protected override async Task <TResponse> Process(EntityModelCommand <TEntityModel, TResponse> request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next) { await Authorize(request).ConfigureAwait(false); // continue pipeline return(await next().ConfigureAwait(false)); }
private void AuthorizeOrganization(EntityModelCommand <TEntityModel, TResponse> request) { var principal = request.Principal; if (principal == null) { return; } var isGlobalAdmin = principal.IsGlobalAdministrator(); if (isGlobalAdmin) { return; } // check principal organization is same of model organization if (!(request.Model is IHaveOrganization organizationModel)) { return; } var organizationString = principal.Identity?.GetOrganizationId(); Guid.TryParse(organizationString, out var organizationId); if (organizationId == organizationModel.OrganizationId) { return; } throw new DomainException(HttpStatusCode.Forbidden, "User does not have access to specified organization."); }
private void TrackChange(EntityModelCommand <TEntityModel, TResponse> request) { if (request is null) { throw new ArgumentNullException(nameof(request)); } var identityName = _principalReader.GetIdentifier(request.Principal); var model = request.Model; if (model is ITrackCreated createdModel) { if (createdModel.Created == default) { createdModel.Created = DateTimeOffset.UtcNow; } if (string.IsNullOrEmpty(createdModel.CreatedBy)) { createdModel.CreatedBy = identityName; } } if (model is ITrackUpdated updatedModel) { updatedModel.Updated = DateTimeOffset.UtcNow; updatedModel.UpdatedBy = identityName; } }
protected override async Task <TResponse> Process(EntityModelCommand <TEntityModel, TResponse> request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next) { // validate before processing await _validator.ValidateAndThrowAsync(request.Model, cancellationToken : cancellationToken).ConfigureAwait(false); // continue pipeline return(await next().ConfigureAwait(false)); }
protected override async Task <EntityResponseModel <TResponse> > Process(EntityModelCommand <TEntityModel, EntityResponseModel <TResponse> > request, CancellationToken cancellationToken, RequestHandlerDelegate <EntityResponseModel <TResponse> > next) { var failures = _validator .Select(v => v.Validate(request.Model)) .SelectMany(result => result.Errors) .Where(f => f != null) .ToList(); return(failures.Any() ? await Errors(failures).ConfigureAwait(false) : await next().ConfigureAwait(false)); }
private async Task SetTenantId(EntityModelCommand <TEntityModel, TResponse> request) { if (!(request.Model is IHaveTenant <TKey> tenantModel)) { return; } if (!Equals(tenantModel.TenantId, default(TKey))) { return; } var tenantId = await _tenantResolver.GetTenantId(request.Principal); tenantModel.TenantId = tenantId; }
protected override async Task <TResponse> Process(EntityModelCommand <TEntityModel, TResponse> request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next) { if (request is null) { throw new ArgumentNullException(nameof(request)); } if (next is null) { throw new ArgumentNullException(nameof(next)); } await Authorize(request).ConfigureAwait(false); // continue pipeline return(await next().ConfigureAwait(false)); }
private async Task Authorize(EntityModelCommand <TEntityModel, TResponse> request) { var principal = request.Principal; if (principal == null) { return; } // check principal tenant is same as model tenant if (request.Model is not IHaveTenant <TKey> tenantModel) { return; } var tenantId = await _tenantResolver.GetTenantId(principal); if (Equals(tenantId, tenantModel.TenantId)) { return; } throw new DomainException(HttpStatusCode.Forbidden, "User does not have access to specified tenant."); }
private void TrackChange(EntityModelCommand <TEntityModel, TResponse> request) { var identityName = request.Principal?.Identity?.Name; var model = request.Model; if (model is ITrackCreated createdModel) { if (createdModel.Created == default) { createdModel.Created = DateTimeOffset.UtcNow; } if (string.IsNullOrEmpty(createdModel.CreatedBy)) { createdModel.CreatedBy = identityName; } } if (model is ITrackUpdated updatedModel) { updatedModel.Updated = DateTimeOffset.UtcNow; updatedModel.UpdatedBy = identityName; } }