Added grantManager and authentication now uses GrantManager.cs
This commit is contained in:
parent
63b95b7ee6
commit
374b8c64c9
@ -2,42 +2,43 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class ColorAuthentication : IColorAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<ColorAuthentication> _logger;
|
||||
public ColorAuthentication(ILogger<ColorAuthentication> logger, GrantService grantService)
|
||||
public ColorAuthentication(ILogger<ColorAuthentication> logger, IGrantManager grantManager)
|
||||
{
|
||||
_logger = logger;
|
||||
_grantService = grantService;
|
||||
_grantManager = grantManager;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ColorGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, ColorGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(Color model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ColorGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, ColorGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, ColorGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, ColorGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(ColorDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ColorGrantNames.CanAdd);
|
||||
return _grantManager.hasGrant(user.permissionId, ColorGrantNames.CanAdd);
|
||||
}
|
||||
public bool canUpdate(Color model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ColorGrantNames.CanUpdateAny) ||
|
||||
_grantService.getULongValues(user.permissionId, ColorGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, ColorGrantNames.CanUpdateAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, ColorGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canDelete(Color model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ColorGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, ColorGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, ColorGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, ColorGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,43 +2,44 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class EventAuthentication : IEventAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<EventAuthentication> _logger;
|
||||
|
||||
public EventAuthentication(GrantService grantService, ILogger<EventAuthentication> logger)
|
||||
public EventAuthentication(IGrantManager grantManager, ILogger<EventAuthentication> logger)
|
||||
{
|
||||
_grantService = grantService;
|
||||
_grantManager = grantManager;
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, EventGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, EventGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(Event model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, EventGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, EventGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, EventGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, EventGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(EventDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, EventGrantNames.CanAdd);
|
||||
return _grantManager.hasGrant(user.permissionId, EventGrantNames.CanAdd);
|
||||
}
|
||||
public bool canUpdate(Event model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, EventGrantNames.CanUpdateAny) ||
|
||||
_grantService.getULongValues(user.permissionId, EventGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, EventGrantNames.CanUpdateAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, EventGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canDelete(Event model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, EventGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, EventGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, EventGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, EventGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,34 +2,35 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class GrantAuthentication : IGrantAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<GrantAuthentication> _logger;
|
||||
|
||||
public GrantAuthentication(GrantService grantService, ILogger<GrantAuthentication> logger)
|
||||
public GrantAuthentication(IGrantManager grantManager, ILogger<GrantAuthentication> logger)
|
||||
{
|
||||
_grantService = grantService;
|
||||
_grantManager = grantManager;
|
||||
_logger = logger;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(Grant model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, GrantGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, GrantGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(GrantDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanAdd) &&
|
||||
_grantService.hasGrant(user.permissionId, item.name);
|
||||
return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanAdd) &&
|
||||
_grantManager.hasGrant(user.permissionId, item.name);
|
||||
}
|
||||
