public SecurableItemsModule(SecurableItemService securableItemService,
SecurableItemValidator validator,
AccessService accessService,
ClientService clientService,
GrainService grainService,
ILogger logger) : base("/v1/securableitems", logger, validator, accessService)
{
_clientService = clientService ??
throw new ArgumentNullException(nameof(clientService));
_grainService = grainService ??
throw new ArgumentNullException(nameof(grainService));
_securableItemService = securableItemService ??
throw new ArgumentNullException(nameof(securableItemService));
Get("/",
async _ => await GetSecurableItem().ConfigureAwait(false),
null,
"GetSecurableItem");
Get("/{securableItemId}",
async parameters => await this.GetSecurableItem(parameters).ConfigureAwait(false),
null,
"GetSecurableItemById");
Post("/{securableItemId}",
async parameters => await this.AddSecurableItem(parameters).ConfigureAwait(false),
null,
"AddSecurableItemById");
}
protected async Task CheckWriteAccess(ClientService clientService,
GrainService grainService,
dynamic grain,
dynamic securableItem)
{
string grainAsString = grain.ToString();
string securableItemAsString = securableItem.ToString();
if (HasSubjectId)
{
try
{
var requiredClaims = await GetRequiredWriteClaims(grainService, grainAsString);
await AccessService.CheckUserAccess(grainAsString, securableItemAsString, this,
requiredClaims.ToArray());
}
catch (NotFoundException <Grain> )
{
this.AddBeforeHookOrExecute((context) => AccessService.CreateFailureResponse <Grain>(
$"The requested grain: {grainAsString} does not exist.", context, HttpStatusCode.BadRequest));
}
}
else
{
var requiredClaims = await GetRequiredWriteClaims(grainService, grainAsString);
await AccessService.CheckAppAccess(ClientId, grainAsString, securableItemAsString, clientService, this, requiredClaims.ToArray());
}
}
public async Task IsGrainWithChildren_Deep_ReturnsGrainWithChildrenAsync()
{
// Arrange
var mockGrainStore = new Mock <IGrainStore>()
.SetupGetAllGrain(GetGrainWithDeepGraph())
.Object;
var subject = new GrainService(mockGrainStore);
// Act
var actualResult = await subject.GetAllGrains();
// Assert
var first = actualResult.First(g => g.Name == "shared");
Assert.True(first.SecurableItems.Count == 2);
Assert.True(first.IsSecurableItemChildOfGrain("level_one_a"));
Assert.True(first.IsSecurableItemChildOfGrain("level_one_b"));
Assert.True(first.IsSecurableItemChildOfGrain("level_two"));
Assert.True(first.IsSecurableItemChildOfGrain("level_three_a"));
Assert.True(first.IsSecurableItemChildOfGrain("level_three_b"));
var second = actualResult.First(g => g.Name == "shared2");
Assert.True(second.SecurableItems.Count == 2);
Assert.True(second.IsSecurableItemChildOfGrain("level_one_a2"));
Assert.True(second.IsSecurableItemChildOfGrain("level_one_b2"));
Assert.True(second.IsSecurableItemChildOfGrain("level_two2"));
Assert.True(second.IsSecurableItemChildOfGrain("level_three_a2"));
Assert.True(second.IsSecurableItemChildOfGrain("level_three_b2"));
}
public Task <IGrainReminder> GetReminder(string reminderName)
{
if (String.IsNullOrEmpty(reminderName))
{
throw new ArgumentException("Cannot use null or empty name for the reminder", "reminderName");
}
return(GrainService.GetReminder(CallingGrainReference, reminderName));
}
public UsersModule(
ClientService clientService,
PermissionService permissionService,
UserService userService,
GrainService grainService,
IPermissionResolverService permissionResolverService,
UserValidator validator,
AccessService accessService,
ILogger logger) : base("/v1/user", logger, validator, accessService)
{
_permissionService = permissionService ?? throw new ArgumentNullException(nameof(permissionService));
_clientService = clientService ?? throw new ArgumentNullException(nameof(clientService));
_userService = userService ?? throw new ArgumentNullException(nameof(userService));
