/// <summary> /// Checks whether a user is authorized to access a sample query with a given action. /// </summary> /// <param name="policies">The list of category of policies.</param> /// <param name="userPrincipalName">The User Principal Name of the user who is seeking authorization confirmation.</param> /// <param name="categoryName">The category which the authorization confirmation is been requested for.</param> /// <param name="httpMethodName">The http action to be performed on the category.</param> /// <returns>True if user is authorized or false if user is not authorized.</returns> public static bool IsUserAuthorized(SampleQueriesPolicies policies, string userPrincipalName, string categoryName, string httpMethodName) { if (policies == null || policies.CategoryPolicies.Count == 0) { throw new ArgumentNullException(nameof(policies), "The list of policies cannot be null or empty."); } if (string.IsNullOrEmpty(userPrincipalName)) { throw new ArgumentNullException(nameof(userPrincipalName), "The user principal name cannot be null or empty."); } if (string.IsNullOrEmpty(categoryName)) { throw new ArgumentNullException(nameof(categoryName), "The category name cannot be null or empty."); } if (string.IsNullOrEmpty(httpMethodName)) { throw new ArgumentNullException(nameof(httpMethodName), "The http method name cannot be null or empty."); } bool isAuthorized = policies.CategoryPolicies.Exists(x => x.CategoryName.ToLower() == categoryName.ToLower() && x.UserClaims.Exists(y => y.UserPrincipalName.ToLower() == userPrincipalName.ToLower() && y.UserPermissions.Exists(z => z.Name.ToLower() == httpMethodName.ToLower() && z.Value == true))); return(isAuthorized); }
public async Task <IActionResult> RemoveUserClaim([FromQuery] string userPrincipalName, [FromQuery] string categoryName) { try { /* Validate whether authenticated user is samples administrator */ string authenticatedUserPrincipalName = User.Identity.Name; bool isAdmin = _administrators.Administrators.Contains(authenticatedUserPrincipalName); if (!isAdmin) { return(new JsonResult( $"{userPrincipalName} is not authorized to remove the user claim.") { StatusCode = StatusCodes.Status401Unauthorized }); } if (string.IsNullOrEmpty(userPrincipalName) || string.IsNullOrEmpty(categoryName)) { return(new JsonResult($"Provide both the user principal name and category name in the search parameters. " + $"e.g. /api/GraphExplorerSamplesAdmin?userprincipalname=john.doe@microsoft.com&categoryname=users") { StatusCode = StatusCodes.Status400BadRequest }); } // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // Remove the user claim in the given category policy SampleQueriesPolicies updatedPoliciesList = SamplesPolicyService.RemoveUserClaim(policies, categoryName, userPrincipalName); string updatedPoliciesJson = SamplesPolicyService.SerializeSampleQueriesPolicies(updatedPoliciesList); await _fileUtility.WriteToFile(updatedPoliciesJson, _policiesFilePathSource); // Get the category policy that has just been updated CategoryPolicy categoryPolicy = updatedPoliciesList.CategoryPolicies.FirstOrDefault(x => x.CategoryName.Equals(categoryName, StringComparison.OrdinalIgnoreCase)); return(Ok(categoryPolicy)); } catch (InvalidOperationException invalidOpsException) { // One or more parameters values do not exist in the list of category policies return(new JsonResult(invalidOpsException.Message) { StatusCode = StatusCodes.Status404NotFound }); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public async Task <IActionResult> UpdateUserClaimAsync([FromBody] CategoryPolicy categoryPolicy) { try { /* Validate whether authenticated user is samples administrator */ string userPrincipalName = User.Identity.Name; bool isAdmin = _administrators.Administrators.Contains(userPrincipalName); if (!isAdmin) { return(new JsonResult($"{userPrincipalName} is not authorized to update the user claim.") { StatusCode = StatusCodes.Status403Forbidden }); } // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // Update the user claim in the given category policy SampleQueriesPolicies updatedPoliciesList = SamplesPolicyService.ModifyUserClaim(policies, categoryPolicy); string updatedPoliciesJson = SamplesPolicyService.SerializeSampleQueriesPolicies(updatedPoliciesList); await _fileUtility.WriteToFile(updatedPoliciesJson, _policiesFilePathSource); // Fetch the category policy with the updated user claim categoryPolicy = updatedPoliciesList.CategoryPolicies.Find(x => x.CategoryName == categoryPolicy.CategoryName); // Success; return the user claim in the category policy that was just updated return(Ok(categoryPolicy)); } catch (InvalidOperationException invalidOpsException) { // Category policy provided doesn't exist return(new JsonResult(invalidOpsException.Message) { StatusCode = StatusCodes.Status404NotFound }); } catch (ArgumentNullException argNullException) { // Missing required parameter return(new JsonResult(argNullException.Message) { StatusCode = StatusCodes.Status400BadRequest }); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public async Task <IActionResult> CreateSampleQueryAsync([FromBody] SampleQueryModel sampleQueryModel) { try { // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); string categoryName = sampleQueryModel.Category; ClaimsIdentity identity = (ClaimsIdentity)User.Identity; IEnumerable <Claim> claims = identity.Claims; string userPrincipalName = (claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnJwt, StringComparison.OrdinalIgnoreCase)) ?? claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnUriSchema, StringComparison.OrdinalIgnoreCase)))?.Value; // Check if authenticated user is authorized for this action bool isAuthorized = SamplesPolicyService.IsUserAuthorized(policies, userPrincipalName, categoryName, HttpMethods.Post); if (!isAuthorized) { return(new JsonResult( $"{userPrincipalName} is not authorized to create the sample query. Category: '{categoryName}'") { StatusCode = StatusCodes.Status403Forbidden }); } // Get the list of sample queries SampleQueriesList sampleQueriesList = await _samplesStore.FetchSampleQueriesListAsync("en-US"); // Assign a new Id to the new sample query sampleQueryModel.Id = Guid.NewGuid(); // Add the new sample query to the list of sample queries SampleQueriesList newSampleQueriesList = SamplesService.AddToSampleQueriesList(sampleQueriesList, sampleQueryModel); // Get the serialized JSON string of the sample query string newSampleQueriesJson = SamplesService.SerializeSampleQueriesList(newSampleQueriesList); // Disabled functionality // await _fileUtility.WriteToFile(updatedSampleQueriesJson, _queriesFilePathSource); // Create the query Uri for the newly created sample query string newSampleQueryUri = string.Format("{0}://{1}{2}/{3}", Request.Scheme, Request.Host, Request.Path.Value, sampleQueryModel.Id.ToString()); // Success; return the new sample query that was added along with its Uri return(Created(newSampleQueryUri, sampleQueryModel)); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
/// <summary> /// Serializes an instance of a <see cref="SampleQueriesPolicies"/> into JSON string. /// </summary> /// <param name="policies">The instance of <see cref="SampleQueriesPolicies"/> to be deserialized.</param> /// <returns>The serialized JSON string from an instance of a <see cref="SampleQueriesPolicies"/>.</returns> public static string SerializeSampleQueriesPolicies(SampleQueriesPolicies policies) { if (policies == null) { throw new ArgumentNullException(nameof(policies), "The list of policies cannot be null."); } string policiesJson = JsonConvert.SerializeObject(policies, Formatting.Indented); return(policiesJson); }
/// <summary> /// Deserializes a JSON string into a list of <see cref="CategoryPolicy"/> objects. /// </summary> /// <param name="jsonString">The JSON string to be deserialized into a list of <see cref="SampleQueryModel"/> objects.</param> /// <returns>The deserialized list of <see cref="SampleQueryModel"/> objects.</returns> public static SampleQueriesPolicies DeserializeSampleQueriesPolicies(string jsonString) { if (string.IsNullOrEmpty(jsonString)) { throw new ArgumentNullException(nameof(jsonString), "The JSON string to be deserialized cannot be null or empty."); } SampleQueriesPolicies policies = JsonConvert.DeserializeObject <SampleQueriesPolicies>(jsonString); return(policies); }
