private async void setupClaimsForRole(RoleManager <IdentityRole> roleManager, RoleClaim roleClaims) { await roleManager.CreateAsync(roleClaims.Role); foreach (var claim in roleClaims.Claims) { await roleManager.AddClaimAsync(roleClaims.Role, claim); } }
async Task CreateUserAndRoles() { if (await _userManager.Users.CountAsync() > 0) { return; } using (var scope = await _context.Database.BeginTransactionAsync()) { var role = new Role { Name = "Administrator", Active = true }; IdentityResult result = await _roleManager.CreateAsync(role); if (!result.Succeeded) { scope.Rollback(); return; } IEnumerable <Claim> accessList = Enum.GetValues(typeof(AccessList)).Cast <AccessList>() .Select(a => new Claim(a.ToString(), a.ToString())); foreach (var access in accessList) { var claimResult = await _roleManager.AddClaimAsync(role, access); if (!claimResult.Succeeded) { scope.Rollback(); return; } } ISet <User> currentUser = _context.Users.ToHashSet(); var user = new HashSet <User> { new User { UserName = "******", FirstName = "manager", LastName = "manager", Email = "*****@*****.**", UserType = UserType.Administrator, Active = true, Role = role, PasswordHash = "AAbb11" }, new User { UserName = "******", FirstName = "Ruben", LastName = "Aguirre", Email = "*****@*****.**", UserType = UserType.Operator, Active = true, Role = role, PasswordHash = "AAbb11" } }; user = user.Where(c => !currentUser.Any(v => v.Id == c.Id)).ToHashSet(); foreach (var users in user) { await _userManager.CreateAsync(users, "AAbb11"); await _userManager.AddToRoleAsync(users, role.Name); } scope.Commit(); } }
public static async Task AddPermissionClaim(this RoleManager <IdentityRole> roleManager, IdentityRole role, string permission) { var allClaims = await roleManager.GetClaimsAsync(role); if (!allClaims.Any(a => a.Type == "Permission" && a.Value == permission)) { await roleManager.AddClaimAsync(role, new Claim("Permission", permission)); } }
public async Task <Tuple <bool, string[]> > UpdateRoleAsync(ApplicationRole role, IEnumerable <string> claims) { if (claims != null) { string[] invalidClaims = claims.Where(c => ApplicationPermissions.GetPermissionByValue(c) == null).ToArray(); if (invalidClaims.Any()) { return(Tuple.Create(false, new[] { "The following claim types are invalid: " + string.Join(", ", invalidClaims) })); } } var result = await _roleManager.UpdateAsync(role); if (!result.Succeeded) { return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray())); } if (claims != null) { var roleClaims = (await _roleManager.GetClaimsAsync(role)).Where(c => c.Type == ClaimConstants.Permission); var roleClaimValues = roleClaims.Select(c => c.Value).ToArray(); var claimsToRemove = roleClaimValues.Except(claims).ToArray(); var claimsToAdd = claims.Except(roleClaimValues).Distinct().ToArray(); if (claimsToRemove.Any()) { foreach (string claim in claimsToRemove) { result = await _roleManager.RemoveClaimAsync(role, roleClaims.Where(c => c.Value == claim).FirstOrDefault()); if (!result.Succeeded) { return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray())); } } } if (claimsToAdd.Any()) { foreach (string claim in claimsToAdd) { result = await _roleManager.AddClaimAsync(role, new Claim(ClaimConstants.Permission, ApplicationPermissions.GetPermissionByValue(claim))); if (!result.Succeeded) { return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray())); } } } } return(Tuple.Create(true, new string[] { })); }
internal static async Task AddCustomPermissionClaim(this RoleManager <IdentityRole> roleManager, IdentityRole role, string permission) { var allClaims = await roleManager.GetClaimsAsync(role); if (!allClaims.Any(a => a.Type == ApplicationClaimTypes.Permission && a.Value == permission)) { await roleManager.AddClaimAsync(role, new Claim(ApplicationClaimTypes.Permission, permission)); } }