_grainService = grainService ?? throw new ArgumentNullException(nameof(grainService));
_permissionResolverService = permissionResolverService ?? throw new ArgumentNullException(nameof(permissionResolverService));
// Get all the permissions for a user
Get("/permissions",
async _ => await GetCurrentUserPermissions().ConfigureAwait(false), null,
"GetCurrentUserPermissions");
Get("/{identityProvider}/{subjectId}",
async param => await GetUser(param).ConfigureAwait(false), null,
"GetUser");
Post("/",
async _ => await AddUser().ConfigureAwait(false), null,
"AddUser");
Get("/{identityProvider}/{subjectId}/permissions",
async param => await this.GetUserPermissions(param).ConfigureAwait(false), null,
"GetUserPermissions");
Post("/{identityProvider}/{subjectId}/permissions",
async param => await this.AddGranularPermissions(param).ConfigureAwait(false), null,
"AddGranularPermissions");
Delete("/{identityProvider}/{subjectId}/permissions",
async param => await this.DeleteGranularPermissions(param).ConfigureAwait(false), null,
"DeleteGranularPermissions");
Get("/{identityProvider}/{subjectId}/groups",
async _ => await GetUserGroups().ConfigureAwait(false), null,
"GetUserGroups");
Get("/{identityProvider}/{subjectId}/roles",
async _ => await GetUserRoles().ConfigureAwait(false), null,
"GetUserRoles");
Post("/{identityProvider}/{subjectId}/roles",
async param => await AddRolesToUser(param).ConfigureAwait(false), null,
"AddRolesToUser");
Delete("/{identityProvider}/{subjectId}/roles",
async param => await DeleteRolesFromUser(param).ConfigureAwait(false), null,
"DeleteRolesFromUser");
}
public Task <IGrainReminder> GetReminder(string reminderName)
{
this.EnsureReminderServiceRegistered();
if (string.IsNullOrEmpty(reminderName))
{
throw new ArgumentException("Cannot use null or empty name for the reminder", nameof(reminderName));
}
return(GrainService.GetReminder(CallingGrainReference, reminderName));
}
public Task <IGrainReminder> RegisterOrUpdateReminder(string reminderName, TimeSpan dueTime, TimeSpan period)
{
this.EnsureReminderServiceRegistered();
// Perform input volatility checks that are consistent with System.Threading.Timer
// http://referencesource.microsoft.com/#mscorlib/system/threading/timer.cs,c454f2afe745d4d3,references
var dueTm = (long)dueTime.TotalMilliseconds;
if (dueTm < -1)
{
throw new ArgumentOutOfRangeException(nameof(dueTime), "Cannot use negative dueTime to create a reminder");
}
if (dueTm > MaxSupportedTimeout)
{
throw new ArgumentOutOfRangeException(
nameof(dueTime),
$"Cannot use value larger than {MaxSupportedTimeout}ms for dueTime when creating a reminder");
}
var periodTm = (long)period.TotalMilliseconds;
if (periodTm < -1)
{
throw new ArgumentOutOfRangeException(nameof(period), "Cannot use negative period to create a reminder");
}
if (periodTm > MaxSupportedTimeout)
{
throw new ArgumentOutOfRangeException(
nameof(period),
$"Cannot use value larger than {MaxSupportedTimeout}ms for period when creating a reminder");
}
var reminderOptions = serviceProvider.GetService <IOptions <ReminderOptions> >();
var minReminderPeriod = reminderOptions.Value.MinimumReminderPeriod;
if (period < minReminderPeriod)
{
var msg =
string.Format(
"Cannot register reminder {0} as requested period ({1}) is less than minimum allowed reminder period ({2})",
reminderName,
period,
minReminderPeriod);
throw new ArgumentException(msg);
}
if (string.IsNullOrEmpty(reminderName))
{
throw new ArgumentException("Cannot use null or empty name for the reminder", nameof(reminderName));
}
return(GrainService.RegisterOrUpdateReminder(CallingGrainReference, reminderName, dueTime, period));
}
public GrainsModule(GrainService grainService,
GrainValidator validator,
AccessService accessService,
ILogger logger) : base("/v1/grains", logger, validator, accessService)
{
_grainService = grainService ??