/// <summary> /// Removes a <see cref="UserClaim"/> from a <see cref="CategoryPolicy"/> object. /// </summary> /// <param name="policies">The list of <see cref="CategoryPolicy"/> where the target <see cref="CategoryPolicy"/> object is contained.</param> /// <param name="categoryPolicyName">The target <see cref="CategoryPolicy"/> object where the <see cref="UserClaim"/> needs to be removed from.</param> /// <param name="userPrincipalName">The target User Principal Name whose <see cref="UserClaim"/> needs to be removed from the <see cref="CategoryPolicy"/> object.</param> /// <returns>The updated list of <see cref="SampleQueriesPolicies"/> /// with the <see cref="UserClaim"/> of a target User Principal Name removed from the target <see cref="CategoryPolicy"/> object.</returns> public static SampleQueriesPolicies RemoveUserClaim(SampleQueriesPolicies policies, string categoryPolicyName, string userPrincipalName) { if (policies == null || policies.CategoryPolicies.Count == 0) { throw new ArgumentNullException(nameof(SampleQueriesPolicies), "The list of policies cannot be null or empty."); } if (string.IsNullOrEmpty(categoryPolicyName)) { throw new ArgumentNullException(nameof(CategoryPolicy), "The category policy name cannot be null or empty."); } if (string.IsNullOrEmpty(userPrincipalName)) { throw new ArgumentNullException(nameof(CategoryPolicy), "The user prinicpal name cannot be null or empty."); } // Search the target category policy from the list of policies CategoryPolicy categoryPolicy = policies.CategoryPolicies.Find( x => x.CategoryName.ToLower() == categoryPolicyName.ToLower()); if (categoryPolicy == null) { throw new InvalidOperationException($"The specified category policy doesn't exist: {categoryPolicyName}"); } // This will be used later to insert the updated category policy back into the list of policies int categoryPolicyIndex = policies.CategoryPolicies.FindIndex(x => x == categoryPolicy); // Fetch the user claim UserClaim userClaim = categoryPolicy.UserClaims.FirstOrDefault( x => x.UserPrincipalName.ToLower() == userPrincipalName.ToLower()); if (userClaim == null) { throw new InvalidOperationException($"The specified user principal name has no claim in the specified category. " + $"UPN: {userPrincipalName}"); } // Get the location of the provided user claim from the category policy int userClaimIndex = categoryPolicy.UserClaims.FindIndex(x => x.UserPrincipalName == userClaim.UserPrincipalName); // Remove this user claim from the list of user claims categoryPolicy.UserClaims.RemoveAt(userClaimIndex); // Update the modified category policy back into list of policies policies.CategoryPolicies.Insert(categoryPolicyIndex, categoryPolicy); // Delete the original category policy pushed to the next index policies.CategoryPolicies.RemoveAt(++categoryPolicyIndex); return(policies); }
public async Task <IActionResult> CreateUserClaimAsync([FromBody] CategoryPolicy categoryPolicy) { try { /* Validate whether authenticated user is samples administrator */ ClaimsIdentity identity = (ClaimsIdentity)User.Identity; IEnumerable <Claim> claims = identity.Claims; string userPrincipalName = (claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnJwt, StringComparison.OrdinalIgnoreCase)) ?? claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnUriSchema, StringComparison.OrdinalIgnoreCase)))?.Value; bool isAdmin = _administrators.Administrators.Contains(userPrincipalName); if (!isAdmin) { return(new JsonResult($"{userPrincipalName} is not authorized to create the user claim.") { StatusCode = StatusCodes.Status403Forbidden }); } // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // Add the new user claim in the given category policy SampleQueriesPolicies updatedPoliciesList = SamplesPolicyService.ModifyUserClaim(policies, categoryPolicy); string updatedPoliciesJson = SamplesPolicyService.SerializeSampleQueriesPolicies(updatedPoliciesList); await _fileUtility.WriteToFile(updatedPoliciesJson, _policiesFilePathSource); // Extract the first user claim from the given categoryPolicy; this is what was added UserClaim userClaim = categoryPolicy.UserClaims.First(); // Fetch the category policy with the newly created user claim categoryPolicy = updatedPoliciesList.CategoryPolicies.Find(x => x.CategoryName == categoryPolicy.CategoryName); // Create the query Uri for the newly created user claim string newUserClaimUri = string.Format("{0}://{1}{2}?userprincipalname={3}&categoryname={4}", Request.Scheme, Request.Host, Request.Path.Value, userClaim.UserPrincipalName, categoryPolicy.CategoryName); return(Created(newUserClaimUri, categoryPolicy)); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public async Task <IActionResult> CreateSampleQueryAsync([FromBody] SampleQueryModel sampleQueryModel) { try { // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); string categoryName = sampleQueryModel.Category; string userPrincipalName = User.Identity.Name; // Check if authenticated user is authorized for this action bool isAuthorized = SamplesPolicyService.IsUserAuthorized(policies, userPrincipalName, categoryName, HttpMethods.Post); if (!isAuthorized) { return(new JsonResult( $"{userPrincipalName} is not authorized to create the sample query. Category: '{categoryName}'") { StatusCode = StatusCodes.Status401Unauthorized }); } // Get the list of sample queries SampleQueriesList sampleQueriesList = await GetSampleQueriesListAsync(); // Assign a new Id to the new sample query sampleQueryModel.Id = Guid.NewGuid(); // Add the new sample query to the list of sample queries SampleQueriesList newSampleQueriesList = SamplesService.AddToSampleQueriesList(sampleQueriesList, sampleQueryModel); // Get the serialized JSON string of the sample query string newSampleQueriesJson = SamplesService.SerializeSampleQueriesList(newSampleQueriesList); // Save the document-readable JSON-styled string to the source file await _fileUtility.WriteToFile(newSampleQueriesJson, _queriesFilePathSource); // Create the query Uri for the newly created sample query string newSampleQueryUri = string.Format("{0}://{1}{2}/{3}", Request.Scheme, Request.Host, Request.Path.Value, sampleQueryModel.Id.ToString()); // Success; return the new sample query that was added along with its Uri return(Created(newSampleQueryUri, sampleQueryModel)); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
/// <summary> /// Gets the list of <see cref="CategoryPolicy"/> or a <see cref="CategoryPolicy"/> that a User Principal Name has claims in. /// </summary> /// <param name="policies">The list of <see cref="CategoryPolicy"/> to search in.</param> /// <param name="userPrincipalName">The target User Principal Name which to search for in the list of <see cref="CategoryPolicy"/>.</param> /// <param name="categoryName">The name of the target <see cref="CategoryPolicy"/> to be searched for in the list of <see cref="CategoryPolicy"/>. /// If unspecified, all the category policies will be included in the search.</param> /// <returns>A list of filtered <see cref="CategoryPolicy"/> or the target <see cref="CategoryPolicy"/> with the claims for the specified User Principal Name.</returns> private static List <CategoryPolicy> GetUserPrincipalCategoryPolicies(SampleQueriesPolicies policies, string userPrincipalName, string categoryName = null) { List <CategoryPolicy> categoryPolicies = new List <CategoryPolicy>(); if (string.IsNullOrEmpty(categoryName)) { // Search for all category policies that the specified user principal name has claims in categoryPolicies = policies.CategoryPolicies.FindAll(x => x.UserClaims.Exists(y => y.UserPrincipalName == userPrincipalName)); } else { // Search for the category policy that the specified user principal name has claims in CategoryPolicy categoryPolicy = policies.CategoryPolicies.Find (x => x.CategoryName.Equals(categoryName, StringComparison.OrdinalIgnoreCase) && x.UserClaims.Exists(y => y.UserPrincipalName.Equals(userPrincipalName, StringComparison.OrdinalIgnoreCase))); if (categoryPolicy == null) { return(null); } else { categoryPolicies.Add(categoryPolicy); } } if (!categoryPolicies.Any()) { return(null); } List <CategoryPolicy> filteredCategoryPolicies = new List <CategoryPolicy>(); // Filter each category policy to extract the specified user principal's claims foreach (CategoryPolicy categoryPolicy in categoryPolicies) { UserClaim userClaim = categoryPolicy.UserClaims.Find(x => x.UserPrincipalName.Equals(userPrincipalName, StringComparison.OrdinalIgnoreCase)); CategoryPolicy userPrincipalPolicy = new CategoryPolicy { CategoryName = categoryPolicy.CategoryName, UserClaims = new List <UserClaim> { userClaim } }; filteredCategoryPolicies.Add(userPrincipalPolicy); } return(filteredCategoryPolicies); }