public async Task <bool> adicionarRequisicaoAfuncao([FromBody] ClaimViewModel _funcaoRequisicao) { Task <IdentityRole> funcao = _roleManager.FindByIdAsync(_funcaoRequisicao.EmpresaUsuario.FuncaoId); IdentityRole _funcao = await funcao; var resultado = await _roleManager.AddClaimAsync(_funcao, _funcaoRequisicao.toClaim()); return(resultado.Succeeded); }
public async Task <Tuple <bool, string[]> > CreateRoleAsync(ApplicationRole role, IEnumerable <string> claims) { if (claims == null) { claims = new string[] { } } ; IEnumerable <string> enumerable = claims as string[] ?? claims.ToArray(); string[] invalidClaims = enumerable.Where(c => ApplicationPermissions.GetPermissionByValue(c) == null).ToArray(); if (invalidClaims.Any()) { return(Tuple.Create(false, new[] { "The following claim types are invalid: " + string.Join(", ", invalidClaims) })); } IdentityResult result = await _roleManager.CreateAsync(role); if (!result.Succeeded) { return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray())); } role = await _roleManager.FindByNameAsync(role.Name); foreach (string claim in enumerable.Distinct()) { result = await _roleManager.AddClaimAsync(role, new Claim(CustomClaimTypes.Permission, ApplicationPermissions.GetPermissionByValue(claim))); if (result.Succeeded) { continue; } await DeleteRoleAsync(role); return(Tuple.Create(false, result.Errors.Select(e => e.Description).ToArray())); } return(Tuple.Create(true, new string[] { })); }
private async Task SeedASPIdentityCoreAsync() { if (!await _context.Users.AnyAsync()) { //Generating inbuilt accounts const string adminRoleName = "Administrator"; const string userRoleName = "User"; const string coordinatorRoleName = "Coordinator"; await EnsureRoleAsync(adminRoleName, "Default administrator", ApplicationPermissions.GetAllPermissionValues()); await EnsureRoleAsync(userRoleName, "Default user", new string[] { }); await EnsureRoleAsync(coordinatorRoleName, "Default coordinator", new string[] { }); await CreateUserAsync("admin", "Admin123456", "Admin", "YLSPTeam", "Administrator YLSP", "*****@*****.**", "+1 (123) 456-7890", new string[] { adminRoleName }); await CreateUserAsync("user", "User123456", "User", "YLSPTeam", "User YLSP", "*****@*****.**", "+1 (123) 456-7890`", new string[] { userRoleName }); await CreateUserAsync("coordinator", "Coordinator123456", "Coordinator", "YLSPTeam", "Coordinator YLSP", "*****@*****.**", "+7 (999) 825-0380`", new string[] { coordinatorRoleName, userRoleName }); _logger.LogInformation("Inbuilt account generation completed"); } else { const string adminRoleName = "Administrator"; IdentityRole <Guid> adminRole = await _roleManager.FindByNameAsync(adminRoleName); var AllClaims = ApplicationPermissions.GetAllPermissionValues().Distinct(); var RoleClaims = (await _roleManager.GetClaimsAsync(adminRole)).Select(c => c.Value).ToList(); var NewClaims = AllClaims.Except(RoleClaims); foreach (string claim in NewClaims) { await _roleManager.AddClaimAsync(adminRole, new Claim(ClaimConstants.Permission, claim)); } var DeprecatedClaims = RoleClaims.Except(AllClaims); var roles = await _roleManager.Roles.ToListAsync(); foreach (string claim in DeprecatedClaims) { foreach (var role in roles) { await _roleManager.RemoveClaimAsync(role, new Claim(ClaimConstants.Permission, claim)); } } } }
public async Task <IActionResult> Update([FromBody] RoleModel model) { bool createMode = false; // Save role ApplicationRole role = _roleManager.Roles.SingleOrDefault(r => r.Id == model.Id); if (role == null) { createMode = true; role = new ApplicationRole(); } role.Name = model.Name; // Save permissions IdentityRoleClaim <string> currentPermission = null; IList <PermissionInfo> permissions = _securityManager.GetPermissionsList(); IList <IdentityRoleClaim <string> > currentPermissions = role.Claims.ToList(); if (createMode) { await _roleManager.CreateAsync(role); } else { await _roleManager.UpdateAsync(role); } foreach (PermissionInfo permission in permissions) { currentPermission = currentPermissions.SingleOrDefault(c => c.ClaimType == ModuleConfiguration.ModulePermissionType && c.ClaimValue == permission.PermissionId.ToString()); if (currentPermission != null) { if (!model.Permissions.Any(sp => sp == permission.PermissionId)) { await _roleManager.RemoveClaimAsync(role, currentPermission.ToClaim()); } } else { if (model.Permissions.Any(sp => sp == permission.PermissionId)) { currentPermission = new IdentityRoleClaim <string>(); currentPermission.ClaimType = ModuleConfiguration.ModulePermissionType; currentPermission.ClaimValue = permission.PermissionId.ToString(); currentPermission.RoleId = role.Id; await _roleManager.AddClaimAsync(role, currentPermission.ToClaim()); } } } return(Ok(new { RoleId = role.Id })); }
public async Task Configured(IConfigure configure) { await _unitOfWorkManager.PerformAsyncUow(async() => { foreach (var permissionProvider in _permissionProviders) { // get and iterate stereotypical groups of permissions var stereotypes = permissionProvider.GetDefaultStereotypes(); foreach (var stereotype in stereotypes) { var role = await _roleManager.FindByNameAsync(stereotype.Name); if (role == null) { if (_logger.IsEnabled(LogLevel.Information)) { _logger.LogInformation( $"Defining new role {stereotype.Name} for permission stereotype"); } role = new Role { RoleName = stereotype.Name }; await _roleManager.CreateAsync(role); await _unitOfWorkManager.Current.SaveChangesAsync(); } // and merge the stereotypical permissions into that role var stereotypePermissionNames = (stereotype.Permissions ?? Enumerable.Empty <Permission>()).Select(x => x.Name); var currentPermissionNames = (await _roleManager.GetClaimsAsync(role)).Where(x => x.Type == Permission.ClaimType) .Select(x => x.Value).ToList(); var distinctPermissionNames = currentPermissionNames .Union(stereotypePermissionNames) .Distinct(); // update role if set of permissions has increased var additionalPermissionNames = distinctPermissionNames.Except(currentPermissionNames).ToList(); if (additionalPermissionNames.Any()) { foreach (var permissionName in additionalPermissionNames) { if (_logger.IsEnabled(LogLevel.Debug)) { _logger.LogInformation("Default role {0} granted permission {1}", stereotype.Name, permissionName); } await _roleManager.AddClaimAsync(role, new Claim(Permission.ClaimType, permissionName)); } } } } }); }
public async Task <ActionResult> Create(RoleViewModel role) { try { // TODO: Add insert logic here var adminRole = await _roleManager.FindByNameAsync(role.Name); if (adminRole == null) { adminRole = new ApplicationRole(role.Name); await _roleManager.CreateAsync(adminRole); var roleList = role.Permissions.Where(r => r.IsSelected == true).ToList(); foreach (var r in roleList) { await _roleManager.AddClaimAsync(adminRole, new Claim(r.Type, r.Value)); } /* * role.Permissions.Where(r => r.IsSelected == true).ToList().ForEach(r=> * { * await _roleManager.AddClaimAsync(adminRole, new Claim(r.Type, r.Value)); * * }); */ // await _roleManager.AddClaimAsync(adminRole, new Claim(CustomClaimTypes.Permission, "projects.view")); //await _roleManager.AddClaimAsync(adminRole, new Claim(CustomClaimTypes.Permission, "projects.create")); //await _roleManager.AddClaimAsync(adminRole, new Claim(CustomClaimTypes.Permission, "projects.update")); } /*if (!await userManager.IsInRoleAsync(user, adminRole.Name)) * { * await userManager.AddToRoleAsync(user, adminRole.Name); * } * * var accountManagerRole = await roleManager.FindByNameAsync("Account Manager"); * * if (accountManagerRole == null) * { * accountManagerRole = new IdentityRole("Account Manager"); * await roleManager.CreateAsync(accountManagerRole); * * await roleManager.AddClaimAsync(accountManagerRole, new Claim(CustomClaimTypes.Permission, "account.manage")); * } */ return(RedirectToAction(nameof(Index))); } catch (Exception ex) { ViewData["Permissions"] = _context.Permissions.Select(p => new PermissionViewModel() { Id = p.Id, Type = p.Type, Value = p.Value, IsSelected = false }).ToList(); return(View()); } }