public bool canUpdate(Grant model, User user)
|
||||
{
|
||||
@ -38,9 +39,9 @@ namespace API.Authentication
|
||||
}
|
||||
public bool canDelete(Grant model, User user)
|
||||
{
|
||||
return (_grantService.hasGrant(user.permissionId, GrantGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id))
|
||||
&& _grantService.hasGrant(user.permissionId, model.name);
|
||||
return (_grantManager.hasGrant(user.permissionId, GrantGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id))
|
||||
&& _grantManager.hasGrant(user.permissionId, model.name);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,42 +2,43 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class ImageAuthentication : IImageAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<ImageAuthentication> _logger;
|
||||
public ImageAuthentication(ILogger<ImageAuthentication> logger, GrantService grantService)
|
||||
public ImageAuthentication(ILogger<ImageAuthentication> logger, IGrantManager grantManager)
|
||||
{
|
||||
_logger = logger;
|
||||
_grantService = grantService;
|
||||
_grantManager = grantManager;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ImageGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, ImageGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(Image model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ImageGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, ImageGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, ImageGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, ImageGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(ImageDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ImageGrantNames.CanAdd);
|
||||
return _grantManager.hasGrant(user.permissionId, ImageGrantNames.CanAdd);
|
||||
}
|
||||
public bool canUpdate(Image model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ImageGrantNames.CanUpdateAny) ||
|
||||
_grantService.getULongValues(user.permissionId, ImageGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, ImageGrantNames.CanUpdateAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, ImageGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canDelete(Image model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, ImageGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, ImageGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, ImageGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, ImageGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,42 +2,43 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class PermissionAuthentication : IPermissionAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<PermissionAuthentication> _logger;
|
||||
public PermissionAuthentication(ILogger<PermissionAuthentication> logger, GrantService grantService)
|
||||
public PermissionAuthentication(ILogger<PermissionAuthentication> logger, IGrantManager grantManager)
|
||||
{
|
||||
_logger = logger;
|
||||
_grantService = grantService;
|
||||
_grantManager = grantManager;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(Permission model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, PermissionGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, PermissionGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(PermissionDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanAdd);
|
||||
return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanAdd);
|
||||
}
|
||||
public bool canUpdate(Permission model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanUpdateAny) ||
|
||||
_grantService.getULongValues(user.permissionId, PermissionGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanUpdateAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, PermissionGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canDelete(Permission model, User user)
|
||||
{
|
||||
return (_grantService.hasGrant(user.permissionId, PermissionGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, PermissionGrantNames.CanDelete).Exists(x => x == model.id))
|
||||
return (_grantManager.hasGrant(user.permissionId, PermissionGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, PermissionGrantNames.CanDelete).Exists(x => x == model.id))
|
||||
&& model.id != user.permissionId;
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,42 +2,43 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class SavedEventAuthentication : ISavedEventAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<SavedEventAuthentication> _logger;
|
||||
public SavedEventAuthentication(ILogger<SavedEventAuthentication> logger, GrantService grantService)
|
||||
public SavedEventAuthentication(ILogger<SavedEventAuthentication> logger, IGrantManager grantManager)
|
||||
{
|
||||
_logger = logger;
|
||||
_grantService = grantService;
|
||||
