public async Task Should_update_permission_set_and_add_event()
{
var options = Shared.CreateContextOptions();
var permissionSet = new PermissionSet(Guid.NewGuid(), Guid.NewGuid(), "Default", new List <PermissionCommand>());
using (var dbContext = new AtlasDbContext(options))
{
dbContext.PermissionSets.Add(permissionSet);
await dbContext.SaveChangesAsync();
}
using (var dbContext = new AtlasDbContext(options))
{
var command = new UpdatePermissionSet
{
SiteId = permissionSet.SiteId,
Id = permissionSet.Id,
Name = "Permission Set",
Permissions = new List <PermissionCommand>
{
new PermissionCommand
{
Type = PermissionType.Start,
RoleId = Guid.NewGuid().ToString()
}
}
};
var cacheManager = new Mock <ICacheManager>();
var createValidator = new Mock <IValidator <CreatePermissionSet> >();
var updateValidator = new Mock <IValidator <UpdatePermissionSet> >();
updateValidator
.Setup(x => x.ValidateAsync(command, new CancellationToken()))
.ReturnsAsync(new ValidationResult());
var sut = new PermissionSetService(dbContext,
cacheManager.Object,
createValidator.Object,
updateValidator.Object);
await sut.UpdateAsync(command);
var updatedPermissionSet = await dbContext.PermissionSets.FirstOrDefaultAsync(x => x.Id == command.Id);
var @event = await dbContext.Events.FirstOrDefaultAsync(x => x.TargetId == command.Id);
updateValidator.Verify(x => x.ValidateAsync(command, new CancellationToken()));
Assert.AreEqual(command.Name, updatedPermissionSet.Name);
Assert.NotNull(@event);
}
}
public async Task UpdatePermissions([FromBody] UpdatePermissionSet updates)
{
var user = await this.userManager.GetUserAsync(HttpContext.User);
if (!(await this.CanUpdatePermissions(user, updates.ProfileId)))
{
throw new UserReportableError($"This user does not have permission to update profile permissions for profile '{updates.ProfileId}'.",
(int)HttpStatusCode.Unauthorized);
}
bool isAdmin = await this.IsAdmin(user);
await this.dataRepo.UpdatePermissions(user.Id, updates.Updates, updates.ProfileId, isAdmin);
}
public async Task <ActionResult> Update(FormComponentModel.PermissionSetModel model)
{
var site = await _contextService.CurrentSiteAsync();
var user = await _contextService.CurrentUserAsync();
var command = new UpdatePermissionSet
{
Id = model.Id,
Name = model.Name,
Permissions = model.Permissions.ToPermissionCommands(),
SiteId = site.Id,
UserId = user.Id
};
await _permissionSetService.UpdateAsync(command);
return(Ok());
}
public async Task UpdateAsync(UpdatePermissionSet command)
{
await _updateValidator.ValidateCommandAsync(command);
var permissionSet = await _dbContext.PermissionSets
.Include(x => x.Permissions)
.FirstOrDefaultAsync(x =>
x.SiteId == command.SiteId &&
x.Id == command.Id &&
x.Status != StatusType.Deleted);
if (permissionSet == null)
{
throw new DataException($"Permission Set with Id {command.Id} not found.");
}
foreach (var permission in permissionSet.Permissions)
{
_dbContext.Permissions.Remove(permission);
}
permissionSet.UpdateDetails(command.Name, command.Permissions);
_dbContext.Events.Add(new Event(command.SiteId,
command.UserId,
EventType.Updated,
typeof(PermissionSet),
command.Id,
new
{
command.Name,
command.Permissions
}));
await _dbContext.SaveChangesAsync();
_cacheManager.Remove(CacheKeys.PermissionSet(command.Id));
}