public async Task <RolePermissionModel> AddRole(RolePermissionModel roleRequest) { Role role = new Role(); role.Name = roleRequest.Name.Trim(); var result = await _roleManager.CreateAsync(role); if (result.Succeeded) { foreach (var permission in roleRequest.Permissions) { await _roleManager.AddClaimAsync(role, new Claim("permission", permission)); } roleRequest.RoleId = role.Id; return(roleRequest); } return(null); }
public async Task <IActionResult> addRoleClaim(string RoleName, string[] permissions) { var role = await _roleMangeer.FindByNameAsync(RoleName); foreach (var permission in permissions) { await _roleMangeer.AddClaimAsync(role, new Claim("permission", permission)); } return(Ok()); }
public async Task <ActionResult> Index(string id) { await _roleManager.CreateAsync(new MongoRole("Admin")); var role = await _roleManager.FindByNameAsync("Admin"); await _roleManager.AddClaimAsync(role, new Claim("Permission", "ManageCourses")); return(View(_userManager.Users)); }
//public async Task<ActionResult> Create(tring roleName, string[] permissions) public async Task <ActionResult> Create([Bind("Name, Claims")] Role role) { if (ModelState.IsValid) { var newRole = new IdentityRole(role.Name); var result = await _roleManager.CreateAsync(newRole); if (result.Succeeded) { foreach (String perm in role.Claims) { await _roleManager.AddClaimAsync(newRole, new Claim(perm, "Allowed")); } } return(RedirectToAction("Index")); } return(View()); }
public async Task <bool> AddRoleClaims(string RoleName, List <string> Claims) { var role = await _roleManager.FindByNameAsync(RoleName); foreach (var item in Claims) { await _roleManager.AddClaimAsync(role, new Claim("Permission", item)); } return(true); }
public async Task <IdentityResult> CreateClaims(string id, string claimType, string claimValue) { var role = await _roleManager.FindByIdAsync(id); if (role == null) { return(null); } return(await _roleManager.AddClaimAsync(role, new System.Security.Claims.Claim(claimType, claimValue))); }
public async Task <Role> Add(string role, List <string> claims, bool active, bool basic) { Roles roleResult; var roleCheck = await _roleManager.RoleExistsAsync(role); if (roleCheck) { return(null); } await _roleManager.CreateAsync(new Roles(role) { Active = active, Basic = basic }); roleResult = await _roleManager.FindByNameAsync(role); foreach (var claim in claims) { await _roleManager.AddClaimAsync(roleResult, new System.Security.Claims.Claim(CustomClaimTypes.Permission, claim)); } return(_mapper.Map <Roles, Role>(roleResult)); }
public async Task <IOperationResult <RoleViewModel> > UpdateRoleAsync(RoleViewModel roleView) { _logger.LogDebug($"Executing {nameof(UpdateRoleAsync)}. Param: {JsonConvert.SerializeObject(roleView)}"); var roleManagerRole = await _roleManager.FindByIdAsync(roleView.Id); if (roleManagerRole == null) { _logger.LogDebug($"Executed {nameof(UpdateRoleAsync)}. Returned NoRole."); return(OperationResult <RoleViewModel> .Failed(new OperationError() { Name = "NoRole", Description = "Specified role does not exist" })); } roleManagerRole.Name = roleView.Name; var updateRoleResult = await _roleManager.UpdateAsync(roleManagerRole); if (!updateRoleResult.Succeeded) { _logger.LogDebug($"Executed {nameof(UpdateRoleAsync)}. Returned IdentityError."); return(OperationResult <RoleViewModel> .Failed(updateRoleResult.Errors.Select(err => new OperationError() { Name = "IdentityError", Description = err.Description }).ToArray())); } var claims = await _roleManager.GetClaimsAsync(roleManagerRole); var claimsToRemove = claims.Where(c => !roleView.Permissions.Any(rp => rp.Equals(c.Value))).ToList(); var claimsToAdd = roleView.Permissions.Where(rp => !claims.Any(c => c.Value.Equals(rp))).Select(p => new Claim(CustomClaimTypes.Permission, p)); var removeTasks = claimsToRemove.Select(claim => _roleManager.RemoveClaimAsync(roleManagerRole, claim)); var addTasks = claimsToAdd.Select(claim => _roleManager.AddClaimAsync(roleManagerRole, claim)); await Task.WhenAll(removeTasks.Union(addTasks).ToList()); _logger.LogDebug($"Executed {nameof(UpdateRoleAsync)}. Returned RoleModel."); return(OperationResult <RoleViewModel> .Success(roleView)); }