/// <summary> /// Creates a default template of policies for the sample query categories. /// </summary> /// <returns>An instance of <see cref="SampleQueriesPolicies"/> containing a list of <see cref="CategoryPolicy"/>.</returns> public static SampleQueriesPolicies CreateDefaultPoliciesTemplate() { if (SampleQueriesCategories.CategoriesLinkedList.Count == 0) { throw new InvalidOperationException("Cannot create a default policy template; the list of categories is empty."); } // List to hold the category policies List <CategoryPolicy> categoryPolicies = new List <CategoryPolicy>(); // Create the default policy template for each category in the list foreach (string category in SampleQueriesCategories.CategoriesLinkedList) { CategoryPolicy categoryPolicy = new CategoryPolicy() { CategoryName = category, UserClaims = new List <UserClaim>() { new UserClaim() { UserPermissions = new List <Permission>() { new Permission() { Name = HttpMethods.Post }, new Permission() { Name = HttpMethods.Put }, new Permission() { Name = HttpMethods.Delete } } } } }; categoryPolicies.Add(categoryPolicy); } SampleQueriesPolicies policies = new SampleQueriesPolicies() { CategoryPolicies = categoryPolicies }; return(policies); }
public async Task <IActionResult> GetSampleQueriesPoliciesListAsync([FromQuery] string userPrincipalName, [FromQuery] string categoryName) { try { // Fetch the list of category policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // This will hold the filtered list of category policies SampleQueriesPolicies filteredPolicies = new SampleQueriesPolicies(); if (!string.IsNullOrEmpty(userPrincipalName) && !string.IsNullOrEmpty(categoryName)) { filteredPolicies.CategoryPolicies = GetUserPrincipalCategoryPolicies(policies, userPrincipalName, categoryName); } else if (!string.IsNullOrEmpty(userPrincipalName)) { filteredPolicies.CategoryPolicies = GetUserPrincipalCategoryPolicies(policies, userPrincipalName); } else if (!string.IsNullOrEmpty(categoryName)) { filteredPolicies.CategoryPolicies = policies.CategoryPolicies.FindAll(x => x.CategoryName.Equals(categoryName, StringComparison.OrdinalIgnoreCase)); } else { return(Ok(policies)); } if (filteredPolicies.CategoryPolicies == null || !filteredPolicies.CategoryPolicies.Any()) { // Search parameter value not found in list of category policies return(NotFound()); } // Success; return the found list of category policies from filtered search return(Ok(filteredPolicies)); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public async Task <IActionResult> CreateUserClaimAsync([FromBody] CategoryPolicy categoryPolicy) { try { /* Validate whether authenticated user is samples administrator */ string userPrincipalName = User.Identity.Name; bool isAdmin = _administrators.Administrators.Contains(userPrincipalName); if (!isAdmin) { return(new JsonResult($"{userPrincipalName} is not authorized to create the user claim.") { StatusCode = StatusCodes.Status401Unauthorized }); } // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // Add the new user claim in the given category policy SampleQueriesPolicies updatedPoliciesList = SamplesPolicyService.ModifyUserClaim(policies, categoryPolicy); string updatedPoliciesJson = SamplesPolicyService.SerializeSampleQueriesPolicies(updatedPoliciesList); await _fileUtility.WriteToFile(updatedPoliciesJson, _policiesFilePathSource); // Extract the first user claim from the given categoryPolicy; this is what was added UserClaim userClaim = categoryPolicy.UserClaims.First(); // Create the query Uri for the newly created sample query string newUserClaimUri = string.Format("{0}://{1}{2}?userprincipalname={3}&categoryname={4}", Request.Scheme, Request.Host, Request.Path.Value, userClaim.UserPrincipalName, categoryPolicy.CategoryName); return(Created(newUserClaimUri, categoryPolicy)); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
