public async Task <OperationResult <IReadOnlyCollection <PermissionIdentityViewModel> > > GetGrantedPermissionsAsync( ulong userId, CancellationToken cancellationToken) { UsersLogMessages.GrantedPermissionIdentitiesFetching(_logger, userId); using var transactionScope = _transactionScopeFactory.CreateScope(); TransactionsLogMessages.TransactionScopeCreated(_logger); if (_authorizationConfigurationOptions.Value.AdminUserIds.Contains(userId)) { UsersLogMessages.UserIsAdmin(_logger, userId); return((await _permissionsService.GetIdentitiesAsync(cancellationToken)) .ToSuccess()); } var userExists = await _usersRepository.AnyAsync( userId : userId, cancellationToken : cancellationToken); if (!userExists) { UsersLogMessages.UserNotFound(_logger, userId); return(new DataNotFoundError($"User ID {userId}")); } UsersLogMessages.UserFound(_logger, userId); var identities = await _usersRepository.AsyncEnumerateGrantedPermissionIdentities(userId) .ToArrayAsync(cancellationToken); UsersLogMessages.GrantedPermissionIdentitiesFetched(_logger, userId); return(identities .ToSuccess <IReadOnlyCollection <PermissionIdentityViewModel> >()); }
private async Task <bool> HandleRemovedPermissionMappings( ulong userId, IEnumerable <UserPermissionMappingIdentityViewModel> permissionMappings, IEnumerable <int> grantedPermissionIds, IEnumerable <int> deniedPermissionIds, long actionId, CancellationToken cancellationToken) { var removedPermissionMappingIds = permissionMappings .Where(x => (!x.IsDenied && !grantedPermissionIds.Contains(x.PermissionId)) || (x.IsDenied && !deniedPermissionIds.Contains(x.PermissionId))) .Select(x => x.Id); if (!removedPermissionMappingIds.Any()) { return(false); } UsersLogMessages.UserPermissionMappingsDeleting(_logger, userId, removedPermissionMappingIds); await _usersRepository.UpdatePermissionMappingsAsync( removedPermissionMappingIds, actionId, cancellationToken); UsersLogMessages.UserPermissionMappingsDeleted(_logger, userId, removedPermissionMappingIds); return(true); }
private async Task <bool> HandleRemovedRoleMappings( ulong userId, IEnumerable <UserRoleMappingIdentityViewModel> roleMappings, IEnumerable <long> assignedRoleIds, long actionId, CancellationToken cancellationToken) { var removedRoleMappings = roleMappings .Where(x => !assignedRoleIds.Contains(x.RoleId)) .ToArray(); if (!removedRoleMappings.Any()) { return(false); } var mappingIds = removedRoleMappings .Select(x => x.Id); UsersLogMessages.UserRoleMappingsDeleting(_logger, userId, mappingIds); await _usersRepository.UpdateRoleMappingsAsync( mappingIds, actionId, cancellationToken); UsersLogMessages.UserRoleMappingsDeleted(_logger, userId, mappingIds); foreach (var mapping in removedRoleMappings) { _memoryCache.Remove(MakeRoleMemberIdsCacheKey(mapping.RoleId)); UsersLogMessages.RoleMemberIdsCacheCleared(_logger, mapping.RoleId); } return(true); }
private async Task <bool> HandleAddedRoles( IEnumerable <UserRoleMappingIdentityViewModel> roleMappings, IEnumerable <long> assignedRoleIds, ulong userId, long actionId, CancellationToken cancellationToken) { var addedRoleIds = assignedRoleIds .Where(id => !roleMappings.Any(x => x.RoleId == id)) .ToArray(); if (!addedRoleIds.Any()) { return(false); } UsersLogMessages.UserRoleMappingsCreating(_logger, userId, addedRoleIds); var mappingIds = await _usersRepository.CreateRoleMappingsAsync( userId, addedRoleIds, actionId, cancellationToken); UsersLogMessages.UserRoleMappingsCreated(_logger, userId, mappingIds); foreach (var roleId in addedRoleIds) { _memoryCache.Remove(MakeRoleMemberIdsCacheKey(roleId)); UsersLogMessages.RoleMemberIdsCacheCleared(_logger, roleId); } return(true); }
