/// <inheritdoc /> public async Task OnAuthenticatedAsync(ulong guildId, IEnumerable <ulong> roleIds, ulong userId) { CurrentGuildId = guildId; CurrentUserId = userId; var claims = new HashSet <AuthorizationClaim>(); foreach (var claimMapping in (await ClaimMappingRepository .SearchBriefsAsync(new ClaimMappingSearchCriteria() { GuildId = guildId, RoleIds = roleIds.ToArray(), UserId = userId, IsRescinded = false })) // Evaluate role mappings (userId is null) first, to give user mappings precedence. .OrderBy(x => x.UserId) // Evaluate granted mappings first, to give denied mappings precedence. .ThenBy(x => x.Type)) { if (claimMapping.Type == ClaimMappingType.Granted) { claims.Add(claimMapping.Claim); } else { claims.Remove(claimMapping.Claim); } } CurrentClaims = claims; }
/// <inheritdoc /> public async Task ModifyClaimMapping(ulong roleId, AuthorizationClaim claim, ClaimMappingType?newType) { RequireAuthenticatedUser(); RequireClaims(AuthorizationClaim.AuthorizationConfigure); var foundClaims = await ClaimMappingRepository.SearchBriefsAsync(new ClaimMappingSearchCriteria { Claims = new[] { claim }, RoleIds = new[] { roleId }, GuildId = CurrentGuildId }); using (var transaction = await ClaimMappingRepository.BeginCreateTransactionAsync()) { foreach (var existing in foundClaims) { await ClaimMappingRepository.TryDeleteAsync(existing.Id, CurrentUserId.Value); } if (newType.HasValue) { await ClaimMappingRepository.CreateAsync(new ClaimMappingCreationData() { GuildId = CurrentGuildId.Value, Type = newType.Value, RoleId = roleId, Claim = claim, CreatedById = CurrentUserId.Value }); } transaction.Commit(); } }
private async Task <IReadOnlyCollection <AuthorizationClaim> > LookupPosessedClaimsAsync(ulong guildId, IEnumerable <ulong> roleIds, ulong userId, IEnumerable <AuthorizationClaim> claimsFilter = null) { var posessedClaims = new HashSet <AuthorizationClaim>(); foreach (var claimMapping in (await ClaimMappingRepository .SearchBriefsAsync(new ClaimMappingSearchCriteria() { GuildId = guildId, RoleIds = roleIds.ToArray(), UserId = userId, Claims = claimsFilter?.ToArray(), IsDeleted = false })) // Evaluate role mappings (userId is null) first, to give user mappings precedence. .OrderBy(x => x.UserId) // Order putting @everyone last .ThenByDescending(x => x.RoleId == guildId) // Evaluate granted mappings first, to give denied mappings precedence. .ThenBy(x => x.Type)) { if (claimMapping.Type == ClaimMappingType.Granted) { posessedClaims.Add(claimMapping.Claim); } else { posessedClaims.Remove(claimMapping.Claim); } } return(posessedClaims); }
/// <inheritdoc /> public async Task <IReadOnlyCollection <AuthorizationClaim> > GetGuildRoleClaimsAsync(IRole guildRole) { return((await ClaimMappingRepository.SearchBriefsAsync(new ClaimMappingSearchCriteria { RoleIds = new[] { guildRole.Id }, IsDeleted = false, Types = new[] { ClaimMappingType.Granted }, GuildId = guildRole.Guild.Id })) .Select(d => d.Claim) .ToList()); }