public void GenerateSeedData()
{
FeatureManager featureManager = new FeatureManager();
OperationManager operationManager = new OperationManager();
try
{
#region SECURITY
//Features
List <Feature> features = featureManager.FeatureRepository.Get().ToList();
Feature OAIPMH = features.FirstOrDefault(f => f.Name.Equals("OAI-PMH"));
if (OAIPMH == null)
{
OAIPMH = featureManager.Create("OAI-PMH", "Open Archives Initiative Protocol for Metadata Harvesting ");
}
Feature AdminFeature = features.FirstOrDefault(f =>
f.Name.Equals("Admin") &&
f.Parent != null &&
f.Parent.Id.Equals(OAIPMH.Id));
if (AdminFeature == null)
{
AdminFeature = featureManager.Create("Admin", "Settings and customization of the protocol", OAIPMH);
}
Feature ApiFeature = features.FirstOrDefault(f =>
f.Name.Equals("API") &&
f.Parent != null &&
f.Parent.Id.Equals(OAIPMH.Id));
if (ApiFeature == null)
{
ApiFeature = featureManager.Create("Api", "Api of the OAI PMH", OAIPMH);
}
//Operations
operationManager.Create("OAIPMH", "Admin", "*", OAIPMH);
operationManager.Create("OAIPMH", "Home", "*", OAIPMH);
operationManager.Create("API", "oai", "*", OAIPMH);
var featurePermissionManager = new FeaturePermissionManager();
if (!featurePermissionManager.Exists(null, ApiFeature.Id, PermissionType.Grant))
{
featurePermissionManager.Create(null, ApiFeature.Id, PermissionType.Grant);
}
#endregion SECURITY
}
finally
{
featureManager.Dispose();
operationManager.Dispose();
}
}
/// <summary>
///
/// </summary>
/// <param name="featureId"></param>
public void AddFeatureToPublic(long featureId)
{
var featurePermissionManager = new FeaturePermissionManager();
try
{
if (!featurePermissionManager.Exists(null, featureId))
{
featurePermissionManager.Create(null, featureId, PermissionType.Grant);
}
}
finally
{
featurePermissionManager.Dispose();
}
}
/// <summary>
///
/// </summary>
/// <param name="featureId"></param>
public void RemoveFeatureFromPublic(long featureId)
{
var featurePermissionManager = new FeaturePermissionManager();
try
{
if (featurePermissionManager.Exists(null, featureId))
{
featurePermissionManager.Delete(null, featureId);
}
}
finally
{
featurePermissionManager.Dispose();;
}
}
public void GenerateSeedData()
{
// Javad:
// 1) all the create operations should check for existence of the record
// 2) failure on creating any record should rollback the whole seed data generation. It is one transaction.
// 3) failues should throw an exception with enough information to pin point the root cause
// 4) only seed data related to the functions of this modules should be genereated here.
// BUG: seed data creation is not working because of the changes that were done in the entities and services.
// TODO: reimplement the seed data creation method.
//#region Security
//// Tasks
using (OperationManager operationManager = new OperationManager())
using (FeatureManager featureManager = new FeatureManager())
using (var featurePermissionManager = new FeaturePermissionManager())
{
// find root
var root = featureManager.FindRoots().FirstOrDefault();
// administration node
var administrationFeature = featureManager.FindByName("Administration") ?? featureManager.Create("Administration", "node for all administrative features", root);
// users node
var userFeature = featureManager.FindByName("Users") ?? featureManager.Create("Users", "", administrationFeature);
var userOperation = operationManager.Find("SAM", "Users", "*") ?? operationManager.Create("SAM", "Users", "*", userFeature);
// groups node
var groupFeature = featureManager.FindByName("Groups") ?? featureManager.Create("Groups", "", administrationFeature);
var groupOperation = operationManager.Find("SAM", "Groups", "*") ?? operationManager.Create("SAM", "Groups", "*", groupFeature);
// feature permissions
var featurePermissionFeature = featureManager.FindByName("Feature Permissions") ?? featureManager.Create("Feature Permissions", "", administrationFeature);
var featurePermissionOperation = operationManager.Find("SAM", "FeaturePermissions", "*") ?? operationManager.Create("SAM", "FeaturePermissions", "*", featurePermissionFeature);
// Entity Permissions
var entityPermissionFeature = featureManager.FindByName("Entity Permissions") ?? featureManager.Create("Entity Permissions", "", administrationFeature);
var entityPermissionOperation = operationManager.Find("SAM", "EntityPermissions", "*") ?? operationManager.Create("SAM", "EntityPermissions", "*", entityPermissionFeature);
// User Permissions
var userPermissionFeature = featureManager.FindByName("User Permissions") ?? featureManager.Create("User Permissions", "", administrationFeature);
var userPermissionOperation = operationManager.Find("SAM", "UserPermissions", "*") ?? operationManager.Create("SAM", "UserPermissions", "*", userPermissionFeature);
// Dataset Management
var datasetManagementFeature = featureManager.FindByName("Dataset Management") ?? featureManager.Create("Dataset Management", "", administrationFeature);
var datasetManagementOperation = operationManager.Find("SAM", "Datasets", "*") ?? operationManager.Create("SAM", "Datasets", "*", datasetManagementFeature);
// Document Management
var documentManagementFeature = featureManager.FindByName("Document Management") ?? featureManager.Create("Document Management", "", administrationFeature);
