public async Task<IActionResult> Get(int userId, [FromHeader] string authorization)
{
try
{
AuthorizationRequirement req = new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Readable
};
WebAuthorizationHandler authHandler = new WebAuthorizationHandler(authorization);
if (!await authHandler.IsValid(IdentityRepo, Request.Method, Request.Path)) { return HttpUnauthorized(); }
if (!await authHandler.FulFill(IdentityRepo, req)) { return HttpUnauthorized(); }
return new ObjectResult(await IdentityRepo.UserManager.FindUser(userId));
}
catch (TokenExtractionException) { return HttpUnauthorized(); }
catch (SimpleIdentityDataNotFoundException) { return HttpUnauthorized(); }
}
public async Task<bool> FulFill(ISimpleIdentityRepository repo, AuthorizationRequirement req)
{
return await req.Fulfill(repo, Token);
}
public async Task<IActionResult> Put(int userId, [FromHeader] string authorization, [FromBody]User user)
{
try
{
AuthorizationRequirement req = new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Editable
};
WebAuthorizationHandler authHandler = new WebAuthorizationHandler(authorization);
if (!await authHandler.IsValid(IdentityRepo, Request.Method, Request.Path, Request.Body)) { return HttpUnauthorized(); }
if (!await authHandler.FulFill(IdentityRepo, req)) { return HttpUnauthorized(); }
if (user.Id != userId) return HttpUnauthorized();
await IdentityRepo.UserManager.UpdateUser(user);
return new NoContentResult();
}
catch (SimpleIdentityUserException) { return HttpUnauthorized(); }
catch (SimpleIdentityDataNotFoundException) { return HttpUnauthorized(); }
catch (SimpleIdentityDataException e) { return HttpBadRequest(new { error = e.Message }); }
}
public async Task<ActionResult> GetAccounts(int userId, [FromHeader] string authorization)
{
try
{
AuthorizationRequirement req = new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Readable
};
WebAuthorizationHandler authHandler = new WebAuthorizationHandler(authorization);
if (!await authHandler.IsValid(IdentityRepo, Request.Method, Request.Path)) { return HttpUnauthorized(); }
if (!await authHandler.FulFill(IdentityRepo, req)) { return HttpUnauthorized(); }
IEnumerable<Account> accounts = await Repo.AccountManager.ListAccounts(userId);
List<Account> readableAccounts = new List<Account>();
foreach (Account account in accounts)
{
List<AuthorizationRequirement> accReqs = new List<AuthorizationRequirement>();
accReqs.Add(new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Full
});
accReqs.Add(new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.Book,
ResourceId = account.Book.Id,
Scopes = Authorization.AuthScopes.Readable
});
accReqs.Add(new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.Account,
ResourceId = account.Id,
Scopes = Authorization.AuthScopes.Readable
});
if (await authHandler.FulFillAny(IdentityRepo, accReqs)) { readableAccounts.Add(account); }
}
return new ObjectResult(readableAccounts.AsEnumerable());
}
catch (TokenExtractionException) { return HttpUnauthorized(); }
}
public async Task<IActionResult> PostBook(int userId, [FromBody] Book book, [FromHeader] string authorization)
{
if (book.UserId != userId) { return HttpUnauthorized(); }
try
{
AuthorizationRequirement req = new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Editable
};
WebAuthorizationHandler authHandler = new WebAuthorizationHandler(authorization);
if (!await authHandler.IsValid(IdentityRepo, Request.Method, Request.Path, Request.Body)) { return HttpUnauthorized(); }
if (!await authHandler.FulFill(IdentityRepo, req)) { return HttpUnauthorized(); }
Book bookCreated = await Repo.BookManager.CreateBook(book);
return CreatedAtRoute("GetBook", new { controller = "books", bookId = bookCreated.Id }, bookCreated);
}
catch (TokenExtractionException) { return HttpUnauthorized(); }
catch (PiggyBankDataNotFoundException) { return HttpUnauthorized(); }
catch (PiggyBankDataException e) { return HttpBadRequest(new { error = e.Message }); }
}
public async Task<IActionResult> GetBooks(int userId, [FromHeader] string authorization)
{
try
{
AuthorizationRequirement req = new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Readable
};
WebAuthorizationHandler authHandler = new WebAuthorizationHandler(authorization);
if (!await authHandler.IsValid(IdentityRepo, Request.Method, Request.Path)) { return HttpUnauthorized(); }
if (!await authHandler.FulFill(IdentityRepo, req)) { return HttpUnauthorized(); }
List<Book> readableBooks = new List<Book>();
IEnumerable<Book> books = await Repo.BookManager.ListBooks(userId);
foreach (Book book in books)
{
List<AuthorizationRequirement> bookReqs = new List<AuthorizationRequirement>();
bookReqs.Add(new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.User,
ResourceId = userId,
Scopes = Authorization.AuthScopes.Full
});
bookReqs.Add(new AuthorizationRequirement
{
AuthResourceType = Authorization.AuthResourceType.Book,
ResourceId = book.Id,
Scopes = Authorization.AuthScopes.Readable
});
if (await authHandler.FulFillAny(IdentityRepo, bookReqs)) { readableBooks.Add(book); }
}
return new ObjectResult(readableBooks.AsEnumerable());
}
catch (TokenExtractionException) { return HttpUnauthorized(); }
catch (PiggyBankDataNotFoundException) { return HttpUnauthorized(); }
}
