Exemplo n.º 1
0
        protected override async Task <TResponse> Process(EntityModelCommand <TEntityModel, TResponse> request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next)
        {
            await Authorize(request).ConfigureAwait(false);

            // continue pipeline
            return(await next().ConfigureAwait(false));
        }
Exemplo n.º 2
0
        private void AuthorizeOrganization(EntityModelCommand <TEntityModel, TResponse> request)
        {
            var principal = request.Principal;

            if (principal == null)
            {
                return;
            }

            var isGlobalAdmin = principal.IsGlobalAdministrator();

            if (isGlobalAdmin)
            {
                return;
            }

            // check principal organization is same of model organization
            if (!(request.Model is IHaveOrganization organizationModel))
            {
                return;
            }

            var organizationString = principal.Identity?.GetOrganizationId();

            Guid.TryParse(organizationString, out var organizationId);

            if (organizationId == organizationModel.OrganizationId)
            {
                return;
            }

            throw new DomainException(HttpStatusCode.Forbidden, "User does not have access to specified organization.");
        }
Exemplo n.º 3
0
    private void TrackChange(EntityModelCommand <TEntityModel, TResponse> request)
    {
        if (request is null)
        {
            throw new ArgumentNullException(nameof(request));
        }

        var identityName = _principalReader.GetIdentifier(request.Principal);
        var model        = request.Model;

        if (model is ITrackCreated createdModel)
        {
            if (createdModel.Created == default)
            {
                createdModel.Created = DateTimeOffset.UtcNow;
            }

            if (string.IsNullOrEmpty(createdModel.CreatedBy))
            {
                createdModel.CreatedBy = identityName;
            }
        }

        if (model is ITrackUpdated updatedModel)
        {
            updatedModel.Updated   = DateTimeOffset.UtcNow;
            updatedModel.UpdatedBy = identityName;
        }
    }
Exemplo n.º 4
0
        protected override async Task <TResponse> Process(EntityModelCommand <TEntityModel, TResponse> request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next)
        {
            // validate before processing
            await _validator.ValidateAndThrowAsync(request.Model, cancellationToken : cancellationToken).ConfigureAwait(false);

            // continue pipeline
            return(await next().ConfigureAwait(false));
        }
Exemplo n.º 5
0
        protected override async Task <EntityResponseModel <TResponse> > Process(EntityModelCommand <TEntityModel, EntityResponseModel <TResponse> > request, CancellationToken cancellationToken, RequestHandlerDelegate <EntityResponseModel <TResponse> > next)
        {
            var failures = _validator
                           .Select(v => v.Validate(request.Model))
                           .SelectMany(result => result.Errors)
                           .Where(f => f != null)
                           .ToList();

            return(failures.Any()
                ? await Errors(failures).ConfigureAwait(false)
                : await next().ConfigureAwait(false));
        }
Exemplo n.º 6
0
        private async Task SetTenantId(EntityModelCommand <TEntityModel, TResponse> request)
        {
            if (!(request.Model is IHaveTenant <TKey> tenantModel))
            {
                return;
            }

            if (!Equals(tenantModel.TenantId, default(TKey)))
            {
                return;
            }

            var tenantId = await _tenantResolver.GetTenantId(request.Principal);

            tenantModel.TenantId = tenantId;
        }
Exemplo n.º 7
0
    protected override async Task <TResponse> Process(EntityModelCommand <TEntityModel, TResponse> request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next)
    {
        if (request is null)
        {
            throw new ArgumentNullException(nameof(request));
        }

        if (next is null)
        {
            throw new ArgumentNullException(nameof(next));
        }

        await Authorize(request).ConfigureAwait(false);

        // continue pipeline
        return(await next().ConfigureAwait(false));
    }
Exemplo n.º 8
0
    private async Task Authorize(EntityModelCommand <TEntityModel, TResponse> request)
    {
        var principal = request.Principal;

        if (principal == null)
        {
            return;
        }

        // check principal tenant is same as model tenant
        if (request.Model is not IHaveTenant <TKey> tenantModel)
        {
            return;
        }

        var tenantId = await _tenantResolver.GetTenantId(principal);

        if (Equals(tenantId, tenantModel.TenantId))
        {
            return;
        }

        throw new DomainException(HttpStatusCode.Forbidden, "User does not have access to specified tenant.");
    }
Exemplo n.º 9
0
        private void TrackChange(EntityModelCommand <TEntityModel, TResponse> request)
        {
            var identityName = request.Principal?.Identity?.Name;
            var model        = request.Model;

            if (model is ITrackCreated createdModel)
            {
                if (createdModel.Created == default)
                {
                    createdModel.Created = DateTimeOffset.UtcNow;
                }

                if (string.IsNullOrEmpty(createdModel.CreatedBy))
                {
                    createdModel.CreatedBy = identityName;
                }
            }

            if (model is ITrackUpdated updatedModel)
            {
                updatedModel.Updated   = DateTimeOffset.UtcNow;
                updatedModel.UpdatedBy = identityName;
            }
        }