public void Create(InfusionGlobalPreference value)
{
using (log.Activity(m => m($"Creating {nameof(InfusionGlobalPreference)} by {Thread.CurrentPrincipal?.Identity?.Name}")))
{
using (log.Activity(m => m("Authorization")))
{
try
{
security.ValidateCreate(value);
}
catch (UnauthorizedAccessException)
{
log.Warn($"Authorization Denied");
throw;
}
catch (Exception e)
{
log.Error($"Authorization Error", e);
throw;
}
}
var entity = null as GlobalPreference;
using (log.Activity(m => m("Create Entity")))
{
try
{
entity = context.GlobalPreferences.Add(value);
context.SaveChanges();
}
catch (Exception e) when(e.HasDuplicateKeyNumber())
{
log.Warn($"Duplicate {nameof(InfusionGlobalPreference.Name)}:\"{value.Name}\"", e);
throw new DuplicateKeyException(value.Name);
}
catch (Exception e)
{
log.Error($"Update Error", e);
throw;
}
}
var newValue = entity.Filter();
using (log.Activity(m => m("Emit Event")))
{
try
{
emitter.OnCreated(newValue);
}
catch (Exception e)
{
log.Error($"Emit Event Error", e);
throw;
}
}
log.Info(m => m($"Created {nameof(InfusionGlobalPreference)}[{entity.Id}] by {Thread.CurrentPrincipal?.Identity?.Name}"));
}
}
public void Create(UserPreference value)
{
using (log.Activity(m => m($"Creating {nameof(UserPreference)} by {Thread.CurrentPrincipal?.Identity?.Name}")))
{
using (log.Activity(m => m("Authorization")))
{
try
{
security.ValidateCreate(value);
}
catch (UnauthorizedAccessException)
{
log.Warn($"Authorization Denied");
throw;
}
catch (Exception e)
{
log.Error($"Authorization Error", e);
throw;
}
}
var entity = null as UserPreference;
using (log.Activity(m => m("Create Entity")))
{
try
{
entity = context.UserPreferences.Add(value);
context.SaveChanges();
}
//TODO: KB: Do this on index validation
//throw new DuplicateKeyException(value.Name)
catch (Exception e)
{
log.Error($"Update Error", e);
throw;
}
}
var newValue = entity.Filter();
using (log.Activity(m => m("Emit Event")))
{
try
{
emitter.OnCreated(newValue);
}
catch (Exception e)
{
log.Error($"Emit Event Error", e);
throw;
}
}
log.Info(m => m($"Created {nameof(UserPreference)}[{entity.Id}] by {Thread.CurrentPrincipal?.Identity?.Name}"));
}
}
public void Provision(IPrincipal principal)
{
using (log.Activity(m => m($"Provisioning {Thread.CurrentPrincipal?.Identity?.Name}")))
{
var userName = null as string;
using (log.Activity(m => m($"Validate {Thread.CurrentPrincipal?.Identity?.Name}")))
{
var identity = Thread.CurrentPrincipal.Identity as ClaimsIdentity;
if (identity == null)
{
log.Info($"Identity is not ClaimsIdentity or null. Ignore Execution.");
return;
}
userName = identity.Claims.FirstOrDefault(x => x.Type == "user_id")?.Value ?? identity.Name;
if (userName == null)
{
log.Info($"UserName claim value is not found. Ignore Execution.");
return;
}
var isSuperByClaim = IsSuperByClaim(identity);
if (!isSuperByClaim)
{
log.Info($"Required claim value is not found. Ignore Execution.");
return;
}
}
using (log.Activity(m => m($"Impersonating Operation")))
{
//TODO: KB: Do we need to secure operation that always must succeed?
using (new Impersonate(new GenericPrincipal(new GenericIdentity(systemIdentityName), new string[0])))
{
var relation = null as Role;
using (log.Activity(m => m($"Read {nameof(Role)}[\"{roleName}\"]")))
{
relation = context.Roles.Include(item => item.Realm).SingleOrDefault(item => item.Name == roleName);
}
if (relation == null)
{
log.Error($"{nameof(Role)}[\"{roleName}\"] is not found");
throw new KeyNotFoundException();
}
var entity = null as Principal;
using (log.Activity(m => m($"Read {nameof(Principal)}[\"{userName}\"]")))
{
entity = context.Principals.Include(item => item.Roles.Select(r => r.Realm)).SingleOrDefault(item => item.Name == userName);
}
if (entity == null)
{
log.Info($"{nameof(Principal)}[\"{userName}\"] is not found.");
using (log.Activity(m => m("Create Entity")))
{
try
{
entity = context.Principals.Add(new Principal {
Name = userName
});
context.SaveChanges();
}
//TODO: KB: Do this on index validation
//throw new DuplicateKeyException(value.Name)
catch (Exception e)
{
log.Error($"Update Error", e);
throw;
}
}
var newValue = entity.Filter();
using (log.Activity(m => m("Emit Event")))
{
try
{
emitter.OnCreated(newValue);
}
catch (Exception e)
{
log.Error($"Emit Event Error", e);
throw;
}
}
}
if (entity.Roles.Any(item => item.Id == relation.Id))
{
log.Info($"{nameof(Principal)}[\"{userName}\"] already has role {nameof(Role)}[\"{roleName}\"]. Ignore Execution.");
return;
}
using (log.Activity(m => m("Update Entity")))
{
try
{
relation.Principals.Add(entity);
context.SaveChanges();
}
catch (Exception e)
{
log.Error($"Update Error", e);
throw;
}
}
using (log.Activity(m => m("Emit Event")))
{
try
{
var leftValue = entity.Filter();
var rightValue = relation.Filter();
linkEmitter.OnAdded(leftValue, rightValue, item => item.Roles);
}
catch (Exception e)
{
log.Error($"Emit Event Error", e);
throw;
}
}
log.Info($"Provisioned {nameof(Role)}[\"{roleName}\"] to {nameof(Principal)}[\"{userName}\"].{nameof(Principal.Roles)} by {Thread.CurrentPrincipal?.Identity?.Name}");
}
}
}
}
