/// <summary>
/// High-level overridable API that ServiceStack uses to check whether a user has all requiredPermissions.
/// </summary>
public virtual async Task <bool> HasAllPermissionsAsync(ICollection <string> requiredPermissions,
IAuthRepositoryAsync authRepo, IRequest req, CancellationToken token = default)
{
if (requiredPermissions == null)
{
throw new ArgumentNullException(nameof(requiredPermissions));
}
var allPerms = await GetPermissionsAsync(authRepo, token).ConfigAwait();
if (requiredPermissions.All(allPerms.Contains))
{
return(true);
}
if (await HasRoleAsync(RoleNames.Admin, authRepo, token).ConfigAwait())
{
return(true);
}
await this.UpdateFromUserAuthRepoAsync(req, authRepo).ConfigAwait();
allPerms = await GetPermissionsAsync(authRepo, token).ConfigAwait();
if (requiredPermissions.All(allPerms.Contains))
{
await req.SaveSessionAsync(this, token : token).ConfigAwait();
return(true);
}
return(false);
}
public virtual Task <bool> IsAccountLockedAsync(IAuthRepositoryAsync authRepoAsync, IUserAuth userAuth, IAuthTokens tokens = null, CancellationToken token = default)
{
if (authRepoAsync is IAuthRepository authRepo && AccountLockedValidator != null)
{
return(AccountLockedValidator(authRepo, userAuth, tokens).InTask());
}
return((userAuth?.LockedDate != null).InTask());
}
static IQueryUserAuthAsync AssertQueryUserAuthAsync(this IAuthRepositoryAsync repo)
{
if (!(repo is IQueryUserAuthAsync queryUserAuth))
{
throw new NotSupportedException("This operation requires an Auth Repository that implements IQueryUserAuthAsync");
}
return(queryUserAuth);
}
static IUserAuthRepositoryAsync AssertUserAuthRepositoryAsync(this IAuthRepositoryAsync repo)
{
if (!(repo is IUserAuthRepositoryAsync userRepo))
{
throw new NotSupportedException("This operation requires a IUserAuthRepositoryAsync");
}
return(userRepo);
}
/* reset
*
* use veduDB04
*
* delete TblKisiler
* delete TblDersDetaylar
* delete TblDersler
* delete TblIcerikler
*
*/
public static async void OlusturKisiOgrenciOrnekleri(this IAuthRepositoryAsync context)
{
await context.KisiRegisterAsync(new Kisiler { Username = "******", Email = "stu1", KisiTipi = "STU" }, "stu1");
await context.KisiRegisterAsync(new Kisiler { Username = "******", Email = "stu2", KisiTipi = "STU" }, "stu2");
await context.KisiRegisterAsync(new Kisiler { Username = "******", Email = "stu3", KisiTipi = "STU" }, "stu3");
await context.KisiRegisterAsync(new Kisiler { Username = "******", Email = "stu4", KisiTipi = "STU" }, "stu4");
}
public virtual async Task <bool> HasRoleAsync(string role, IAuthRepositoryAsync authRepo, CancellationToken token = default)
{
if (role == null)
{
throw new ArgumentNullException(nameof(role));
}
var roles = await GetRolesAsync(authRepo, token).ConfigAwait();
return(roles.Contains(role));
}
public virtual async Task <bool> HasPermissionAsync(string permission, IAuthRepositoryAsync authRepo, CancellationToken token = default)
{
if (permission == null)
{
throw new ArgumentNullException(nameof(permission));
}
var permissions = await GetPermissionsAsync(authRepo, token).ConfigAwait();
return(permissions.Contains(permission));
}
public static Task <bool> HasAnyPermissionsAsync(this IAuthSession session, ICollection <string> permissions,
IAuthRepositoryAsync authRepo, IRequest req, CancellationToken token = default)
{
if (session is IAuthSessionExtended extended) // always true for sessions inheriting AuthUserSession
