public async Task Should_update_permission_set_and_add_event() { var options = Shared.CreateContextOptions(); var permissionSet = new PermissionSet(Guid.NewGuid(), Guid.NewGuid(), "Default", new List <PermissionCommand>()); using (var dbContext = new AtlasDbContext(options)) { dbContext.PermissionSets.Add(permissionSet); await dbContext.SaveChangesAsync(); } using (var dbContext = new AtlasDbContext(options)) { var command = new UpdatePermissionSet { SiteId = permissionSet.SiteId, Id = permissionSet.Id, Name = "Permission Set", Permissions = new List <PermissionCommand> { new PermissionCommand { Type = PermissionType.Start, RoleId = Guid.NewGuid().ToString() } } }; var cacheManager = new Mock <ICacheManager>(); var createValidator = new Mock <IValidator <CreatePermissionSet> >(); var updateValidator = new Mock <IValidator <UpdatePermissionSet> >(); updateValidator .Setup(x => x.ValidateAsync(command, new CancellationToken())) .ReturnsAsync(new ValidationResult()); var sut = new PermissionSetService(dbContext, cacheManager.Object, createValidator.Object, updateValidator.Object); await sut.UpdateAsync(command); var updatedPermissionSet = await dbContext.PermissionSets.FirstOrDefaultAsync(x => x.Id == command.Id); var @event = await dbContext.Events.FirstOrDefaultAsync(x => x.TargetId == command.Id); updateValidator.Verify(x => x.ValidateAsync(command, new CancellationToken())); Assert.AreEqual(command.Name, updatedPermissionSet.Name); Assert.NotNull(@event); } }
public async Task UpdatePermissions([FromBody] UpdatePermissionSet updates) { var user = await this.userManager.GetUserAsync(HttpContext.User); if (!(await this.CanUpdatePermissions(user, updates.ProfileId))) { throw new UserReportableError($"This user does not have permission to update profile permissions for profile '{updates.ProfileId}'.", (int)HttpStatusCode.Unauthorized); } bool isAdmin = await this.IsAdmin(user); await this.dataRepo.UpdatePermissions(user.Id, updates.Updates, updates.ProfileId, isAdmin); }
public async Task <ActionResult> Update(FormComponentModel.PermissionSetModel model) { var site = await _contextService.CurrentSiteAsync(); var user = await _contextService.CurrentUserAsync(); var command = new UpdatePermissionSet { Id = model.Id, Name = model.Name, Permissions = model.Permissions.ToPermissionCommands(), SiteId = site.Id, UserId = user.Id }; await _permissionSetService.UpdateAsync(command); return(Ok()); }
public async Task UpdateAsync(UpdatePermissionSet command) { await _updateValidator.ValidateCommandAsync(command); var permissionSet = await _dbContext.PermissionSets .Include(x => x.Permissions) .FirstOrDefaultAsync(x => x.SiteId == command.SiteId && x.Id == command.Id && x.Status != StatusType.Deleted); if (permissionSet == null) { throw new DataException($"Permission Set with Id {command.Id} not found."); } foreach (var permission in permissionSet.Permissions) { _dbContext.Permissions.Remove(permission); } permissionSet.UpdateDetails(command.Name, command.Permissions); _dbContext.Events.Add(new Event(command.SiteId, command.UserId, EventType.Updated, typeof(PermissionSet), command.Id, new { command.Name, command.Permissions })); await _dbContext.SaveChangesAsync(); _cacheManager.Remove(CacheKeys.PermissionSet(command.Id)); }