/// <summary> /// Gets the JSON file contents of the policies and returns a deserialized instance of a <see cref="SampleQueriesPolicies"/> from this. /// </summary> /// <returns>A list of category policies.</returns> private async Task <SampleQueriesPolicies> GetSampleQueriesPoliciesAsync() { // Get the file contents from source string jsonFileContents = await _fileUtility.ReadFromFile(_policiesFilePathSource); if (string.IsNullOrEmpty(jsonFileContents)) { // Create default policies template SampleQueriesPolicies policies = SamplesPolicyService.CreateDefaultPoliciesTemplate(); // Get the serialized JSON string of the list of policies string policiesJson = SamplesPolicyService.SerializeSampleQueriesPolicies(policies); // Save the document-readable JSON-styled string to the source file await _fileUtility.WriteToFile(policiesJson, _policiesFilePathSource); // Return the list of policies return(policies); } // Return the list of policies return(SamplesPolicyService.DeserializeSampleQueriesPolicies(jsonFileContents)); }
public async Task <IActionResult> UpdateSampleQueryAsync(string id, [FromBody] SampleQueryModel sampleQueryModel) { try { // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); string categoryName = sampleQueryModel.Category; string userPrincipalName = User.Identity.Name; // Check if authenticated user is authorized for this action bool isAuthorized = SamplesPolicyService.IsUserAuthorized(policies, userPrincipalName, categoryName, HttpMethods.Put); if (!isAuthorized) { return(new JsonResult( $"{userPrincipalName} is not authorized to update the sample query. Category: '{categoryName}'") { StatusCode = StatusCodes.Status403Forbidden }); } // Get the list of sample queries SampleQueriesList sampleQueriesList = await GetSampleQueriesListAsync(); if (sampleQueriesList.SampleQueries.Count == 0) { return(NotFound()); // List is empty; the sample query being searched is definitely not in an empty list } // Check if the sample query model exists in the list of sample queries bool sampleQueryExists = sampleQueriesList.SampleQueries.Exists(x => x.Id == Guid.Parse(id)); if (!sampleQueryExists) { throw new InvalidOperationException($"No sample query found with id: {id}"); } // Update the provided sample query model into the list of sample queries SampleQueriesList updatedSampleQueriesList = SamplesService.UpdateSampleQueriesList(sampleQueriesList, sampleQueryModel, Guid.Parse(id)); // Get the serialized JSON string of this sample query string updatedSampleQueriesJson = SamplesService.SerializeSampleQueriesList(updatedSampleQueriesList); // Save the JSON string to the source file await _fileUtility.WriteToFile(updatedSampleQueriesJson, _queriesFilePathSource); // Success; return the sample query model object that was just updated return(Ok(sampleQueryModel)); } catch (InvalidOperationException invalidOpsException) { // sample query with provided id not found return(new JsonResult(invalidOpsException.Message) { StatusCode = StatusCodes.Status404NotFound }); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public async Task <IActionResult> UpdateSampleQueryAsync(string id, [FromBody] SampleQueryModel sampleQueryModel) { try { // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); string categoryName = sampleQueryModel.Category; ClaimsIdentity identity = (ClaimsIdentity)User.Identity; IEnumerable <Claim> claims = identity.Claims; string userPrincipalName = (claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnJwt, StringComparison.OrdinalIgnoreCase)) ?? claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnUriSchema, StringComparison.OrdinalIgnoreCase)))?.Value; // Check if authenticated user is authorized for this action bool isAuthorized = SamplesPolicyService.IsUserAuthorized(policies, userPrincipalName, categoryName, HttpMethods.Put); if (!isAuthorized) { return(new JsonResult( $"{userPrincipalName} is not authorized to update the sample query. Category: '{categoryName}'") { StatusCode = StatusCodes.Status403Forbidden }); } // Get the list of sample queries SampleQueriesList sampleQueriesList = await _samplesStore.FetchSampleQueriesListAsync("en-US"); if (sampleQueriesList.SampleQueries.Count == 0) { return(NotFound()); // List is empty; the sample query being searched is definitely not in an empty list } // Check if the sample query model exists in the list of sample queries bool sampleQueryExists = sampleQueriesList.SampleQueries.Exists(x => x.Id == Guid.Parse(id)); if (!sampleQueryExists) { throw new InvalidOperationException($"No sample query found with id: {id}"); } // Update the provided sample query model into the list of sample queries