public async Task <User> AddRolesToUser(IList <Role> rolesToAdd, string subjectId, string identityProvider) { var user = await _userStore.Get($"{subjectId}:{identityProvider}"); var grainSecurableItems = rolesToAdd.Select(r => new Tuple <string, string>(r.Grain, r.SecurableItem)) .Distinct(); var existingRoles = new List <Role>(); foreach (var tuple in grainSecurableItems) { existingRoles.AddRange(await _roleStore.GetRoles(tuple.Item1, tuple.Item2)); } var exceptions = new List <Exception>(); foreach (var role in rolesToAdd) { if (existingRoles.All(r => r.Id != role.Id)) { exceptions.Add(new NotFoundException <Role>($"The role: {role} with Id: {role.Id} could not be found to add to the user.")); } if (user.Roles.Any(r => r.Id == role.Id)) { exceptions.Add( new AlreadyExistsException <Role>( $"The role: {role} with Id: {role.Id} already exists for the user.")); } } if (exceptions.Count > 0) { throw new AggregateException("There was an issue adding roles to the user. Please see the inner exception(s) for details.", exceptions); } return(await _userStore.AddRolesToUser(user, rolesToAdd)); }
public async Task <Group> AddRolesToGroup(IList <Role> rolesToAdd, string groupName) { var group = await _groupStore.Get(groupName); var grainSecurableItems = rolesToAdd.Select(r => new Tuple <string, string>(r.Grain, r.SecurableItem)) .Distinct(); var existingRoles = new List <Role>(); foreach (var tuple in grainSecurableItems) { existingRoles.AddRange(await _roleStore.GetRoles(tuple.Item1, tuple.Item2)); } var exceptions = new List <Exception>(); foreach (var role in rolesToAdd) { if (existingRoles.All(r => r.Id != role.Id)) { exceptions.Add(new NotFoundException <Role>($"The role: {role} with Id: {role.Id} could not be found to add to the group.")); } if (group.Roles.Any(r => r.Id == role.Id)) { exceptions.Add( new AlreadyExistsException <Role>( $"The role: {role} with Id: {role.Id} already exists for group {groupName}.")); } } if (exceptions.Count > 0) { throw new AggregateException("There was an issue adding roles to the group. Please see the inner exception(s) for details.", exceptions); } return(await _groupStore.AddRolesToGroup(group, rolesToAdd)); }
/// <summary> /// Gets all roles for a grain / secitem /// </summary> public async Task <IEnumerable <Role> > GetRoles(string grain = null, string securableItem = null, string roleName = null, bool includeDeleted = false) { var roles = await _roleStore.GetRoles(grain, securableItem, roleName); return(roles.Where(r => !r.IsDeleted || includeDeleted)); }