_grantManager = grantManager;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, SavedEventGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, SavedEventGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(SavedEvent model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, SavedEventGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, SavedEventGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, SavedEventGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, SavedEventGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(SavedEventDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, SavedEventGrantNames.CanAdd);
|
||||
return _grantManager.hasGrant(user.permissionId, SavedEventGrantNames.CanAdd);
|
||||
}
|
||||
public bool canUpdate(SavedEvent model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, SavedEventGrantNames.CanUpdateAny) ||
|
||||
_grantService.getULongValues(user.permissionId, SavedEventGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, SavedEventGrantNames.CanUpdateAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, SavedEventGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canDelete(SavedEvent model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, SavedEventGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, SavedEventGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, SavedEventGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, SavedEventGrantNames.CanDelete).Exists(x => x == model.id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,45 +2,44 @@ using API.Authentication.GrantNames;
|
||||
using API.Authentication.Interfaces;
|
||||
using API.DTO.Base;
|
||||
using API.Services;
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Models;
|
||||
|
||||
namespace API.Authentication
|
||||
{
|
||||
public class UserAuthentication : IUserAuthentication
|
||||
{
|
||||
private readonly GrantService _grantService;
|
||||
private readonly IGrantManager _grantManager;
|
||||
private readonly ILogger<UserAuthentication> _logger;
|
||||
private readonly UserService _userService;
|
||||
public UserAuthentication(ILogger<UserAuthentication> logger, GrantService grantService, UserService userService)
|
||||
public UserAuthentication(ILogger<UserAuthentication> logger, IGrantManager grantManager)
|
||||
{
|
||||
_logger = logger;
|
||||
_grantService = grantService;
|
||||
_userService = userService;
|
||||
_grantManager = grantManager;
|
||||
}
|
||||
|
||||
public bool canGetAll(User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, UserGrantNames.CanGetAll);
|
||||
return _grantManager.hasGrant(user.permissionId, UserGrantNames.CanGetAll);
|
||||
}
|
||||
public bool canGet(User model, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, UserGrantNames.CanGetAny) ||
|
||||
_grantService.getULongValues(user.permissionId, UserGrantNames.CanGet).Exists(x => x == model.id);
|
||||
return _grantManager.hasGrant(user.permissionId, UserGrantNames.CanGetAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, UserGrantNames.CanGet).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canAdd(UserDTO item, User user)
|
||||
{
|
||||
return _grantService.hasGrant(user.permissionId, UserGrantNames.CanAdd);
|
||||
return _grantManager.hasGrant(user.permissionId, UserGrantNames.CanAdd);
|
||||
}
|
||||
|
||||
// todo this needs to be made much better
|
||||
public bool canUpdate(User model, User user)
|
||||
{
|
||||
User origUser;
|
||||
User origUser = user;
|
||||
if (model.id == user.id)
|
||||
{
|
||||
if (!_grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdateSelf)
|
||||
|| !_grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdateAny)
|
||||
|| !_grantService.getULongValues(user.permissionId, UserGrantNames.CanUpdate).Exists(x => x == model.id)
|
||||
if (!_grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdateSelf)
|
||||
|| !_grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdateAny)
|
||||
|| !_grantManager.getULongValues(user.permissionId, UserGrantNames.CanUpdate).Exists(x => x == model.id)
|
||||
)
|
||||
return false;
|
||||
|
||||
@ -49,38 +48,38 @@ namespace API.Authentication
|
||||
return false;
|
||||
origUser = user;
|
||||
}
|
||||
else
|
||||
{
|
||||
origUser = _userService.getNoAuthentication(model.id) ?? throw new InvalidOperationException("Model is null.");
|
||||
}
|
||||
// else
|
||||
// {
|
||||
// origUser = _userService.getNoAuthentication(model.id) ?? throw new InvalidOperationException("Model is null.");
|
||||
// }
|
||||
|
||||
if (origUser.permissionId != model.permissionId)
|
||||
{
|
||||
if (!_grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdatePermission))
|
||||
if (!_grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdatePermission))
|
||||
return false;
|
||||
}
|
||||
|
||||
if (origUser.firstName != user.firstName || origUser.lastName != user.lastName)
|
||||
{
|
||||
if (!_grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdateNames))