{
return(extended.HasAnyPermissionsAsync(permissions, authRepo, req, token));
}
#pragma warning disable 618
return(session.HasAnyPermissions(permissions, (IAuthRepository)authRepo, req).InTask());
#pragma warning restore 618
}
/// <summary>
/// Creates the required missing tables or DB schema
/// </summary>
public static async Task AssignRolesAsync(this IAuthRepositoryAsync userAuthRepo, IUserAuth userAuth,
ICollection <string> roles = null, ICollection <string> permissions = null, CancellationToken token = default)
{
if (userAuthRepo is IManageRolesAsync managesRoles)
{
await managesRoles.AssignRolesAsync(userAuth.Id.ToString(), roles, permissions, token).ConfigAwait();
}
else
{
AssignRolesInternal(userAuth, roles, permissions);
await userAuthRepo.SaveUserAuthAsync(userAuth, token).ConfigAwait();
}
}
protected virtual async Task <bool> EmailAlreadyExistsAsync(IAuthRepositoryAsync authRepo, IUserAuth userAuth, IAuthTokens tokens = null, CancellationToken token = default)
{
if (tokens?.Email != null)
{
var userWithEmail = await authRepo.GetUserAuthByUserNameAsync(tokens.Email, token).ConfigAwait();
if (userWithEmail == null)
{
return(false);
}
var isAnotherUser = userAuth == null || (userAuth.Id != userWithEmail.Id);
return(isAnotherUser);
}
return(false);
}
public virtual async Task <bool> HasPermissionAsync(string permission, IAuthRepositoryAsync authRepo, CancellationToken token = default)
{
if (!FromToken) //If populated from a token it should have the complete list of permissions
{
if (authRepo is IManageRolesAsync managesRoles)
{
if (UserAuthId == null)
{
return(false);
}
return(await managesRoles.HasPermissionAsync(this.UserAuthId, permission, token));
}
}
return(this.Permissions != null && this.Permissions.Contains(permission));
}
public virtual async Task <bool> HasRoleAsync(string role, IAuthRepositoryAsync authRepo)
{
if (!FromToken) //If populated from a token it should have the complete list of roles
{
if (authRepo is IManageRolesAsync managesRoles)
{
if (UserAuthId == null)
{
return(false);
}
return(await managesRoles.HasRoleAsync(this.UserAuthId, role));
}
}
return(this.Roles != null && this.Roles.Contains(role));
}
public virtual async Task <ICollection <string> > GetPermissionsAsync(IAuthRepositoryAsync authRepo, CancellationToken token = default)
{
if (UserAuthId != null)
{
if (!FromToken) //If populated from a token it should have the complete list of roles
{
if (authRepo is IManageRolesAsync managesRoles)
{
return(await managesRoles.GetPermissionsAsync(this.UserAuthId, token));
}
}
}
return(this.Permissions != null
? this.Permissions
: TypeConstants.EmptyStringArray);
}
public static async Task UnAssignRolesAsync(this IAuthRepositoryAsync userAuthRepo, IUserAuth userAuth,
ICollection <string> roles = null, ICollection <string> permissions = null, CancellationToken token = default)
{
if (userAuthRepo is IManageRolesAsync managesRoles)
{
await managesRoles.UnAssignRolesAsync(userAuth.Id.ToString(), roles, permissions, token).ConfigAwait();
}
else
{
roles.Each(x => userAuth.Roles.Remove(x));
permissions.Each(x => userAuth.Permissions.Remove(x));
if (roles != null || permissions != null)
{
await userAuthRepo.SaveUserAuthAsync(userAuth, token).ConfigAwait();
}
}
}
/// <summary>
/// High-level overridable API that ServiceStack uses to check whether a user has all requiredRoles.