throw new ArgumentNullException(nameof(grainService));
Get("/",
async _ => await GetGrain().ConfigureAwait(false),
null,
"GetGrain");
}
public RolesModule(
RoleService roleService,
ClientService clientService,
GrainService grainService,
RoleValidator validator,
AccessService accessService,
ILogger logger) : base("/v1/roles", logger, validator, accessService)
{
_roleService = roleService ?? throw new ArgumentNullException(nameof(roleService));
_clientService = clientService ?? throw new ArgumentNullException(nameof(clientService));
_grainService = grainService ?? throw new ArgumentNullException(nameof(grainService));
Post("/",
async parameters => await AddRole().ConfigureAwait(false),
null,
"AddRole");
Patch("/{roleId}",
async parameters => await this.UpdateRole(parameters).ConfigureAwait(false),
null,
"UpdateRole");
Delete("/{roleId}",
async parameters => await this.DeleteRole(parameters).ConfigureAwait(false),
null,
"DeleteRole");
Get("/{grain}/{securableItem}",
async parameters => await this.GetRolesForSecurableItem(parameters).ConfigureAwait(false),
null,
"GetRolesBySecurableItem");
Get("/{grain}/{securableItem}/{roleName}",
async parameters => await this.GetRoleByName(parameters).ConfigureAwait(false),
null,
"GetRoleByName");
Post("/{roleId}/permissions",
async parameters => await this.AddPermissionsToRole(parameters).ConfigureAwait(false),
null,
"AddPermissionsToRole");
Delete("/{roleId}/permissions",
async parameters => await this.DeletePermissionsFromRole(parameters).ConfigureAwait(false),
null,
"DeletePermissionsFromRole");
}
private async Task <List <Predicate <Claim> > > GetRequiredWriteClaims(GrainService grainService, string grain)
{
var grainModel = await grainService.GetGrain(grain);
var requiredClaims = new List <Predicate <Claim> > {
AuthorizationWriteClaim
};
if (grainModel == null)
{
return(requiredClaims);
}
if (grainModel.IsShared && grainModel.RequiredWriteScopes.Count > 0)
{
requiredClaims.Add(c => grainModel.RequiredWriteScopes.Contains(c.Value));
}
return(requiredClaims);
}
public Task <IGrainReminder> RegisterOrUpdateReminder(string reminderName, TimeSpan dueTime, TimeSpan period)
{
// Perform input volatility checks that are consistent with System.Threading.Timer
// http://referencesource.microsoft.com/#mscorlib/system/threading/timer.cs,c454f2afe745d4d3,references
var dueTm = (long)dueTime.TotalMilliseconds;
if (dueTm < -1)
{
throw new ArgumentOutOfRangeException("dueTime", "Cannot use negative dueTime to create a reminder");
}
if (dueTm > MAX_SUPPORTED_TIMEOUT)
{
throw new ArgumentOutOfRangeException("dueTime", String.Format("Cannot use value larger than {0} for dueTime when creating a reminder", MAX_SUPPORTED_TIMEOUT));
}
var periodTm = (long)period.TotalMilliseconds;
if (periodTm < -1)
{
throw new ArgumentOutOfRangeException("period", "Cannot use negative period to create a reminder");
}
if (periodTm > MAX_SUPPORTED_TIMEOUT)
{
throw new ArgumentOutOfRangeException("period", String.Format("Cannot use value larger than {0} for period when creating a reminder", MAX_SUPPORTED_TIMEOUT));
}
if (period < Constants.MinReminderPeriod)
{
string msg = string.Format("Cannot register reminder {0} as requested period ({1}) is less than minimum allowed reminder period ({2})", reminderName, period, Constants.MinReminderPeriod);
throw new ArgumentException(msg);
}
if (String.IsNullOrEmpty(reminderName))
{
throw new ArgumentException("Cannot use null or empty name for the reminder", "reminderName");
}
return(GrainService.RegisterOrUpdateReminder(CallingGrainReference, reminderName, dueTime, period));
}
public PermissionsModule(
PermissionService permissionService,
ClientService clientService,
GrainService grainService,
PermissionValidator validator,
ILogger logger,
AccessService accessService) : base("/v1/permissions", logger, validator, accessService)
{
_clientService = clientService ?? throw new ArgumentNullException(nameof(clientService));
_permissionService = permissionService ?? throw new ArgumentNullException(nameof(permissionService));
_grainService = grainService ?? throw new ArgumentNullException(nameof(grainService));
Get("/{permissionId}",
async parameters => await this.GetPermissionById(parameters).ConfigureAwait(false),
null,
"GetPermissionById");
Post("/",
async parameters => await AddPermission().ConfigureAwait(false),
null,
"AddPermission");
Delete("/{permissionId}",
async parameters => await this.DeletePermission(parameters).ConfigureAwait(false),
null,
"DeletePermission");
Get("/{grain}/{securableItem}",
async parameters => await this.GetPermissionsForSecurableItem(parameters).ConfigureAwait(false),