var documentManagementOperation = operationManager.Find("SAM", "Files", "*") ?? operationManager.Create("SAM", "Files", "*", documentManagementFeature);
// Request
var requestManagementFeature = featureManager.FindByName("Request Management") ?? featureManager.Create("Request Management", "", administrationFeature);
var requestManagementOperation = operationManager.Find("SAM", "RequestsAdmin", "*") ?? operationManager.Create("SAM", "RequestsAdmin", "*", requestManagementFeature);
var requestOperation = operationManager.Find("SAM", "Requests", "*") ?? operationManager.Create("SAM", "Requests", "*");
// Help
var helpOperation = operationManager.Find("SAM", "Help", "*") ?? operationManager.Create("SAM", "Help", "*");
if (!featurePermissionManager.Exists(null, featurePermissionFeature.Id, PermissionType.Grant))
{
featurePermissionManager.Create(null, featurePermissionFeature.Id, PermissionType.Grant);
}
}
}
public void GenerateSeedData()
{
using (FeatureManager featureManager = new FeatureManager())
using (OperationManager operationManager = new OperationManager())
using (var featurePermissionManager = new FeaturePermissionManager())
{
#region SECURITY
//workflows = größere sachen, vielen operation
//operations = einzelne actions
//1.controller -> 1.Operation
List <Feature> features = featureManager.FeatureRepository.Get().ToList();
Feature DataDiscovery = features.FirstOrDefault(f => f.Name.Equals("Data Discovery"));
if (DataDiscovery == null)
{
DataDiscovery = featureManager.Create("Data Discovery", "Data Discovery");
}
Feature SearchFeature = features.FirstOrDefault(f =>
f.Name.Equals("Search") &&
f.Parent != null &&
f.Parent.Id.Equals(DataDiscovery.Id));
if (SearchFeature == null)
{
SearchFeature = featureManager.Create("Search", "Search", DataDiscovery);
}
Feature SearchManagementFeature = features.FirstOrDefault(f =>
f.Name.Equals("Search Managment") &&
f.Parent != null &&
f.Parent.Id.Equals(DataDiscovery.Id));
if (SearchManagementFeature == null)
{
SearchManagementFeature = featureManager.Create("Search Management", "Search Management", DataDiscovery);
}
Feature Dashboard = features.FirstOrDefault(f =>
f.Name.Equals("Dashboard") &&
f.Parent != null &&
f.Parent.Id.Equals(DataDiscovery.Id));
if (Dashboard == null)
{
Dashboard = featureManager.Create("Dashboard", "Dashboard", DataDiscovery);
}
//worklfows -> create dataset ->
//WorkflowManager workflowManager = new WorkflowManager();
//var operation = new Operation();
//Workflow workflow = new Workflow();
//List<Workflow> workflows = workflowManager.WorkflowRepository.Get().ToList();
#region Help Workflow
//workflow =
// workflows.FirstOrDefault(w =>
// w.Name.Equals("Search Help") &&
// w.Feature != null &&
// w.Feature.Id.Equals(DataDiscovery.Id));
//if (workflow == null) workflow = workflowManager.Create("Search Help", "", DataDiscovery);
//operationManager.Create("DDM", "Help", "*", null, workflow);
operationManager.Create("DDM", "Help", "*");
#endregion
#region Search Workflow
// ToDo -> David, Sven
// [Sven / 2017-08-21]
// I had to remove the feature to get dashboard running without DDM feature permissions.
// We have to think about how we can fix it in a long run. Maybe "DDM/Home" is not the proper
// place for dashboard!?
operationManager.Create("DDM", "PublicSearch", "*");
operationManager.Create("DDM", "Home", "*", SearchFeature);
operationManager.Create("DDM", "Data", "*", SearchFeature);
if (!featurePermissionManager.Exists(null, SearchFeature.Id, PermissionType.Grant))
{
featurePermissionManager.Create(null, SearchFeature.Id, PermissionType.Grant);
}
#endregion
#region Search Admin Workflow
operationManager.Create("DDM", "Admin", "*", SearchManagementFeature);
#endregion
#region Dashboard
operationManager.Create("DDM", "Dashboard", "*", Dashboard);
#endregion
#endregion
}
}
public override void OnAuthorization(HttpActionContext actionContext)
{
var featurePermissionManager = new FeaturePermissionManager();
var operationManager = new OperationManager();
var userManager = new UserManager();
try
{
// Check for HTTPS
//if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
//{
// actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
// return;
//}
var areaName = "Api";
var controllerName = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var actionName = actionContext.ActionDescriptor.ActionName;
var operation = operationManager.Find(areaName, controllerName, "*");
if (operation == null)
{
actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
return;
}
var feature = operation.Feature;
if (feature != null && !featurePermissionManager.Exists(null, feature.Id))
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
return;
}
var token = actionContext.Request.Headers.Authorization?.ToString().Substring("Bearer ".Length).Trim();
// resolve the token to the corresponding user
var users = userManager.Users.Where(u => u.Token == token);
if (users == null || users.Count() != 1)
{
actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
actionContext.Response.Content = new StringContent("Bearer token not exist.");
return;
}
if (!featurePermissionManager.HasAccess(users.Single().Id, feature.Id))
{
actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden);
actionContext.Response.Content = new StringContent("Token is not valid.");
return;
}
}
}
finally
{
featurePermissionManager.Dispose();
operationManager.Dispose();
userManager.Dispose();
}
}