public void RevokeRole(PolicyUser user, string roleName) { Ensure.NotNull(user, nameof(user)); Ensure.NotNullOrEmpty(roleName, nameof(roleName)); Ensure.Equal(Id, user.PolicyId, nameof(user)); if (!_rolesByName.TryGetValue(roleName, out var roleId)) { throw new ArgumentOutOfRangeException($"Policy {ClientId} does not contain Role {roleName}"); } user.RemoveRole(roleName, roleId); }
public CommandResponse Handle(PolicyUserMsgs.AddPolicyUser cmd) { var policy = _repo.GetById <Domain.SecuredApplication>(cmd.ApplicationId, cmd).DefaultPolicy; if (policy.Id != cmd.PolicyId) { throw new NotSupportedException("Multiple Policies per Application is not supported. (or bad policy id)"); } var policyUser = new Domain.PolicyUser(cmd.PolicyUserId, policy.Id, cmd.UserId, policy.OneRolePerUser, cmd); _repo.Save(policyUser); return(cmd.Succeed()); }