public static async Task SeedUsers(ApplicationDbContext context, UserManager <ApplicationUser> userManager, RoleManager <IdentityRole> roleManager, ILogger <DbInitializer> logger) { string username1 = "*****@*****.**"; string username2 = "*****@*****.**"; string username3 = "*****@*****.**"; string username4 = "*****@*****.**"; string username5 = "*****@*****.**"; string username6 = "*****@*****.**"; string adminRole = "Admin"; await CreateRole(roleManager, adminRole); IdentityRole Admin = context.Roles.FirstOrDefault(x => x.Name == "Admin"); await roleManager.AddClaimAsync(Admin, new Claim("CanEdit", "CanEdit")); ApplicationUser user1 = await userManager.FindByNameAsync(username1); var createdUser1 = await MakeUser(user1, username1, userManager); await userManager.AddToRoleAsync(createdUser1, adminRole); await SetPasswordForUser(userManager, logger, username1, createdUser1); ApplicationUser user2 = await userManager.FindByNameAsync(username2); var createdUser2 = await MakeUser(user2, username2, userManager); await SetPasswordForUser(userManager, logger, username2, createdUser2); ApplicationUser user3 = await userManager.FindByNameAsync(username3); var createdUser3 = await MakeUser(user3, username3, userManager); await SetPasswordForUser(userManager, logger, username3, createdUser3); ApplicationUser user4 = await userManager.FindByNameAsync(username4); var createdUser4 = await MakeUser(user4, username4, userManager); await SetPasswordForUser(userManager, logger, username4, createdUser4); ApplicationUser user5 = await userManager.FindByNameAsync(username5); var createdUser5 = await MakeUser(user5, username5, userManager); await SetPasswordForUser(userManager, logger, username5, createdUser5); ApplicationUser user6 = await userManager.FindByNameAsync(username6); var createdUser6 = await MakeUser(user6, username6, userManager); await SetPasswordForUser(userManager, logger, username6, createdUser6); }
/// <summary> /// Update roles via RoleManager. /// </summary> /// <returns>A update action task.</returns> private async Task UpdateRolesAsync() { IdentityResult result; foreach (var roleInfo in Roles) { bool exist = await RoleManager.RoleExistsAsync(roleInfo.Name); if (!exist) { var role = RoleFactory(roleInfo); result = await RoleManager.CreateAsync(role); if (result.Succeeded) { foreach (var claim in roleInfo.Claims) { result = await RoleManager.AddClaimAsync(role, new Claim(claim.Type, claim.Value)); if (!result.Succeeded) { HandleIdentityErrors(result.Errors); } } } else { HandleIdentityErrors(result.Errors); } } else { var role = await RoleManager.FindByNameAsync(roleInfo.Name); var claims = await RoleManager.GetClaimsAsync(role); foreach (var claim in roleInfo.Claims) { if (claims.Any(x => x.Type == claim.Type && x.Value == claim.Value)) { continue; } else { result = await RoleManager.AddClaimAsync(role, new Claim(claim.Type, claim.Value)); if (!result.Succeeded) { HandleIdentityErrors(result.Errors); } } } } } }
public async Task <ActionResult <bool> > CreateRoleClaims([FromServices] RoleManager <IdentityRole> RoleManager) { string[] roleNames = { "TC", "Employee", "Finance", "Operation" }; IdentityResult roleResult; List <Claim> AllClaim = ClaimStore.GetClaims(); foreach (var roleName in roleNames) { var roleExist = await RoleManager.RoleExistsAsync(roleName); if (!roleExist) { IdentityRole identityRole = new IdentityRole(roleName); //create the roles and seed them to the database: Question 1 roleResult = await RoleManager.CreateAsync(identityRole); if (roleResult.Succeeded) { } } } var identityRoleTc = RoleManager.Roles.Where(p => p.Name == "TC").FirstOrDefault(); var AlreadyClaims = (await RoleManager.GetClaimsAsync(identityRoleTc)).Select(p => p.Type).ToList(); var toBeInserted = AllClaim.Where(p => !AlreadyClaims.Contains(p.Type) && p.Type.IndexOf("Gateway_") >= -1).ToList(); foreach (var t in toBeInserted) { var result = await RoleManager.AddClaimAsync(identityRoleTc, t); } var identityRoleEmployee = RoleManager.Roles.Where(p => p.Name == "Employee").FirstOrDefault(); var toBeInsertedEmp = AllClaim.Where(p => !AlreadyClaims.Contains(p.Type) && p.Type.IndexOf("Emp_") >= -1).ToList(); foreach (var t in toBeInsertedEmp) { var result = await RoleManager.AddClaimAsync(identityRoleEmployee, t); } return(true); }
