ApiSecurity.AuthorizeAsync C# (CSharp)代码示例

示例#1

0

显示文件

文件： AccessRulesController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> PostAsync(AccessObjectType objectType, int objectId, [FromBody] CreateAccessRuleDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            await ApiSecurity.AuthorizeAsync(objectType, objectId, AccessPermission.IsOwner, cancellationToken);

            ValidationResult validationResult;

            if (model.Anyone)
            {
                validationResult = await _securityManager.SetAccessRuleAsync(objectType, objectId, new AccessRuleItem { Permission = model.Permission, Visibility = model.Visibility }, cancellationToken);
            }
            else
            {
                var user = await _userManager.FindByEmailAsync(model.Email, cancellationToken);

                if (user == null)
                {
                    ModelState.AddModelError("", string.Format(SecurityApiResources.UserNotFound, model.Email));
                    return(BadRequest());
                }
                validationResult = await _securityManager.SetAccessRuleAsync(objectType, objectId, new AccessRuleItem { User = user, Permission = model.Permission, Visibility = model.Visibility }, cancellationToken);
            }
            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok(model));
        }

示例#2

0

显示文件

        public async Task <IHttpActionResult> PutAsync(int id, [FromBody] MailMessageItemDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, MailMessageField.Project, cancellationToken);

            if (mailMessage == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(mailMessage.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            mailMessage.Subject = model.Subject;
            mailMessage.Body    = model.Body;
            var validationResult = await _projectManager.ReplaceMailMessageAsync(project, mailMessage, mailMessage, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok(mailMessage));
        }

示例#3

0

显示文件

文件： PagesController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> MoveAsync(string portalUri, string pageUri, [FromBody] string uri, CancellationToken cancellationToken)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var page = await _portalManager.GetPageByUriAsync(portal, pageUri, cancellationToken);

            if (page == null)
            {
                return(NotFound());
            }
            var referencePage = (uri == null) ? null : await _portalManager.GetPageByUriAsync(portal, uri, cancellationToken);

            var validationResult = await _portalManager.MovePageAsync(portal, page, referencePage, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }

示例#4

0

显示文件

文件： ContactsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> PostFileAsync(int projectId, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            using (var content = await Request.Content.ReadAsFileStreamAsync(cancellationToken))
            {
                var contactManager = new ContactManager(_projectManager);
                switch (content.FileExtension.ToLower())
                {
                case ".xls":
                    await contactManager.ImportFromXlsAsync(project, content.FileStream, cancellationToken);

                    break;

                case ".xlsx":
                    await contactManager.ImportFromXlsxAsync(project, content.FileStream, cancellationToken);

                    break;

                default:
                    return(StatusCode(HttpStatusCode.UnsupportedMediaType));
                }
            }
            return(Ok());
        }

示例#5

0

显示文件

文件： PagesController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> PostContentAsync(string portalUri, string pageUri, [FromBody] SetPageBodyDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var page = await _portalManager.GetPageByUriAsync(portal, pageUri, PageField.All, cancellationToken);

            if (page == null)
            {
                return(NotFound());
            }

            page.HtmlContent  = model.HtmlContent;
            page.StyleContent = model.StyleContent;

            var validationResult = await _portalManager.ReplacePageAsync(portal, page, page, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok(ModelMapper.ToPageDto(page)));
        }

示例#6

0

显示文件

        public async Task <IHttpActionResult> PutAsync(int id, [FromBody] ActionItemDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var action = await _projectManager.GetActionByIdAsync(id, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(action.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            action.Type         = model.Type;
            action.Enabled      = model.Enabled;
            action.Name         = model.Name;
            action.Options      = model.Options;
            action.ModifiedDate = DateTime.UtcNow;

            var validationResult = await _projectManager.ReplaceActionAsync(project, action, action, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(new ActionContentResult(_actionLinkService, action, this));
        }

示例#7

0

显示文件

文件： AccessRulesController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> DeleteAsync(AccessObjectType objectType, int objectId, [FromBody] string email, CancellationToken cancellationToken)
        {
            await ApiSecurity.AuthorizeAsync(objectType, objectId, AccessPermission.IsOwner, cancellationToken);

            AccessRuleItem trustee;

            if (email == null)
            {
                trustee = await _securityManager.GetAccessRuleAsync(objectType, objectId, cancellationToken);
            }
            else
            {
                trustee = await _securityManager.GetAccessRuleByUserEmailAsync(objectType, objectId, email, cancellationToken);
            }
            if (trustee == null)
            {
                ModelState.AddModelError("", string.Format(SecurityApiResources.UserNotFound, email ?? "Anyone"));
                return(BadRequest());
            }

            var validationResult = await _securityManager.RemoveAccessRuleAsync(objectType, objectId, trustee, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#8