SampleQueriesList updatedSampleQueriesList = SamplesService.UpdateSampleQueriesList(sampleQueriesList, sampleQueryModel, Guid.Parse(id)); // Get the serialized JSON string of this sample query string updatedSampleQueriesJson = SamplesService.SerializeSampleQueriesList(updatedSampleQueriesList); // Success; return the sample query model object that was just updated return(Ok(sampleQueryModel)); } catch (InvalidOperationException invalidOpsException) { // sample query with provided id not found return(new JsonResult(invalidOpsException.Message) { StatusCode = StatusCodes.Status404NotFound }); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
/// <summary> /// Adds to or updates a <see cref="UserClaim"/> in a target <see cref="CategoryPolicy"/> object. /// </summary> /// <param name="categoryPolicy">The target <see cref="CategoryPolicy"/> object where the <see cref="UserClaim"/> needs to be updated or added into.</param> /// <param name="policies">The list of <see cref="CategoryPolicy"/> where the target <see cref="CategoryPolicy"/> object is contained.</param> /// <returns>The updated list of <see cref="SampleQueriesPolicies"/> /// with the new <see cref="UserClaim"/> added or updated at the target <see cref="CategoryPolicy"/> object.</returns> public static SampleQueriesPolicies ModifyUserClaim(SampleQueriesPolicies policies, CategoryPolicy categoryPolicy) { if (policies == null || policies.CategoryPolicies.Count == 0) { throw new ArgumentNullException(nameof(SampleQueriesPolicies), "The list of policies cannot be null or empty."); } if (categoryPolicy == null) { throw new ArgumentNullException(nameof(CategoryPolicy), "The category policy cannot be null."); } // Search the target category policy from the list of policies CategoryPolicy tempCategoryPolicy = policies.CategoryPolicies.Find(x => x.CategoryName == categoryPolicy.CategoryName); if (tempCategoryPolicy == null) { throw new InvalidOperationException($"The specified category policy doesn't exist: {categoryPolicy.CategoryName}"); } // This will be used later to insert the updated category policy back into the list of policies int tempCategoryPolicyIndex = policies.CategoryPolicies.FindIndex(x => x == tempCategoryPolicy); // Fetch the first user claim from the argument supplied UserClaim userClaim = categoryPolicy.UserClaims.FirstOrDefault(); if (userClaim == null) { throw new ArgumentNullException(nameof(CategoryPolicy), "User claim information missing."); } // Get the location of the provided user claim from the temp. category policy int userClaimIndex = tempCategoryPolicy.UserClaims.FindIndex(x => x.UserPrincipalName == userClaim.UserPrincipalName); // Add new user claim request if (userClaimIndex < 0) { // Check first whether we have default user claim values in the temp. category policy CategoryPolicy defaultCategoryPolicyTemplate = new CategoryPolicy { UserClaims = new List <UserClaim>() { new UserClaim() } }; if (tempCategoryPolicy.UserClaims.First().UserPrincipalName == defaultCategoryPolicyTemplate.UserClaims.First().UserPrincipalName) { /* This is the first claim for this category policy; * clear the default user claim and add the new user claim. */ tempCategoryPolicy.UserClaims.Clear(); tempCategoryPolicy.UserClaims.Add(userClaim); } else // we already have other unique user claim values in this category policy { // Insert the new user claim info. to the end of list of user claims tempCategoryPolicy.UserClaims.Add(userClaim); } } else // Update user claim request { // Update the current index with new user claim info. tempCategoryPolicy.UserClaims.Insert(userClaimIndex, userClaim); // Delete the original user claim pushed to the next index tempCategoryPolicy.UserClaims.RemoveAt(++userClaimIndex); } // Update the modified category policy back into list of policies policies.CategoryPolicies.Insert(tempCategoryPolicyIndex, tempCategoryPolicy); // Delete the original category policy pushed to the next index policies.CategoryPolicies.RemoveAt(++tempCategoryPolicyIndex); return(policies); }