private async Task <bool> HandleAddedGrantedPermissions( IEnumerable <UserPermissionMappingIdentityViewModel> permissionMappings, IEnumerable <int> grantedPermissionIds, ulong userId, long actionId, CancellationToken cancellationToken) { var addedGrantedPermissionIds = grantedPermissionIds .Where(id => !permissionMappings.Any(x => !x.IsDenied && (x.PermissionId == id))) .ToArray(); if (!addedGrantedPermissionIds.Any()) { return(false); } UsersLogMessages.UserPermissionMappingsCreating(_logger, userId, addedGrantedPermissionIds, PermissionMappingType.Granted); var mappingIds = await _usersRepository.CreatePermissionMappingsAsync( userId, addedGrantedPermissionIds, PermissionMappingType.Granted, actionId, cancellationToken); UsersLogMessages.UserPermissionMappingsCreated(_logger, userId, mappingIds); return(true); }
public ValueTask <IReadOnlyCollection <ulong> > GetRoleMemberIdsAsync( long roleId, CancellationToken cancellationToken) => _memoryCache.OptimisticGetOrCreateAsync <IReadOnlyCollection <ulong> >(MakeRoleMemberIdsCacheKey(roleId), async entry => { UsersLogMessages.RoleMemberIdsFetching(_logger, roleId); entry.Priority = CacheItemPriority.High; var memberIds = await _usersRepository.AsyncEnumerateIds( roleId: roleId) .ToArrayAsync(cancellationToken); UsersLogMessages.RoleMemberIdsFetched(_logger, memberIds); return(memberIds); });
public async Task <OperationResult> UpdateAsync( ulong userId, UserUpdateModel updateModel, ulong performedById, CancellationToken cancellationToken) { UsersLogMessages.UserUpdating(_logger, userId, updateModel, performedById); using var transactionScope = _transactionScopeFactory.CreateScope(); TransactionsLogMessages.TransactionScopeCreated(_logger); var permissionIds = Enumerable.Union( updateModel.GrantedPermissionIds, updateModel.DeniedPermissionIds) .ToArray(); UsersLogMessages.PermissionIdsValidating(_logger, permissionIds); var permissionIdsValidationResult = await _permissionsService.ValidateIdsAsync( permissionIds, cancellationToken); if (permissionIdsValidationResult.IsFailure) { UsersLogMessages.PermissionIdsValidationFailed(_logger, permissionIdsValidationResult); return(permissionIdsValidationResult); } UsersLogMessages.PermissionIdsValidationSucceeded(_logger); UsersLogMessages.RoleIdsValidating(_logger, updateModel.AssignedRoleIds); var assignedRoleIdsValidationResult = await _rolesService.ValidateIdsAsync(updateModel.AssignedRoleIds, cancellationToken); if (assignedRoleIdsValidationResult.IsFailure) { UsersLogMessages.RoleIdsValidationFailed(_logger, assignedRoleIdsValidationResult); return(assignedRoleIdsValidationResult); } UsersLogMessages.RoleIdsValidationSucceeded(_logger); var now = _systemClock.UtcNow; var actionId = await _auditableActionsRepository.CreateAsync( (int)UserManagementAdministrationActionType.UserModified, now, performedById, cancellationToken); AuditingLogMessages.AuditingActionCreated(_logger, actionId); var anyChanges = false; UsersLogMessages.UserPermissionMappingIdentitiesFetching(_logger, userId); var permissionMappings = await _usersRepository.AsyncEnumeratePermissionMappingIdentities( userId : userId, isDeleted : false) .ToArrayAsync(cancellationToken); UsersLogMessages.UserPermissionMappingIdentitiesFetched(_logger, userId); anyChanges |= await HandleRemovedPermissionMappings( userId, permissionMappings, updateModel.GrantedPermissionIds, updateModel.DeniedPermissionIds, actionId, cancellationToken); anyChanges |= await HandleAddedGrantedPermissions( permissionMappings, updateModel.GrantedPermissionIds, userId, actionId, cancellationToken); anyChanges |= await