public async Task <(bool Succeeded, string[] Errors)> CreateRoleAsync(ApplicationRole role, IEnumerable <string> claims) { if (claims == null) { claims = new string[] { } } ; var invalidClaims = claims.Where(c => ApplicationPermissions.GetPermissionByValue(c) == null).ToArray(); if (invalidClaims.Any()) { return(false, new[] { "The following claim types are invalid: " + string.Join(", ", invalidClaims) }); } var result = await _roleManager.CreateAsync(role); if (!result.Succeeded) { return(false, result.Errors.Select(e => e.Description).ToArray()); } role = await _roleManager.FindByNameAsync(role.Name); foreach (var claim in claims.Distinct()) { result = await _roleManager.AddClaimAsync(role, new Claim(ClaimConstants.Permission, ApplicationPermissions.GetPermissionByValue(claim))); if (!result.Succeeded) { await DeleteRoleAsync(role); return(false, result.Errors.Select(e => e.Description).ToArray()); } } return(true, new string[] { }); }
public static async Task <IdentityResult> AddPermissionClaim(this RoleManager <BlazorHeroRole> roleManager, BlazorHeroRole role, string permission) { var allClaims = await roleManager.GetClaimsAsync(role); if (!allClaims.Any(a => a.Type == ApplicationClaimTypes.Permission && a.Value == permission)) { return(await roleManager.AddClaimAsync(role, new Claim(ApplicationClaimTypes.Permission, permission))); } return(IdentityResult.Failed()); }
public async Task CreateAsync(RoleDto role) { var identityRole = new IdentityRole { Name = role.Name }; await _roleManager.CreateAsync(identityRole); if (role.Claims == null) { return; } identityRole = await _roleManager.FindByNameAsync(role.Name); await role.Claims.ForEachAsync(async claim => { await _roleManager.AddClaimAsync(identityRole, new Claim(claim.Type, claim.Value)); }); }
public async Task <ActionResult> ManageClaim(string id, RoleClaimsViewModel viewModel) { if (ModelState.IsValid) { if (!String.IsNullOrEmpty(id)) { IdentityRole identityRole = await _roleManager.FindByIdAsync(id); if (identityRole != null) { //Get claims associated with the role IList <Claim> roleClaimList = await _roleManager.GetClaimsAsync(identityRole); //Extract the claim type List <string> roleClaimTypeList = new List <string>(); foreach (var roleClaim in roleClaimList) { roleClaimTypeList.Add(roleClaim.Type); } foreach (var roleClaim in viewModel.RoleClaims) { //create a new claim with the claim name Claim claim = new Claim(roleClaim.ClaimName, ""); //get the associated claim from the role's claim list Claim associatedClaim = roleClaimList.Where(x => x.Type == roleClaim.ClaimName).FirstOrDefault(); if (roleClaim.HasClaim && !roleClaimTypeList.Contains(roleClaim.ClaimName)) { IdentityResult claimResult = await _roleManager.AddClaimAsync(identityRole, claim); if (!claimResult.Succeeded) { _logger.LogError(LoggingEvents.UserConfiguration, LoggingErrorText.addClaimFailed, roleClaim.ClaimName, identityRole, _userManager.GetUserName(User), GetDataErrors.GetErrors(claimResult)); } } else if (!roleClaim.HasClaim && roleClaimTypeList.Contains(roleClaim.ClaimName)) { IdentityResult claimResult = await _roleManager.RemoveClaimAsync(identityRole, associatedClaim); if (!claimResult.Succeeded) { _logger.LogError(LoggingEvents.UserConfiguration, LoggingErrorText.removeClaimFailed, roleClaim.ClaimName, identityRole, _userManager.GetUserName(User), GetDataErrors.GetErrors(claimResult)); } } } } return(RedirectToAction("Index")); } } return(View(viewModel)); }