null,
"GetPermissionsForSecurableItem");
Get("/{grain}/{securableItem}/{permissionName}",
async parameters => await this.GetPermissionByName(parameters).ConfigureAwait(false),
null,
"GetPermissionByName");
}
public SharedGrainPermissionResolverService(GrainService grainService, IEnumerable <IPermissionResolverService> permissionResolverServices)
{
_grainService = grainService ?? throw new ArgumentNullException(nameof(grainService));
_permissionResolverServices = permissionResolverServices ?? throw new ArgumentNullException(nameof(permissionResolverServices));
}
public Task UnregisterReminder(IGrainReminder reminder)
{
return(GrainService.UnregisterReminder(reminder));
}
public GroupsModule(
GroupService groupService,
GroupValidator validator,
ILogger logger,
AccessService accessService,
ClientService clientService,
GrainService grainService,
IdPSearchService idPSearchService,
IAppConfiguration appConfiguration = null) : base("/v1/groups", logger, validator, accessService, appConfiguration)
{
_groupService = groupService;
_clientService = clientService;
_grainService = grainService;
_idPSearchService = idPSearchService;
Get("/",
async _ => await GetGroups().ConfigureAwait(false),
null,
"GetGroups");
base.Get("/{groupName}",
async _ => await GetGroup().ConfigureAwait(false),
null,
"GetGroup");
Post("/",
async _ => await AddGroup().ConfigureAwait(false),
null,
"AddGroup");
Post("/UpdateGroups",
async _ => await UpdateGroupList().ConfigureAwait(false),
null,
"UpdateGroups");
Patch("/{groupName}",
async parameters => await this.UpdateGroup(parameters).ConfigureAwait(false),
null,
"UpdateGroup");
base.Delete("/{groupName}",
async p => await this.DeleteGroup(p).ConfigureAwait(false),
null,
"DeleteGroup");
// group->role mappings
Get("/{groupName}/roles",
async _ => await GetRolesFromGroup().ConfigureAwait(false),
null,
"GetRolesFromGroup");
Get("/{groupName}/{grain}/{securableItem}/roles",
async p => await GetRolesForGroup(p).ConfigureAwait(false),
null,
"GetRolesForGroup");
Post("/{groupName}/roles",
async p => await AddRolesToGroup(p).ConfigureAwait(false),
null,
"AddRolesToGroup");
Delete("/{groupName}/roles",
async p => await DeleteRolesFromGroup(p).ConfigureAwait(false),
null,
"DeleteRolesFromGroup");
// (custom) group->user mappings
Get("/{groupName}/users",
async _ => await GetUsersFromGroup().ConfigureAwait(false),
null,
"GetUsersFromGroup");
Post("/{groupName}/users",
async p => await AddUsersToGroup(p).ConfigureAwait(false),
null,
"AddUserToGroup");
Delete("/{groupName}/users",
async _ => await DeleteUserFromGroup().ConfigureAwait(false),
null,
"DeleteUserFromGroup");
// child groups
Get("/{groupName}/groups",
async p => await GetChildGroups(p).ConfigureAwait(false),
null,
"GetChildGroups");
Post("/{groupName}/groups",
async p => await AddChildGroups(p).ConfigureAwait(false),
null,
"AddChildGroups");
Delete("/{groupName}/groups",
async p => await RemoveChildGroups(p).ConfigureAwait(false),
null,
"RemoveChildGroups");
}
public Task <bool> HasInit()
{
return(GrainService.HasInit());
}
public Task <bool> HasStarted()
{
return(GrainService.HasStarted());
}
public Task UnregisterReminder(IGrainReminder reminder)
{
this.EnsureReminderServiceRegistered();
return(GrainService.UnregisterReminder(reminder));
}
public Task <List <IGrainReminder> > GetReminders()
{
this.EnsureReminderServiceRegistered();
return(GrainService.GetReminders(CallingGrainReference));
}
public Task <string> EchoViaExtension(string what)
{
return(GrainService.AsReference <IEchoExtension>().Echo(what));
}
public Task <string> GetServiceConfigProperty()
{
return(GrainService.GetServiceConfigProperty());
}
// ponte do Grain para o GrainService public Task CallGrain(long i) => GrainService.CallGrain(i);
public Task MyMethod() => GrainService.MyMethod();
public Task <string> GetHelloWorldUsingCustomService()
{
return(GrainService.GetHelloWorldUsingCustomService(CallingGrainReference));
}
public Task <string> GetServiceConfigProperty(string propertyName)
{
return(GrainService.GetServiceConfigProperty(propertyName));
}
public Task <string> GetPriceQuoteAsync(string ticker) => GrainService.GetPriceQuoteAsync(ticker);
public Task <bool> HasStartedInBackground()
{
return(GrainService.HasStartedInBackground());
}
public Task <string> GetStringOption() => GrainService.GetStringOption();
public Task RefreshMonnitorDeviceAsync(List <DeviceInfo> info) => GrainService.RefreshMonnitorDeviceAsync(info);
public Task <List <IGrainReminder> > GetReminders()
{
return(GrainService.GetReminders(CallingGrainReference));
}