|
||||
if (!_grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdateNames))
|
||||
return false;
|
||||
}
|
||||
|
||||
if (origUser.phoneNumber != user.phoneNumber)
|
||||
{
|
||||
if (!_grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdatePhoneNumber))
|
||||
if (!_grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdatePhoneNumber))
|
||||
return false;
|
||||
}
|
||||
|
||||
return _grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdateAny)
|
||||
return _grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdateAny)
|
||||
|| model.id == user.id &&
|
||||
_grantService.hasGrant(user.permissionId, UserGrantNames.CanUpdateSelf)
|
||||
|| _grantService.getULongValues(user.permissionId, UserGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
_grantManager.hasGrant(user.permissionId, UserGrantNames.CanUpdateSelf)
|
||||
|| _grantManager.getULongValues(user.permissionId, UserGrantNames.CanUpdate).Exists(x => x == model.id);
|
||||
}
|
||||
public bool canDelete(User model, User user)
|
||||
{
|
||||
return (_grantService.hasGrant(user.permissionId, UserGrantNames.CanDeleteAny) ||
|
||||
_grantService.getULongValues(user.permissionId, UserGrantNames.CanDelete).Exists(x => x == model.id))
|
||||
return (_grantManager.hasGrant(user.permissionId, UserGrantNames.CanDeleteAny) ||
|
||||
_grantManager.getULongValues(user.permissionId, UserGrantNames.CanDelete).Exists(x => x == model.id))
|
||||
&& model.id != user.id;
|
||||
}
|
||||
}
|
||||
|
||||
@ -15,8 +15,23 @@ using InvalidOperationException = System.InvalidOperationException;
|
||||
|
||||
namespace API
|
||||
{
|
||||
internal class Program
|
||||
internal static class Program
|
||||
{
|
||||
public static IServiceCollection AddLazyResolution(this IServiceCollection services)
|
||||
{
|
||||
return services.AddTransient(
|
||||
typeof(Lazy<>),
|
||||
typeof(LazilyResolved<>));
|
||||
}
|
||||
|
||||
private class LazilyResolved<T> : Lazy<T>
|
||||
{
|
||||
public LazilyResolved(IServiceProvider serviceProvider)
|
||||
: base(serviceProvider.GetRequiredService<T>)
|
||||
{
|
||||
}
|
||||
}
|
||||
|
||||
public static void Main(string[] args)
|
||||
{
|
||||
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
|
||||
@ -58,12 +73,15 @@ namespace API
|
||||
builder.Services.AddTransient<IGrantAuthentication, GrantAuthentication>();
|
||||
builder.Services.AddTransient<IImageAuthentication, ImageAuthentication>();
|
||||
builder.Services.AddTransient<IColorAuthentication, ColorAuthentication>();
|
||||
builder.Services.AddTransient<IColorAuthentication, ColorAuthentication>();
|
||||
builder.Services.AddTransient<IPermissionAuthentication, PermissionAuthentication>();
|
||||
builder.Services.AddTransient<ISavedEventAuthentication, SavedEventAuthentication>();
|
||||
builder.Services.AddTransient<IUserAuthentication, UserAuthentication>();
|
||||
|
||||
builder.Services.AddTransient<IHashingFactory, HashingFactory>();
|
||||
|
||||
builder.Services.AddTransient<IHashingAlgorithm, Pbkdf2>();
|
||||
|
||||
builder.Services.AddTransient<IGrantManager, GrantManager>();
|
||||
builder.Services.AddTransient<IUserManager, UserManager>(options =>
|
||||
{
|
||||
UserService userService = options.GetRequiredService<UserService>();
|
||||
@ -79,6 +97,7 @@ namespace API
|
||||
|
||||
|
||||
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
|
||||
builder.Services.AddLazyResolution();
|
||||
|
||||
WebApplication app = builder.Build();
|
||||
|
||||
|
||||
85
API/Services/GrantManager.cs
Normal file
85
API/Services/GrantManager.cs
Normal file
@ -0,0 +1,85 @@
|
||||
using API.Services.Interfaces;
|
||||
using DAL.Contexts;
|
||||
using DAL.Models;
|
||||
using System.Linq.Expressions;
|
||||
|
||||
namespace API.Services
|
||||
{
|
||||
public class GrantManager : IGrantManager
|
||||
{
|
||||
private ILogger<GrantManager> _logger;
|
||||
private SASGContext _context;
|
||||
|
||||
public GrantManager(ILogger<GrantManager> logger, SASGContext context)
|
||||
{
|
||||
_logger = logger;
|
||||
_context = context;
|
||||
}
|
||||
|
||||
private IEnumerable<Grant> getGrant(Expression<Func<Grant, bool>> whereClause)
|
||||
{
|
||||
return _context.Set<Grant>().Where(whereClause);
|
||||
}
|
||||
|
||||
public bool hasGrant(ulong permissionId, string grantName)
|
||||
{
|
||||
return getGrant(x => x.permissionId == permissionId && x.name.Equals(grantName)).Any();
|
||||
}
|
||||
|
||||
public List<string> getValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<Grant> grants = getGrant(x => x.permissionId == permissionId && x.name.StartsWith(grantName + ".")).ToList();
|
||||
|
||||
List<string> values = [];
|
||||
foreach (Grant grant in grants)
|
||||
{
|
||||
string value = grant.name.Substring(grantName.Length);
|
||||
if (value.Contains('.'))