0

显示文件

        public async Task <IHttpActionResult> PostAsync(string portalUri, string mediaUri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var media = default(MediaItem);

            using (var content = await Request.Content.ReadAsFileStreamAsync(cancellationToken))
            {
                var validationResult = await _portalManager.AddMediaAsync(
                    portal,
                    null,
                    media = new MediaItem
                {
                    Uri  = content.FileName,
                    Type = MimeMapping.GetMimeMapping(content.FileName),
                    Name = content.FileName
                },
                    content.FileStream,
                    cancellationToken);

                if (!validationResult.Succeeded)
                {
                    return(this.ValidationContent(validationResult));
                }
            }

            return(CreatedAtRoute(
                       "Portals.Media.GetByUri",
                       new RouteValueDictionary {
                ["portalUri"] = portal.Uri, ["mediaUri"] = media.Uri
            },
                       ModelMapper.ToMediaDto(media, uri => _portalManager.GetMediaLinkByUri(portal.Uri, uri))));
        }

示例#9

0

显示文件

        public async Task <IHttpActionResult> PutAsync(int id, [FromBody] BusinessTagItemDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var businessTag = await _projectManager.GetBusinessTagByIdAsync(id, cancellationToken);

            if (businessTag == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(businessTag.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            businessTag.Name  = model.Name;
            businessTag.Color = model.Color;
            var validationResult = await _projectManager.ReplaceBusinessTagAsync(project, businessTag, businessTag, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(new BusinessTagContentResult(HttpStatusCode.OK, businessTag, this));
        }

示例#10

0

显示文件

文件： PortalsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> PostProjectByUriAsync(string uri, [FromBody] int?projectId, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            ProjectItem project = null;

            if (projectId != null)
            {
                project = await _projectManager.FindByIdAsync((int)projectId, cancellationToken);

                if (project == null)
                {
                    return(BadRequest(string.Format(PortalApiResources.ProjectNotFound, projectId)));
                }
                await ApiSecurity.AuthorizeAsync(project, AccessPermission.IsOwner, cancellationToken);
            }
            var validationResult = await _portalManager.SetProjectAsync(portal, project, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }

示例#11

0

显示文件

文件： PortalsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> PostMasterPageByUriAsync(string uri, [FromBody] string masterPageUri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            ValidationResult validationResult;

            if (masterPageUri == null)
            {
                validationResult = await _portalManager.SetMasterPageAsync(portal, null, cancellationToken);
            }
            else
            {
                var masterPage = await _portalManager.GetPageByUriAsync(portal, masterPageUri, cancellationToken);

                if (masterPage == null)
                {
                    return(BadRequest(string.Format(PortalApiResources.PageNotFound, uri)));
                }
                validationResult = await _portalManager.SetMasterPageAsync(portal, masterPage, cancellationToken);
            }
            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }

示例#12

0

显示文件

文件： PortalsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> PutAsync(string uri, [FromBody] SetPortalHeadDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            ValidationResult validationResult;

            if (model.Uri != null)
            {
                validationResult = await _portalManager.SetUriAsync(portal, model.Uri, cancellationToken);

                if (!validationResult.Succeeded)
                {
                    return(this.ValidationContent(validationResult));
                }
            }

            portal.Name         = model.Name;
            portal.Description  = model.Description;
            portal.GATrackingId = model.GATrackingId;

            validationResult = await _portalManager.UpdateAsync(portal, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }

            return(Ok(ModelMapper.ToPortalDto(portal)));
        }

示例#13

0

显示文件

        public async Task <IHttpActionResult> MoveAsync(int id, [FromBody] ActionSortOrderDto model, CancellationToken cancellationToken)
        {
            var action = await _projectManager.GetActionByIdAsync(id, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }
            var referenceAction = default(ActionItem);

            if (model != null)
            {
                referenceAction = await _projectManager.GetActionByIdAsync((int)model.ReferenceId, cancellationToken);

                if (referenceAction == null)
                {
                    return(NotFound());
                }
            }
            var project = await _projectManager.FindByIdAsync(action.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            var validationResult = await _projectManager.MoveActionBeforeAsync(project, action, referenceAction, cancellationToken);

            return(this.ValidationContent(validationResult));
        }

示例#14

0

显示文件

        public async Task <IHttpActionResult> GetAllAsync(int projectId, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanView, cancellationToken);

            return(Ok(await _projectManager.GetBusinessTagsAsync(project, cancellationToken)));
        }

示例#15

0

显示文件

文件： PortalsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> GetByUriAsync(string uri, PortalQueryField fields, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, (PortalField)(fields & ~PortalQueryField.Pages), cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanView, cancellationToken);

            return(Ok(ModelMapper.ToPortalDto(portal, fields.HasFlag(PortalQueryField.Pages) ? await _portalManager.GetPagesAsync(portal, cancellationToken) : null)));
        }

示例#16

0

显示文件

        public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.IsOwner, cancellationToken);

            await _projectManager.DeleteAsync(project, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#17

