public async Task <bool> Execute(UpdatePolicyParameter updatePolicyParameter)
{
if (updatePolicyParameter == null)
{
throw new ArgumentNullException(nameof(updatePolicyParameter));
}
if (string.IsNullOrWhiteSpace(updatePolicyParameter.PolicyId))
{
throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, "id"));
}
_umaServerEventSource.StartUpdateAuthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter));
var policy = await _repositoryExceptionHelper.HandleException(
string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId),
() => _policyRepository.Get(updatePolicyParameter.PolicyId));
if (policy == null)
{
return(false);
}
foreach (var resourceSetId in policy.ResourceSetIds)
{
var resourceSet = await _resourceSetRepository.Get(resourceSetId).ConfigureAwait(false);
if (updatePolicyParameter.Scopes.Any(r => !resourceSet.Scopes.Contains(r)))
{
throw new BaseUmaException(ErrorCodes.InvalidScope, ErrorDescriptions.OneOrMoreScopesDontBelongToAResourceSet);
}
}
policy.Scopes = updatePolicyParameter.Scopes;
policy.IsResourceOwnerConsentNeeded = updatePolicyParameter.IsResourceOwnerConsentNeeded;
policy.Claims = new List <Claim>();
policy.Script = updatePolicyParameter.Script;
if (updatePolicyParameter.Claims != null)
{
policy.Claims = updatePolicyParameter.Claims.Select(c => new Claim
{
Type = c.Type,
Value = c.Value
}).ToList();
}
var result = await _repositoryExceptionHelper.HandleException(
string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeUpdated, updatePolicyParameter.PolicyId),
() => _policyRepository.Update(policy));
_umaServerEventSource.FinishUpdateAuhthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter));
return(result);
}
public async Task <bool> Execute(UpdatePolicyParameter updatePolicyParameter)
{
// Check the parameters
if (updatePolicyParameter == null)
{
throw new ArgumentNullException(nameof(updatePolicyParameter));
}
if (string.IsNullOrWhiteSpace(updatePolicyParameter.PolicyId))
{
throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, "id"));
}
if (updatePolicyParameter.Rules == null || !updatePolicyParameter.Rules.Any())
{
throw new BaseUmaException(ErrorCodes.InvalidRequestCode, string.Format(ErrorDescriptions.TheParameterNeedsToBeSpecified, Constants.AddPolicyParameterNames.Rules));
}
_umaServerEventSource.StartUpdateAuthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter));
// Check the authorization policy exists.
var policy = await _repositoryExceptionHelper.HandleException(
string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeRetrieved, updatePolicyParameter.PolicyId),
() => _policyRepository.Get(updatePolicyParameter.PolicyId));
if (policy == null)
{
return(false);
}
policy.Rules = new List <PolicyRule>();
// Check all the scopes are valid.
foreach (var resourceSetId in policy.ResourceSetIds)
{
var resourceSet = await _resourceSetRepository.Get(resourceSetId);
if (updatePolicyParameter.Rules.Any(r => r.Scopes != null && !r.Scopes.All(s => resourceSet.Scopes.Contains(s))))
{
throw new BaseUmaException(ErrorCodes.InvalidScope, ErrorDescriptions.OneOrMoreScopesDontBelongToAResourceSet);
}
}
// Update the authorization policy.
foreach (var ruleParameter in updatePolicyParameter.Rules)
{
var claims = new List <Claim>();
if (ruleParameter.Claims != null)
{
claims = ruleParameter.Claims.Select(c => new Claim
{
Type = c.Type,
Value = c.Value
}).ToList();
}
policy.Rules.Add(new PolicyRule
{
Id = ruleParameter.Id,
ClientIdsAllowed = ruleParameter.ClientIdsAllowed,
IsResourceOwnerConsentNeeded = ruleParameter.IsResourceOwnerConsentNeeded,
Scopes = ruleParameter.Scopes,
Script = ruleParameter.Script,
Claims = claims,
OpenIdProvider = ruleParameter.OpenIdProvider
});
}
var result = await _repositoryExceptionHelper.HandleException(
string.Format(ErrorDescriptions.TheAuthorizationPolicyCannotBeUpdated, updatePolicyParameter.PolicyId),
() => _policyRepository.Update(policy));
_umaServerEventSource.FinishUpdateAuhthorizationPolicy(JsonConvert.SerializeObject(updatePolicyParameter));
return(result);
}