|
||||
// Were not looking at a value and instead another grant
|
||||
continue;
|
||||
|
||||
values.Add(value);
|
||||
}
|
||||
|
||||
return values;
|
||||
}
|
||||
|
||||
public List<string> getStringValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<string> values = getValues(permissionId, grantName);
|
||||
|
||||
// Get rid of numbers
|
||||
values = values.Where(x => !Int32.TryParse(x, out int _)).ToList();
|
||||
|
||||
return values;
|
||||
}
|
||||
|
||||
public List<int> getIntValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<string> values = getValues(permissionId, grantName);
|
||||
List<int> intValues = [];
|
||||
|
||||
Parallel.ForEach(values, x =>
|
||||
{
|
||||
if (Int32.TryParse(x, out int parsed))
|
||||
intValues.Add(parsed);
|
||||
});
|
||||
|
||||
return intValues;
|
||||
}
|
||||
|
||||
public List<ulong> getULongValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<string> values = getValues(permissionId, grantName);
|
||||
List<ulong> uLongValues = [];
|
||||
|
||||
Parallel.ForEach(values, x =>
|
||||
{
|
||||
if (UInt64.TryParse(x, out ulong parsed))
|
||||
uLongValues.Add(parsed);
|
||||
});
|
||||
|
||||
return uLongValues;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -11,66 +11,5 @@ namespace API.Services
|
||||
public GrantService(ILogger<GrantService> logger, SASGContext context, IGrantAuthentication auth) : base(logger, context, auth)
|
||||
{
|
||||
}
|
||||
|
||||
public bool hasGrant(ulong permissionId, string grantName)
|
||||
{
|
||||
return getNoAuthentication(x => x.permissionId == permissionId && x.name.Equals(grantName)).Any();
|
||||
}
|
||||
|
||||
public List<string> getValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<Grant> grants = getNoAuthentication(x => x.permissionId == permissionId && x.name.StartsWith(grantName + ".")).ToList();
|
||||
|
||||
List<string> values = [];
|
||||
foreach (Grant grant in grants)
|
||||
{
|
||||
string value = grant.name.Substring(grantName.Length);
|
||||
if (value.Contains('.'))
|
||||
// Were not looking at a value and instead another grant
|
||||
continue;
|
||||
|
||||
values.Add(value);
|
||||
}
|
||||
|
||||
return values;
|
||||
}
|
||||
|
||||
public List<string> getStringValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<string> values = getValues(permissionId, grantName);
|
||||
|
||||
// Get rid of numbers
|
||||
values = values.Where(x => !Int32.TryParse(x, out int _)).ToList();
|
||||
|
||||
return values;
|
||||
}
|
||||
|
||||
public List<int> getIntValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<string> values = getValues(permissionId, grantName);
|
||||
List<int> intValues = [];
|
||||
|
||||
Parallel.ForEach(values, x =>
|
||||
{
|
||||
if (Int32.TryParse(x, out int parsed))
|
||||
intValues.Add(parsed);
|
||||
});
|
||||
|
||||
return intValues;
|
||||
}
|
||||
|
||||
public List<ulong> getULongValues(ulong permissionId, string grantName)
|
||||
{
|
||||
List<string> values = getValues(permissionId, grantName);
|
||||
List<ulong> uLongValues = [];
|
||||
|
||||
Parallel.ForEach(values, x =>
|
||||
{
|
||||
if (UInt64.TryParse(x, out ulong parsed))
|
||||
uLongValues.Add(parsed);
|
||||
});
|
||||
|
||||
return uLongValues;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
11
API/Services/Interfaces/IGrantManager.cs
Normal file
11
API/Services/Interfaces/IGrantManager.cs
Normal file
@ -0,0 +1,11 @@
|
||||
namespace API.Services.Interfaces
|
||||
{
|
||||
public interface IGrantManager
|
||||
{
|
||||
public bool hasGrant(ulong permissionId, string grantName);
|
||||
public List<string> getValues(ulong permissionId, string grantName);
|
||||
public List<string> getStringValues(ulong permissionId, string grantName);
|
||||
public List<int> getIntValues(ulong permissionId, string grantName);
|
||||
public List<ulong> getULongValues(ulong permissionId, string grantName);
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user