public async Task Role_Updated_Distributed_Event_Test()
{
var role = await RoleRepository.FindByNormalizedNameAsync(LookupNormalizer.NormalizeName("moderator"));
var permissionGrantsInRole = await PermissionGrantRepository.GetListAsync("R", role.Name);
permissionGrantsInRole.ShouldNotBeNull();
permissionGrantsInRole.Count.ShouldBeGreaterThan(0);
var count = permissionGrantsInRole.Count;
using (var uow = UowManager.Begin())
{
var identityResult = await RoleManager.SetRoleNameAsync(role, "TestModerator");
identityResult.Succeeded.ShouldBeTrue();
await RoleRepository.UpdateAsync(role);
await uow.CompleteAsync();
}
role = await RoleRepository.GetAsync(role.Id);
role.Name.ShouldBe("TestModerator");
permissionGrantsInRole = await PermissionGrantRepository.GetListAsync("R", role.Name);
permissionGrantsInRole.Count.ShouldBe(count);
}
protected virtual async Task <ApplicationAuthConfigurationDto> GetAuthConfigAsync()
{
var authConfig = new ApplicationAuthConfigurationDto();
var permissions = _permissionDefinitionManager.GetPermissions();
IEnumerable <PermissionGrant> grantPermissions = new List <PermissionGrant>();
// TODO: 重写为每次调用接口都在数据库统一查询权限
// 待框架改进权限Provider机制后再移除
// 如果用户已登录,获取用户和角色权限
if (CurrentUser.IsAuthenticated)
{
var userPermissions = await _permissionGrantRepository.GetListAsync(UserPermissionValueProvider.ProviderName,
CurrentUser.GetId().ToString());
grantPermissions = grantPermissions.Union(userPermissions);
foreach (var userRole in CurrentUser.Roles)
{
var rolePermissions = await _permissionGrantRepository.GetListAsync(RolePermissionValueProvider.ProviderName,
userRole);
grantPermissions = grantPermissions.Union(rolePermissions);
}
}
// 如果客户端已验证,获取客户端权限
if (CurrentClient.IsAuthenticated)
{
var clientPermissions = await _permissionGrantRepository.GetListAsync(ClientPermissionValueProvider.ProviderName,
CurrentClient.Id);
grantPermissions = grantPermissions.Union(clientPermissions);
}
foreach (var permission in permissions)
{
authConfig.Policies[permission.Name] = true;
if (grantPermissions.Any(p => p.Name.Equals(permission.Name)))
{
authConfig.GrantedPolicies[permission.Name] = true;
}
}
return(authConfig);
}
protected virtual async Task <(string Key, bool IsGranted)> SetCacheItemsAsync(string providerName, string providerKey, string currentName)
{
var permissions = _permissionDefinitionManager.GetPermissions();
_logger.LogDebug("Getting all granted permissions from the repository for this provider name,key: {providerName},{providerKey}", providerName, providerKey);
var grantedPermissionsHashSet = new HashSet <string>((await _repository.GetListAsync(providerName, providerKey)).Select(p => p.Name));
_logger.LogDebug("Setting the cache items. Count: {permissionsCount}", permissions.Count);
var cacheItems = new List <(string Key, bool IsGranted)>();
bool currentResult = false;
foreach (var permission in permissions)
{
var isGranted = grantedPermissionsHashSet.Contains(permission.Name);
cacheItems.Add((string.Format(CacheKeyFormat, providerName, providerKey, permission.Name), isGranted));
if (permission.Name == currentName)
{
currentResult = isGranted;
}
}
List <Task> setCacheItemTasks = new();
foreach ((string Key, bool IsGranted) in cacheItems)
{
setCacheItemTasks.Add(_distributedCache.SetStringAsync(Key, IsGranted.ToString()));
}
await Task.WhenAll(setCacheItemTasks);
_logger.LogDebug("Finished setting the cache items. Count: {permissionsCount}", permissions.Count);
return(string.Format(CacheKeyFormat, providerName, providerKey, currentName), currentResult);
}