public static void Start(IApplicationBuilder app, Func <AuthTokenConfigurationEmbedded> tokenConfig, string hashableEncryptionKey)
{
SignumControllerFactory.RegisterArea(MethodInfo.GetCurrentMethod());
AuthTokenServer.Start(tokenConfig, hashableEncryptionKey);
ReflectionServer.GetContext = () => new
{
Culture = ReflectionServer.GetCurrentValidCulture(),
Role = UserEntity.Current == null ? null : RoleEntity.Current,
};
AuthLogic.OnRulesChanged += () => ReflectionServer.cache.Clear();
if (TypeAuthLogic.IsStarted)
{
ReflectionServer.AddTypeExtension += (ti, t) =>
{
if (typeof(Entity).IsAssignableFrom(t))
{
var ta = UserEntity.Current != null?TypeAuthLogic.GetAllowed(t) : null;
ti.Extension.Add("maxTypeAllowed", ta == null ? TypeAllowedBasic.None : ta.MaxUI());
ti.Extension.Add("minTypeAllowed", ta == null ? TypeAllowedBasic.None : ta.MinUI());
ti.RequiresEntityPack |= ta != null && ta.Conditions.Any();
}
};
EntityPackTS.AddExtension += ep =>
{
var typeAllowed =
UserEntity.Current == null ? TypeAllowedBasic.None :
ep.entity.IsNew ? TypeAuthLogic.GetAllowed(ep.entity.GetType()).MaxUI() :
TypeAuthLogic.IsAllowedFor(ep.entity, TypeAllowedBasic.Write, true) ? TypeAllowedBasic.Write :
TypeAuthLogic.IsAllowedFor(ep.entity, TypeAllowedBasic.Read, true) ? TypeAllowedBasic.Read :
TypeAllowedBasic.None;
ep.extension.Add("typeAllowed", typeAllowed);
};
OperationController.AnyReadonly += (Lite <Entity>[] lites) =>
{
return(lites.GroupBy(ap => ap.EntityType).Any(gr =>
{
var ta = TypeAuthLogic.GetAllowed(gr.Key);
if (ta.Min(inUserInterface: true) == TypeAllowedBasic.Write)
{
return false;
}
if (ta.Max(inUserInterface: true) <= TypeAllowedBasic.Read)
{
return true;
}
return giCountReadonly.GetInvoker(gr.Key)() > 0;
}));
};
}
if (QueryAuthLogic.IsStarted)
{
ReflectionServer.AddTypeExtension += (ti, t) =>
{
if (ti.QueryDefined)
{
ti.Extension.Add("queryAllowed", UserEntity.Current == null ? QueryAllowed.None : QueryAuthLogic.GetQueryAllowed(t));
}
};
ReflectionServer.AddFieldInfoExtension += (mi, fi) =>
{
if (fi.DeclaringType !.Name.EndsWith("Query"))
{
mi.Extension.Add("queryAllowed", UserEntity.Current == null ? QueryAllowed.None : QueryAuthLogic.GetQueryAllowed(fi.GetValue(null) !));
}
};
}
if (PropertyAuthLogic.IsStarted)
{
ReflectionServer.AddPropertyRouteExtension += (mi, pr) =>
{
mi.Extension.Add("propertyAllowed", UserEntity.Current == null ? pr.GetNoUserPropertyAllowed() : pr.GetPropertyAllowed());
};
}
if (OperationAuthLogic.IsStarted)
{
ReflectionServer.AddOperationExtension += (oits, oi, type) =>
{
oits.Extension.Add("operationAllowed",
UserEntity.Current == null ? false :
OperationAuthLogic.GetOperationAllowed(oi.OperationSymbol, type, inUserInterface: true));
};
}
if (PermissionAuthLogic.IsStarted)
{
ReflectionServer.AddFieldInfoExtension += (mi, fi) =>
{
if (fi.FieldType == typeof(PermissionSymbol))
{
mi.Extension.Add("permissionAllowed",
UserEntity.Current == null ? false :
PermissionAuthLogic.IsAuthorized((PermissionSymbol)fi.GetValue(null) !));
}
};
}
var piPasswordHash = ReflectionTools.GetPropertyInfo((UserEntity e) => e.PasswordHash);
var pcs = PropertyConverter.GetPropertyConverters(typeof(UserEntity));
pcs.GetOrThrow("passwordHash").CustomWriteJsonProperty = ctx => { };
pcs.Add("newPassword", new PropertyConverter
{
AvoidValidate = true,
CustomWriteJsonProperty = ctx => { },
CustomReadJsonProperty = ctx =>
{
EntityJsonConverter.AssertCanWrite(ctx.ParentPropertyRoute.Add(piPasswordHash));
var password = (string)ctx.JsonReader.Value !;
var error = UserEntity.OnValidatePassword(password);
if (error != null)
{
throw new ApplicationException(error);
}
((UserEntity)ctx.Entity).PasswordHash = Security.EncodePassword(password);
}
});
public static void Start(IApplicationBuilder app)
{
SignumControllerFactory.RegisterArea(MethodInfo.GetCurrentMethod());
ReflectionServer.RegisterLike(typeof(DiffLogMessage), () => TimeMachinePermission.ShowTimeMachine.IsAuthorized() || TypeAuthLogic.GetAllowed(typeof(OperationLogEntity)).MaxUI() > TypeAllowedBasic.None);
}