public async Task <RoleClaim> CreateAsync(RoleClaim entity, CancellationToken cancellationToken = default) { var role = await GetRoleAsync(entity.RoleId) .ConfigureAwait(false); var claim = entity.ToRoleClaim().ToClaim(); var result = await _roleManager.AddClaimAsync(role, claim) .ConfigureAwait(false); if (result.Succeeded) { entity.Id = role.Id; _logger.LogInformation("Entity {EntityId} created", entity.Id, entity); return(entity); } throw new IdentityException { Errors = result.Errors }; }
public async Task <ActionResult> ManageClaim(string id, RoleClaimsViewModel viewModel) { if (ModelState.IsValid) { if (!String.IsNullOrEmpty(id)) { IdentityRole identityRole = await roleManager.FindByIdAsync(id); if (identityRole != null) { //Get claims associated with the role IList <Claim> roleClaimList = await roleManager.GetClaimsAsync(identityRole); //Extract the claim type List <string> roleClaimTypeList = new List <string>(); foreach (var roleClaim in roleClaimList) { roleClaimTypeList.Add(roleClaim.Type); } foreach (var roleClaim in viewModel.RoleClaims) { //create a new claim with the claim name Claim claim = new Claim(roleClaim.ClaimName, ""); //get the associated claim from the role's claim list Claim associatedClaim = roleClaimList.Where(x => x.Type == roleClaim.ClaimName).FirstOrDefault(); if (roleClaim.HasClaim && !roleClaimTypeList.Contains(roleClaim.ClaimName)) { IdentityResult claimResult = await roleManager.AddClaimAsync(identityRole, claim); if (!claimResult.Succeeded) { //TODO log details and display some sort of error } } else if (!roleClaim.HasClaim && roleClaimTypeList.Contains(roleClaim.ClaimName)) { IdentityResult claimResult = await roleManager.RemoveClaimAsync(identityRole, associatedClaim); if (!claimResult.Succeeded) { //TODO log details and display some sort of error } } } } return(RedirectToAction("Index")); } } return(View(viewModel)); }
async Task InstallInternalAsync(IEnumerable <IPermissionsProvider <Permission> > permissions) { // Iterate through all permission providers foreach (var permissionProvider in permissions) { // Get default permissions from provider var defaultPermissions = permissionProvider.GetDefaultPermissions(); // Iterate through default permissions // Create a role with the permissions if one does not exist // If role exists merge found default permissions with role foreach (var defaultPermission in defaultPermissions) { // Attempt to get existing role var role = await _roleManager.FindByNameAsync(defaultPermission.RoleName); // No existing role if (role == null) { // Create the role var result = await _roleManager.CreateAsync(new Role { Name = defaultPermission.RoleName }); if (result.Succeeded) { // Get the newly created role role = await _roleManager.FindByNameAsync(defaultPermission.RoleName); } } // Merge the default permissions into the new or existing role var defaultPermissionNames = (defaultPermission.Permissions ?? Enumerable.Empty <Permission>()).Select(x => x.Name); var currentPermissionNames = role.RoleClaims.Where(x => x.ClaimType == Permission.ClaimTypeName).Select(x => x.ClaimValue).ToList(); var distinctPermissionNames = currentPermissionNames .Union(defaultPermissionNames) .Distinct(); // Update role if set of permissions has increased var additionalPermissionNames = distinctPermissionNames.Except(currentPermissionNames).ToList(); if (additionalPermissionNames.Count > 0) { foreach (var permissionName in additionalPermissionNames) { await _roleManager.AddClaimAsync(role, new Claim(Permission.ClaimTypeName, permissionName)); } } } } }
public async Task <ActionResult <bool> > AddRoles(string roleName) { try { await _roleManager.CreateAsync(new IdentityRole(roleName)); var findRole = await _roleManager.FindByNameAsync(roleName); await _roleManager.AddClaimAsync(findRole, new Claim(CustomClaimType.Permission, Permissions.Dashboards.View)); await _roleManager.AddClaimAsync(findRole, new Claim(CustomClaimType.Permission, Permissions.Dashboards.Create)); } catch (Exception e) { throw; } return(Ok(true)); }