public GuardAppTests()
{
A.CallTo(() => apps.FindAppByNameAsync("new-app"))
.Returns(Task.FromResult <IAppEntity>(null));
A.CallTo(() => users.FindByIdAsync(A <string> .Ignored))
.Returns(A.Fake <IUser>());
A.CallTo(() => appPlans.GetPlan("free"))
.Returns(A.Fake <IAppLimitsPlan>());
}
public async Task <Client> FindClientByIdAsync(string clientId)
{
var client = staticClients.GetOrDefault(clientId);
if (client != null)
{
return(client);
}
var token = clientId.Split(':');
if (token.Length != 2)
{
return(null);
}
var app = await appProvider.FindAppByNameAsync(token[0]);
var appClient = app?.Clients.FirstOrDefault(x => x.Id == token[1]);
if (appClient == null)
{
return(null);
}
client = CreateClientFromApp(clientId, appClient);
return(client);
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var appName = context.RouteData.Values["app"]?.ToString();
if (!string.IsNullOrWhiteSpace(appName))
{
var app = await appProvider.FindAppByNameAsync(appName);
if (app == null)
{
context.Result = new NotFoundResult();
return;
}
var plan = appPlanProvider.GetPlanForApp(app);
var usage = await usageTracker.GetMonthlyCalls(app.Id.ToString(), DateTime.Today);
if (plan.MaxApiCalls >= 0 && (usage * 1.1) > plan.MaxApiCalls)
{
context.Result = new StatusCodeResult(429);
return;
}
context.HttpContext.Features.Set <IAppFeature>(new AppFeature(app));
}
await next();
}
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
var appName = context.RouteData.Values["app"]?.ToString();
if (!string.IsNullOrWhiteSpace(appName))
{
var app = await appProvider.FindAppByNameAsync(appName);
if (app == null)
{
context.Result = new NotFoundResult();
return;
}
var user = context.HttpContext.User;
var permission =
FindByOpenIdSubject(app, user) ??
FindByOpenIdClient(app, user);
if (permission == null)
{
context.Result = new NotFoundResult();
return;
}
var plan = appPlanProvider.GetPlanForApp(app);
var usage = await usageTracker.GetMonthlyCalls(app.Id.ToString(), DateTime.Today);
if (plan.MaxApiCalls >= 0 && (usage * 1.1) > plan.MaxApiCalls)
{
context.Result = new StatusCodeResult(429);
return;
}
var defaultIdentity = context.HttpContext.User.Identities.First();
switch (permission.Value)
{
case PermissionLevel.Owner:
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppOwner));
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppDeveloper));
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppEditor));
break;
case PermissionLevel.Developer:
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppDeveloper));
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppEditor));
break;
case PermissionLevel.Editor:
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppEditor));
break;
}
context.HttpContext.Features.Set <IAppFeature>(new AppFeature(app));
}
}
public AppCommandMiddlewareTests()
{
app = new AppDomainObject(AppId, -1);
A.CallTo(() => appProvider.FindAppByNameAsync(AppName))
.Returns((IAppEntity)null);
A.CallTo(() => userResolver.FindByIdAsync(contributorId))
.Returns(A.Fake <IUser>());
sut = new AppCommandMiddleware(Handler, appProvider, appPlansProvider, appPlansBillingManager, userResolver);
}
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
var appName = context.RouteData.Values["app"]?.ToString();
if (!string.IsNullOrWhiteSpace(appName))
{
var app = await appProvider.FindAppByNameAsync(appName);
if (app == null)
{
context.Result = new NotFoundResult();
return;
}
var user = context.HttpContext.User;
var permission =
FindByOpenIdSubject(app, user) ??
FindByOpenIdClient(app, user);
if (permission == null)
{
context.Result = new NotFoundResult();
return;
}
var defaultIdentity = context.HttpContext.User.Identities.First();
switch (permission.Value)
{
case PermissionLevel.Owner:
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppOwner));
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppDeveloper));
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppEditor));
break;
case PermissionLevel.Editor:
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppDeveloper));
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppEditor));
break;
case PermissionLevel.Developer:
defaultIdentity.AddClaim(new Claim(defaultIdentity.RoleClaimType, SquidexRoles.AppEditor));
break;
}
context.HttpContext.Features.Set <IAppFeature>(new AppFeature(app));
}
}
public async Task <IActionResult> GetSwagger(string app)
{
var appEntity = await appProvider.FindAppByNameAsync(app);
if (appEntity == null)
{
return(NotFound());
}
var schemas = await schemaRepository.QueryAllWithSchemaAsync(appEntity.Id);
var swaggerDocument = await schemasSwaggerGenerator.Generate(appEntity, schemas);
return(Content(swaggerDocument.ToJson(), "application/json"));
}
public async Task <IActionResult> GetHistory(string app, string channel)
{
var entity = await appProvider.FindAppByNameAsync(app);
if (entity == null)
{
return(NotFound());
}
var schemas = await historyEventRepository.QueryByChannelAsync(entity.Id, channel, 100);
var response = schemas.Select(x => SimpleMapper.Map(x, new HistoryEventDto())).ToList();
return(Ok(response));
}
public async Task <IActionResult> GetContributors(string app)
{
var entity = await appProvider.FindAppByNameAsync(app);
if (entity == null)
{
return(NotFound());
}
var response = entity.Contributors.Select(x => SimpleMapper.Map(x, new ContributorDto())).ToList();
Response.Headers["ETag"] = new StringValues(entity.Version.ToString());
return(Ok(response));
}
public static Task CanCreate(CreateApp command, IAppProvider apps)
{
Guard.NotNull(command, nameof(command));
return(Validate.It(() => "Cannot create app.", async error =>
{
if (await apps.FindAppByNameAsync(command.Name) != null)
{
error(new ValidationError($"An app with name '{command.Name}' already exists", nameof(command.Name)));
}
if (!command.Name.IsSlug())
{
error(new ValidationError("Name must be a valid slug.", nameof(command.Name)));
}
}));
}
public async Task <IActionResult> GetLanguages(string app)
{
var entity = await appProvider.FindAppByNameAsync(app);
if (entity == null)
{
return(NotFound());
}
var model = entity.Languages.Select(x =>
{
var isMasterLanguage = x.Equals(entity.MasterLanguage);
return(SimpleMapper.Map(x, new AppLanguageDto {
IsMasterLanguage = isMasterLanguage
}));
}).ToList();
Response.Headers["ETag"] = new StringValues(entity.Version.ToString());
return(Ok(model));
}