public async Task setting_default_scopes_impact_new_users() { var user = TestHelper.StObjMap.StObjs.Obtain <UserTable>(); var p = TestHelper.StObjMap.StObjs.Obtain <Package>(); var factory = TestHelper.StObjMap.StObjs.Obtain <IPocoFactory <IUserGitLabInfo> >(); using (var ctx = new SqlStandardCallContext()) { AuthScopeSet original = await p.ReadDefaultScopeSetAsync(ctx); original.Contains("nimp").Should().BeFalse(); original.Contains("thing").Should().BeFalse(); original.Contains("other").Should().BeFalse(); { int id = await user.CreateUserAsync(ctx, 1, Guid.NewGuid().ToString()); IUserGitLabInfo userInfo = factory.Create(); userInfo.GitLabAccountId = Guid.NewGuid().ToString(); await p.UserGitLabTable.CreateOrUpdateGitLabUserAsync(ctx, 1, id, userInfo); var info = await p.UserGitLabTable.FindKnownUserInfoAsync(ctx, userInfo.GitLabAccountId); AuthScopeSet userSet = await p.ReadScopeSetAsync(ctx, info.UserId); userSet.ToString().Should().Be(original.ToString()); } AuthScopeSet replaced = original.Clone(); replaced.Add(new AuthScopeItem("nimp")); replaced.Add(new AuthScopeItem("thing", ScopeWARStatus.Rejected)); replaced.Add(new AuthScopeItem("other", ScopeWARStatus.Accepted)); await p.AuthScopeSetTable.SetScopesAsync(ctx, 1, replaced); var readback = await p.ReadDefaultScopeSetAsync(ctx); readback.ToString().Should().Be(replaced.ToString()); // Default scopes have non W status! // This must not impact new users: their satus must always be be W. readback.ToString().Should().Contain("[R]thing") .And.Contain("[A]other"); { int id = await user.CreateUserAsync(ctx, 1, Guid.NewGuid().ToString()); IUserGitLabInfo userInfo = p.UserGitLabTable.CreateUserInfo <IUserGitLabInfo>(); userInfo.GitLabAccountId = Guid.NewGuid().ToString(); await p.UserGitLabTable.CreateOrUpdateGitLabUserAsync(ctx, 1, id, userInfo, UCLMode.CreateOnly | UCLMode.UpdateOnly); userInfo = (IUserGitLabInfo)(await p.UserGitLabTable.FindKnownUserInfoAsync(ctx, userInfo.GitLabAccountId)).Info; AuthScopeSet userSet = await p.ReadScopeSetAsync(ctx, id); userSet.ToString().Should().Contain("[W]thing") .And.Contain("[W]other") .And.Contain("[W]nimp"); } await p.AuthScopeSetTable.SetScopesAsync(ctx, 1, original); } }
/// <summary> /// Challenges <see cref="IUserGitLabInfo"/> data to identify a user. /// Note that a successful challenge may have side effects such as updating claims, access tokens or other data /// related to the user and this provider. /// </summary> /// <param name="ctx">The call context to use.</param> /// <param name="info">The payload to challenge.</param> /// <param name="actualLogin">Set it to false to avoid login side-effect (such as updating the LastLoginTime) on success.</param> /// <returns>The login result.</returns> public LoginResult LoginUser(ISqlCallContext ctx, IUserGitLabInfo info, bool actualLogin = true) { var mode = actualLogin ? UCLMode.UpdateOnly | UCLMode.WithActualLogin : UCLMode.UpdateOnly | UCLMode.WithCheckLogin; var r = UserGitLabUCL(ctx, 1, 0, info, mode); return(r.LoginResult); }
protected abstract UCLResult UserGitLabUCL( ISqlCallContext ctx, int actorId, int userId, [ParameterSource] IUserGitLabInfo info, UCLMode mode);
/// <summary> /// Creates or updates a user entry for this provider. /// This is the "binding account" feature since it binds an external identity to /// an already existing user that may already be registered into other authencation providers. /// </summary> /// <param name="ctx">The call context to use.</param> /// <param name="actorId">The acting actor identifier.</param> /// <param name="userId">The user identifier that must be registered.</param> /// <param name="info">Provider specific data: the <see cref="IUserGitLabInfo"/> poco.</param> /// <param name="mode">Optionnaly configures Create, Update only or WithLogin behavior.</param> /// <returns>The result.</returns> public UCLResult CreateOrUpdateGitLabUser(ISqlCallContext ctx, int actorId, int userId, IUserGitLabInfo info, UCLMode mode = UCLMode.CreateOrUpdate) { return(UserGitLabUCL(ctx, actorId, userId, info, mode)); }