HandleAddedDeniedPermissions( permissionMappings, updateModel.DeniedPermissionIds, userId, actionId, cancellationToken); UsersLogMessages.UserRoleMappingIdentitiesFetching(_logger, userId); var roleMappings = await _usersRepository.AsyncEnumerateRoleMappingIdentities( userId : userId, isDeleted : false) .ToArrayAsync(cancellationToken); UsersLogMessages.UserRoleMappingIdentitiesFetched(_logger, userId); anyChanges |= await HandleRemovedRoleMappings( userId, roleMappings, updateModel.AssignedRoleIds, actionId, cancellationToken); anyChanges |= await HandleAddedRoles( roleMappings, updateModel.AssignedRoleIds, userId, actionId, cancellationToken); if (!anyChanges) { UsersLogMessages.UserUpdateNoChangesGiven(_logger, userId); return(new NoChangesGivenError($"User ID {userId}")); } UsersLogMessages.UserUpdatingNotificationPublishing(_logger, userId); await _messenger.PublishNotificationAsync( new UserUpdatingNotification( userId, actionId), cancellationToken); UsersLogMessages.UserUpdatingNotificationPublished(_logger, userId); TransactionsLogMessages.TransactionScopeCommitting(_logger); transactionScope.Complete(); UsersLogMessages.UserUpdated(_logger, userId); return(OperationResult.Success); }
public async Task TrackUserAsync( ulong userId, string username, string discriminator, string avatarHash, CancellationToken cancellationToken) { UsersLogMessages.UserTracking(_logger, userId, username, discriminator, avatarHash); using var transactionScope = _transactionScopeFactory.CreateScope(); TransactionsLogMessages.TransactionScopeCreated(_logger); var now = _systemClock.UtcNow; var mergeResult = await _usersRepository.MergeAsync( userId, username, discriminator, avatarHash, firstSeen : now, lastSeen : now, cancellationToken); if (mergeResult.RowsInserted > 0) { UsersLogMessages.UserCreated(_logger, userId); var actionId = await _auditableActionsRepository.CreateAsync( (int)UserManagementAdministrationActionType.UserCreated, now, userId, cancellationToken); AuditingLogMessages.AuditingActionCreated(_logger, actionId); UsersLogMessages.DefaultPermissionIdsFetching(_logger); var defaultPermissionIds = await _usersRepository .AsyncEnumerateDefaultPermissionIds() .ToArrayAsync(cancellationToken); UsersLogMessages.DefaultPermissionIdsFetched(_logger, defaultPermissionIds); if (defaultPermissionIds.Any()) { UsersLogMessages.UserPermissionMappingsCreating(_logger, userId, defaultPermissionIds, PermissionMappingType.Granted); var mappingIds = await _usersRepository.CreatePermissionMappingsAsync( userId, defaultPermissionIds, PermissionMappingType.Granted, actionId, cancellationToken); UsersLogMessages.UserPermissionMappingsCreated(_logger, userId, mappingIds); } UsersLogMessages.DefaultRoleIdsFetching(_logger); var defaultRoleIds = await _usersRepository .AsyncEnumerateDefaultRoleIds() .ToArrayAsync(cancellationToken); UsersLogMessages.DefaultRoleIdsFetched(_logger, defaultRoleIds); if (defaultRoleIds.Any()) { UsersLogMessages.UserRoleMappingsCreating(_logger, userId, defaultRoleIds); var mappingIds = await _usersRepository.CreateRoleMappingsAsync( userId, defaultRoleIds, actionId, cancellationToken); UsersLogMessages.UserRoleMappingsCreated(_logger, userId, mappingIds); } UsersLogMessages.UserInitializingNotificationPublishing(_logger, userId); await _messenger.PublishNotificationAsync( new UserInitializingNotification( userId, actionId), cancellationToken); UsersLogMessages.UserInitializingNotificationPublished(_logger, userId); } else { UsersLogMessages.UserUpdated(_logger, userId); } TransactionsLogMessages.TransactionScopeCommitting(_logger); transactionScope.Complete(); UsersLogMessages.UserTracked(_logger, userId); }