/// </summary>
public virtual async Task <bool> HasAllRolesAsync(ICollection <string> requiredRoles,
IAuthRepositoryAsync authRepo, IRequest req, CancellationToken token = default)
{
var allRoles = await GetRolesAsync(authRepo, token).ConfigAwait();
if (allRoles.Contains(RoleNames.Admin) || requiredRoles.All(allRoles.Contains))
{
return(true);
}
await this.UpdateFromUserAuthRepoAsync(req, authRepo).ConfigAwait();
allRoles = await GetRolesAsync(authRepo, token).ConfigAwait();
if (allRoles.Contains(RoleNames.Admin) || requiredRoles.All(allRoles.Contains))
{
await req.SaveSessionAsync(this, token : token).ConfigAwait();
return(true);
}
return(false);
}
protected virtual async Task <IHttpResult> ValidateAccountAsync(IServiceBase authService, IAuthRepositoryAsync authRepo, IAuthSession session, IAuthTokens tokens, CancellationToken token = default)
{
var userAuth = await authRepo.GetUserAuthAsync(session, tokens, token).ConfigAwait();
var ctx = CreateAuthContext(authService, session, tokens);
var authFeature = HostContext.GetPlugin <AuthFeature>();
if (authFeature != null && authFeature.ValidateUniqueUserNames && await UserNameAlreadyExistsAsync(authRepo, userAuth, tokens, token).ConfigAwait())
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, GetReferrerUrl(authService, session).SetParam("f", "UserNameAlreadyExists"))));
}
if (authFeature != null && authFeature.ValidateUniqueEmails && await EmailAlreadyExistsAsync(authRepo, userAuth, tokens, token).ConfigAwait())
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, GetReferrerUrl(authService, session).SetParam("f", "EmailAlreadyExists"))));
}
if (await IsAccountLockedAsync(authRepo, userAuth, tokens, token).ConfigAwait())
{
return(authService.Redirect(FailedRedirectUrlFilter(ctx, GetReferrerUrl(authService, session).SetParam("f", "AccountLocked"))));
}
return(null);
}
public static Task <List <IUserAuth> > SearchUserAuthsAsync(this IAuthRepositoryAsync authRepo, string query, string orderBy = null, int?skip = null, int?take = null, CancellationToken token = default) => authRepo.AssertQueryUserAuthAsync().SearchUserAuthsAsync(query: query, orderBy: orderBy, skip: skip, take: take, token: token);
public static Task <IUserAuth> UpdateUserAuthAsync(this IAuthRepositoryAsync authRepo, IUserAuth existingUser, IUserAuth newUser, string password, CancellationToken token = default) => authRepo.AssertUserAuthRepositoryAsync().UpdateUserAuthAsync(existingUser, newUser, password, token);
public static Task DeleteUserAuthAsync(this IAuthRepositoryAsync authRepo, string userAuthId, CancellationToken token = default) => authRepo.AssertUserAuthRepositoryAsync().DeleteUserAuthAsync(userAuthId, token);
public static Task <List <IUserAuthDetails> > GetUserAuthDetailsAsync(this IAuthRepositoryAsync authRepo, int userAuthId, CancellationToken token = default)
{
return(authRepo.GetUserAuthDetailsAsync(userAuthId.ToString(CultureInfo.InvariantCulture), token));
}
public async Task <bool> HasAllRolesAsync(IRequest req, IAuthSession session, IAuthRepositoryAsync authRepo)
{
if (await SessionValidForAllRolesAsync(req, session, RequiredRoles).ConfigAwait())
{
return(true);
}
return(await SessionHasAllRolesAsync(req, session, authRepo, RequiredRoles).ConfigAwait());
}
public static async Task <List <IAuthTokens> > GetAuthTokensAsync(this IAuthRepositoryAsync repo, string userAuthId, CancellationToken token = default) =>
repo != null && userAuthId != null
? (await repo.GetUserAuthDetailsAsync(userAuthId, token).ConfigAwait()).ConvertAll(x => (IAuthTokens)x)
: TypeConstants <IAuthTokens> .EmptyList;
public static async Task PopulateSessionAsync(this IAuthSession session, IUserAuth userAuth, IAuthRepositoryAsync authRepo = null, CancellationToken token = default)
{
if (userAuth == null)
{
return;
}
PopulateSessionInternal(session, userAuth);
var hadUserAuthId = session.UserAuthId != null;
if (hadUserAuthId && authRepo != null)
{
session.ProviderOAuthAccess = await authRepo.GetAuthTokensAsync(session.UserAuthId, token).ConfigAwait();