public async Task <IActionResult> DeleteSampleQueryAsync(string id) { try { // Get the list of sample queries SampleQueriesList sampleQueriesList = await _samplesStore.FetchSampleQueriesListAsync("en-US"); // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // Check if the sample query model exists in the list of sample queries bool sampleQueryExists = sampleQueriesList.SampleQueries.Exists(x => x.Id == Guid.Parse(id)); if (!sampleQueryExists) { throw new InvalidOperationException($"No sample query found with id: {id}"); } string categoryName = sampleQueriesList.SampleQueries.Find(x => x.Id == Guid.Parse(id)).Category; ClaimsIdentity identity = (ClaimsIdentity)User.Identity; IEnumerable <Claim> claims = identity.Claims; string userPrincipalName = (claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnJwt, StringComparison.OrdinalIgnoreCase)) ?? claims?.FirstOrDefault(x => x.Type.Equals(Constants.ClaimTypes.UpnUriSchema, StringComparison.OrdinalIgnoreCase)))?.Value; // Check if authenticated user is authorized for this action bool isAuthorized = SamplesPolicyService.IsUserAuthorized(policies, userPrincipalName, categoryName, HttpMethods.Delete); if (!isAuthorized) { return(new JsonResult( $"{userPrincipalName} is not authorized to delete the sample query. Category: '{categoryName}'") { StatusCode = StatusCodes.Status403Forbidden }); } if (sampleQueriesList.SampleQueries.Count == 0) { return(NotFound()); // list is empty; the sample query being searched is definitely not in an empty list } // Remove the sample query with given id from the list of sample queries sampleQueriesList = SamplesService.RemoveSampleQuery(sampleQueriesList, Guid.Parse(id)); // Get the serialized JSON string of the list of sample queries string newSampleQueriesJson = SamplesService.SerializeSampleQueriesList(sampleQueriesList); // Disabled functionality // await _fileUtility.WriteToFile(updatedSampleQueriesJson, _queriesFilePathSource); // Success; no content to return return(new JsonResult("Deleted successfully.") { StatusCode = StatusCodes.Status204NoContent }); } catch (InvalidOperationException invalidOpsException) { // Sample query with provided id not found return(new JsonResult(invalidOpsException.Message) { StatusCode = StatusCodes.Status404NotFound }); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public async Task <IActionResult> DeleteSampleQueryAsync(string id) { try { // Get the list of sample queries SampleQueriesList sampleQueriesList = await GetSampleQueriesListAsync(); // Get the list of policies SampleQueriesPolicies policies = await GetSampleQueriesPoliciesAsync(); // Check if the sample query model exists in the list of sample queries bool sampleQueryExists = sampleQueriesList.SampleQueries.Exists(x => x.Id == Guid.Parse(id)); if (!sampleQueryExists) { throw new InvalidOperationException($"No sample query found with id: {id}"); } string categoryName = sampleQueriesList.SampleQueries.Find(x => x.Id == Guid.Parse(id)).Category; string userPrincipalName = User.Identity.Name; // Check if authenticated user is authorized for this action bool isAuthorized = SamplesPolicyService.IsUserAuthorized(policies, userPrincipalName, categoryName, HttpMethods.Delete); if (!isAuthorized) { return(new JsonResult( $"{userPrincipalName} is not authorized to delete the sample query. Category: '{categoryName}'") { StatusCode = StatusCodes.Status401Unauthorized }); } if (sampleQueriesList.SampleQueries.Count == 0) { return(NotFound()); // list is empty; the sample query being searched is definitely not in an empty list } // Remove the sample query with given id from the list of sample queries sampleQueriesList = SamplesService.RemoveSampleQuery(sampleQueriesList, Guid.Parse(id)); // Get the serialized JSON string of the list of sample queries string newSampleQueriesJson = SamplesService.SerializeSampleQueriesList(sampleQueriesList); // Save the document-readable JSON-styled string to the source file await _fileUtility.WriteToFile(newSampleQueriesJson, _queriesFilePathSource); // Success; no content to return return(new JsonResult("Deleted successfully.") { StatusCode = StatusCodes.Status204NoContent }); } catch (InvalidOperationException invalidOpsException) { // Sample query with provided id not found return(new JsonResult(invalidOpsException.Message) { StatusCode = StatusCodes.Status404NotFound }); } catch (Exception exception) { return(new JsonResult(exception.Message) { StatusCode = StatusCodes.Status500InternalServerError }); } }