0

显示文件

文件： PortalsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> DeleteAsync(string uri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.IsOwner, cancellationToken);

            await _portalManager.DeleteAsync(portal, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#18

0

显示文件

        public async Task <IHttpActionResult> GetByLinkAsync(string link, CancellationToken cancellationToken)
        {
            var actionLink = _actionLinkService.DecodeLink(link);
            var action     = await _projectManager.GetActionByIdAsync(actionLink.ActionId, cancellationToken);

            var contact = actionLink.ContactId != null ? await _projectManager.GetContactByIdAsync((int)actionLink.ContactId, ContactField.None, cancellationToken) : null;

            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);

            return(new ActionLinkContentResult(_actionLinkService, action, contact, actionLink.CustomUri, this));
        }

示例#19

0

显示文件

文件： PagesController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> GetByIdAsync(int id, PageField fields, CancellationToken cancellationToken)
        {
            var page = await _portalManager.GetPageByIdAsync(id, fields | PageField.Portal, cancellationToken);

            if (page == null)
            {
                return(NotFound());
            }
            await ApiSecurity.AuthorizeAsync(AccessObjectType.Portal, page.Portal.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(ModelMapper.ToPageDto(page)));
        }

示例#20

0

显示文件

        public async Task <IHttpActionResult> GetByIdAsync(int id, MailMessageField fields, CancellationToken cancellationToken)
        {
            var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, fields | MailMessageField.Project, cancellationToken);

            if (mailMessage == null)
            {
                return(NotFound());
            }
            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, mailMessage.Project.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(mailMessage));
        }

示例#21

0

显示文件

文件： ContactsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> DeleteAllAsync(int projectId, [FromBody] IEnumerable <int> model, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            var contacts = await _projectManager.GetContactsAsync(project, model, ContactSortOrder.None, ContactField.None, cancellationToken);

            await _projectManager.RemoveContactsAsync(project, contacts, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#22

0

显示文件

文件： ContactsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> GetById(int id, ContactField fields, CancellationToken cancellationToken)
        {
            var contact = await _projectManager.GetContactByIdAsync(id, fields | ContactField.Project, cancellationToken);

            if (contact == null)
            {
                return(NotFound());
            }

            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, contact.Project.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(contact));
        }

示例#23

0

显示文件

        public async Task <IHttpActionResult> GetByLinkIdAsync(int id, CancellationToken cancellationToken)
        {
            var action = await _projectManager.GetActionByLinkIdAsync(id, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }

            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);

            return(new ActionContentResult(_actionLinkService, action, this));
        }

示例#24

0

显示文件

文件： ContactsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
        {
            var contact = await _projectManager.GetContactByIdAsync(id, ContactField.Project, cancellationToken);

            if (contact != null)
            {
                var project = await _projectManager.FindByIdAsync(contact.Project.Id, cancellationToken);

                await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

                await _projectManager.RemoveContactAsync(project, contact, cancellationToken);
            }
            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#25

0

显示文件

文件： PagesController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> GetAllAsync(string portalUri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanView, cancellationToken);

            var pages = await _portalManager.GetPagesAsync(portal, cancellationToken);

            if (pages == null)
            {
                return(NotFound());
            }
            return(Ok(ModelMapper.ToPageListDto(pages)));
        }

示例#26

0

显示文件

        public async Task <IHttpActionResult> DeleteAsync(string portalUri, string mediaUri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var media = await _portalManager.GetMediaByUriAsync(portal, mediaUri, cancellationToken);

            if (media != null)
            {
                await _portalManager.RemoveMediaAsync(portal, media, cancellationToken);
            }
            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#27

0

显示文件

        public async Task <IHttpActionResult> GetByNameAsync(int projectId, string name, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanView, cancellationToken);

            var businessTag = await _projectManager.GetBusinessTagByNameAsync(project, name, cancellationToken);

            if (businessTag == null)
            {
                return(NotFound());
            }
            return(new BusinessTagContentResult(HttpStatusCode.OK, businessTag, this));
        }

示例#28

0

显示文件

        public async Task <IHttpActionResult> GetLinkByIdAsync([FromUri] ActionLink model, bool absolute = true, CancellationToken cancellationToken = default(CancellationToken))
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var action = await _projectManager.GetActionByIdAsync(model.ActionId, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }
            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(_actionLinkService.CreateLink(model, absolute)));
        }

示例#29

0

显示文件

        public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
        {
            var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, MailMessageField.Project, cancellationToken);

            if (mailMessage == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(mailMessage.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            await _projectManager.RemoveMailMessageAsync(project, mailMessage, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }

示例#30

0

显示文件

文件： PortalsController.cs 项目： janosjanka/partnerinfo.old

        public async Task <IHttpActionResult> CopyAsync(string uri, [FromBody] CopyPortalDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var validationResult = await _portalManager.CopyAsync(portal, model.Uri, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }

C# (CSharp) ApiSecurity.AuthorizeAsync示例