}
//session.UserAuthId could be populated in populator
if (!hadUserAuthId && authRepo != null)
{
session.ProviderOAuthAccess = await authRepo.GetAuthTokensAsync(session.UserAuthId, token).ConfigAwait();
}
var existingPopulator = AutoMappingUtils.GetPopulator(typeof(IAuthSession), typeof(IUserAuth));
existingPopulator?.Invoke(session, userAuth);
}
public virtual async Task <bool> HasAnyPermissionsAsync(IAuthSession session, IAuthRepositoryAsync authRepo)
{
return(session != null && await this.RequiredPermissions
.AnyAsync(requiredPermission => session.HasPermissionAsync(requiredPermission, authRepo)).ConfigAwait());
}
public static async Task <ICollection <string> > GetPermissionsAsync(this IAuthRepositoryAsync userAuthRepo, IUserAuth userAuth, CancellationToken token = default)
{
return(userAuthRepo is IManageRolesAsync managesRoles
? await managesRoles.GetPermissionsAsync(userAuth.Id.ToString(), token).ConfigAwait()
: userAuth.Permissions);
}
public async Task <bool> HasAnyPermissionsAsync(IRequest req, IAuthSession session, IAuthRepositoryAsync authRepo)
{
if (await HasAnyPermissionsAsync(session, authRepo).ConfigAwait())
{
return(true);
}
if (authRepo == null)
{
authRepo = HostContext.AppHost.GetAuthRepositoryAsync(req);
}
if (authRepo == null)
{
return(false);
}
#if NET472 || NETSTANDARD2_0
await using (authRepo as IAsyncDisposable)
#else
using (authRepo as IDisposable)
#endif
{
var userAuth = await authRepo.GetUserAuthAsync(session, null).ConfigAwait();
session.UpdateSession(userAuth);
if (await HasAnyPermissionsAsync(session, authRepo).ConfigAwait())
{
await req.SaveSessionAsync(session).ConfigAwait();
return(true);
}
return(false);
}
}
private static async Task <bool> SessionHasAllRolesAsync(IRequest req, IAuthSession session, IAuthRepositoryAsync authRepo, ICollection <string> requiredRoles)
{
if (await session.HasRoleAsync(RoleNames.Admin, authRepo).ConfigAwait())
{
return(true);
}
if (await requiredRoles.AllAsync(x => session.HasRoleAsync(x, authRepo)).ConfigAwait())
{
return(true);
}
await session.UpdateFromUserAuthRepoAsync(req, authRepo).ConfigAwait();
if (await requiredRoles.AllAsync(x => session.HasRoleAsync(x, authRepo)).ConfigAwait())
{
await req.SaveSessionAsync(session).ConfigAwait();
return(true);
}
return(false);
}
public async Task <bool> HasAllPermissionsAsync(IRequest req, IAuthSession session, IAuthRepositoryAsync authRepo)
{
if (await SessionValidForAllPermissionsAsync(req, session, RequiredPermissions).ConfigAwait())
{
return(true);
}
return(await session.HasAllPermissionsAsync(RequiredPermissions, authRepo, req).ConfigAwait());
}
/// <summary>
/// High-level overridable API that ServiceStack uses to check whether a user has any of the specified roles.
/// </summary>
public virtual async Task <bool> HasAnyRolesAsync(ICollection <string> roles, IAuthRepositoryAsync authRepo,
IRequest req, CancellationToken token = default)
{
if (roles == null)
{
throw new ArgumentNullException(nameof(roles));
}
var userRoles = await GetRolesAsync(authRepo, token).ConfigAwait();
if (userRoles.Contains(RoleNames.Admin) || roles.Any(userRoles.Contains))
{
return(true);
}
await this.UpdateFromUserAuthRepoAsync(req, authRepo).ConfigAwait();
userRoles = await GetRolesAsync(authRepo, token).ConfigAwait();
if (userRoles.Contains(RoleNames.Admin) || roles.Any(userRoles.Contains))
{
await req.SaveSessionAsync(this, token : token).ConfigAwait();
return(true);
}
return(false);
}
public static async Task UpdateFromUserAuthRepoAsync(this IAuthSession session, IRequest req, IAuthRepositoryAsync authRepo = null)
{
if (session == null)
{
return;
}
var newAuthRepo = authRepo == null
? HostContext.AppHost.GetAuthRepositoryAsync(req)
: null;
if (authRepo == null)
{
authRepo = newAuthRepo;
}
if (authRepo == null)
{
return;
}
using (newAuthRepo as IDisposable)
{
var userAuth = await authRepo.GetUserAuthAsync(session, null).ConfigAwait();
session.UpdateSession(userAuth);
}
}
