public async Task BuildAsync()
{
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
_guidGenerator.Create(),
"MyPermission1",
UserPermissionValueProvider.ProviderName,
User1Id.ToString()
)
);
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
_guidGenerator.Create(),
"MyDisabledPermission1",
UserPermissionValueProvider.ProviderName,
User1Id.ToString()
)
);
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
_guidGenerator.Create(),
"MyPermission3",
UserPermissionValueProvider.ProviderName,
User1Id.ToString()
)
);
}
public async Task Update_Revoke_Test()
{
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
Guid.NewGuid(),
"MyPermission1",
"Test",
"Test"
)
);
(await _permissionGrantRepository.FindAsync("MyPermission1", "Test",
"Test")).ShouldNotBeNull();
await _permissionAppService.UpdateAsync("Test",
"Test", new UpdatePermissionsDto()
{
Permissions = new UpdatePermissionDto[]
{
new UpdatePermissionDto()
{
IsGranted = false,
Name = "MyPermission1"
}
}
});
(await _permissionGrantRepository.FindAsync("MyPermission1", "Test",
"Test")).ShouldBeNull();
}
public async Task UpdateAsync([NotNull] string providerName, [NotNull] string providerKey, IEnumerable <PermissionUpdateRequestModel> requestModels)
{
foreach (PermissionUpdateRequestModel requestModel in requestModels)
{
var permission = _permissionDefinitionManager.Get(requestModel.Name);
if (permission.AllowedProviders.Any() && !permission.AllowedProviders.Contains(providerName))
{
throw new ApplicationException($"The permission named {permission.Name} has not compatible with the provider named {providerName}");
}
if (!permission.IsEnabled)
{
throw new ApplicationException($"The permission named {permission.Name} is disabled");
}
PermissionGrant?permissionGrant = await _permissionGrantRepository.FindAsync(requestModel.Name, providerName, providerKey);
if (requestModel.IsGranted && permissionGrant is null)
{
await _permissionGrantRepository.InsertAsync(new PermissionGrant { Name = requestModel.Name, ProviderName = providerName, ProviderKey = providerKey });
}
if (!requestModel.IsGranted && permissionGrant is not null)
{
await _permissionGrantRepository.DeleteAsync(permissionGrant);
}
}
await _permissionGrantRepository.UnitOfWork.SaveChangesAsync();
}
public async Task GetAsync()
{
await _permissionGrantRepository.InsertAsync(new PermissionGrant(
Guid.NewGuid(),
"MyPermission1",
"Test",
"Test")
);
var grantedProviders = await _permissionManager.GetAsync("MyPermission1",
"Test",
"Test");
grantedProviders.ShouldNotBeNull();
grantedProviders.IsGranted.ShouldBeTrue();
grantedProviders.Name.ShouldBe("MyPermission1");
grantedProviders.Providers.ShouldContain(x => x.Key == "Test");
}
public async Task CheckAsync()
{
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
Guid.NewGuid(),
"MyPermission1",
"Test",
"Test"
)
);
var permissionValueProviderGrantInfo = await _permissionManagementProvider.CheckAsync("MyPermission1",
"Test",
"Test");
permissionValueProviderGrantInfo.IsGranted.ShouldBeTrue();
permissionValueProviderGrantInfo.ProviderKey.ShouldBe("Test");
}
private async Task AddPermission(string permissionName, string providerName, string providerKey)
{
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
_guidGenerator.Create(),
permissionName,
providerName,
providerKey
)
).ConfigureAwait(false);
}
protected virtual Task AddPermissionAsync(string permissionName, string providerName, string providerKey, Guid?tenantId)
{
return(_permissionGrantRepository.InsertAsync(
new PermissionGrant(
_guidGenerator.Create(),
permissionName,
providerName,
providerKey,
tenantId
)
));
}
public async Task <ActionResult <Client> > Post([FromBody] SaveClientViewModel clientVm)
{
if (!ModelState.IsValid)
{
return(BadRequest(new ValidationProblemDetails(ModelState)));
}
var client = await _clientRepository.FindByClientIdAsync(clientVm.Name);
if (client == null)
{
client = await _clientRepository.InsertAsync(
new Client(
Guid.NewGuid(),
clientVm.Name
)
{
ClientName = clientVm.Name,
ProtocolType = "oidc",
Description = clientVm.Name,
AlwaysIncludeUserClaimsInIdToken = true,
AllowOfflineAccess = true,
AbsoluteRefreshTokenLifetime = 31536000, //365 days
AccessTokenLifetime = 31536000, //365 days
AuthorizationCodeLifetime = 300,
IdentityTokenLifetime = 300,
RequireConsent = false
},
autoSave : true
);
}
foreach (var scope in clientVm.Scopes)
{
if (client.FindScope(scope) == null)
{
client.AddScope(scope);
}
}
foreach (var grantType in clientVm.GrantTypes)
{
if (client.FindGrantType(grantType) == null)
{
client.AddGrantType(grantType);
}
}
if (client.FindSecret(clientVm.Secret) == null)
{
client.AddSecret(clientVm.Secret);
}
if (clientVm.RedirectUri != null)
{
if (client.FindRedirectUri(clientVm.RedirectUri) == null)
{
client.AddRedirectUri(clientVm.RedirectUri);
}
}
if (clientVm.PostLogoutRedirectUri != null)
{
if (client.FindPostLogoutRedirectUri(clientVm.PostLogoutRedirectUri) == null)
{
client.AddPostLogoutRedirectUri(clientVm.PostLogoutRedirectUri);
}
}
if (clientVm.Permissions != null)
{
foreach (var permissionName in clientVm.Permissions)
{
if (await _permissionGrantRepository.FindAsync(permissionName, ClientPermissionValueProvider.ProviderName, clientVm.Name) != null)
{
continue;
}
await _permissionGrantRepository.InsertAsync(
new PermissionGrant(
GuidGenerator.Create(),
permissionName,
ClientPermissionValueProvider.ProviderName,
clientVm.Name,
null
)
);
}
}
await _clientRepository.UpdateAsync(client);
var newClient = await _clientRepository.GetAsync(client.Id, true);
return(CreatedAtAction(nameof(GetClient), new { client = client.Id }, newClient));
}