storeIndex,
CultureInfo.InvariantCulture));
}
return(View(viewModel));
}
}
return(null);
}
private async Task <APIKeyData> CreateKey(AddApiKeyViewModel viewModel)
{
var key = new APIKeyData()
{
Id = Encoders.Hex.EncodeData(RandomUtils.GetBytes(20)),
Type = APIKeyType.Permanent,
UserId = _userManager.GetUserId(User),
Label = viewModel.Label
};
key.SetPermissions(GetPermissionsFromViewModel(viewModel));
await _apiKeyRepository.CreateKey(key);
return(key);
}
private async Task <APIKeyData> CreateKey(AddApiKeyViewModel viewModel)
{
var key = new APIKeyData()
{
Id = Guid.NewGuid().ToString().Replace("-", string.Empty),
Type = APIKeyType.Permanent,
UserId = _userManager.GetUserId(User),
Label = viewModel.Label
};
key.SetPermissions(GetPermissionsFromViewModel(viewModel));
await _apiKeyRepository.CreateKey(key);
return(key);
}
private async Task <APIKeyData> CreateKey(AddApiKeyViewModel viewModel)
{
var key = new APIKeyData()
{
Id = Encoders.Hex.EncodeData(RandomUtils.GetBytes(20)),
Type = APIKeyType.Permanent,
UserId = _userManager.GetUserId(User),
Label = viewModel.Label
};
key.Permissions = string.Join(";", GetPermissionsFromViewModel(viewModel).Select(p => p.ToString()).Distinct().ToArray());
await _apiKeyRepository.CreateKey(key);
return(key);
}
private IEnumerable <string> GetPermissionsFromViewModel(AddApiKeyViewModel viewModel)
{
var permissions = viewModel.PermissionValues.Where(tuple => tuple.Value).Select(tuple => tuple.Permission).ToList();
if (viewModel.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific)
{
permissions.AddRange(viewModel.SpecificStores.Select(Permissions.GetStorePermission));
}
else if (viewModel.StoreManagementPermission)
{
permissions.Add(Permissions.StoreManagement);
}
if (viewModel.IsServerAdmin && viewModel.ServerManagementPermission)
{
permissions.Add(Permissions.ServerManagement);
}
return(permissions.Distinct());
}
private IEnumerable <string> GetPermissionsFromViewModel(AddApiKeyViewModel viewModel)
{
var permissions = new List <string>();
if (viewModel.StoreMode == AddApiKeyViewModel.ApiKeyStoreMode.Specific)
{
permissions.AddRange(viewModel.SpecificStores.Select(APIKeyConstants.Permissions.GetStorePermission));
}
else if (viewModel.StoreManagementPermission)
{
permissions.Add(APIKeyConstants.Permissions.StoreManagement);
}
if (viewModel.IsServerAdmin && viewModel.ServerManagementPermission)
{
permissions.Add(APIKeyConstants.Permissions.ServerManagement);
}
return(permissions);
}
private async Task <APIKeyData> CreateKey(AddApiKeyViewModel viewModel, (string appIdentifier, string appAuthority) app = default)
