Skip to content

Commit

Permalink
Fix unique identity permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@Ali-YousefiTelori
Ali-YousefiTelori committed Jan 1, 2024
1 parent 19d67d9 commit 7f2ba73
Show file tree
Hide file tree
Showing 10 changed files with 118 additions and 117 deletions.
13 changes: 7 additions & 6 deletions src/CSharp/EasyMicroservices.Cores.AspCore.Tests/Security/UniqueIdentityTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,14 +54,15 @@ public async Task<long> AddAsync(string roleName, string controller, string meth
}

[Theory]
[InlineData("Owner", "User", "Update", "1-2", "1-2", "{}", true)]
[InlineData("Owner", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""1-2-3-4""}", true)]
[InlineData("Owner", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""3-4""}", false)]
[InlineData("Moderator", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""1-2""}", true)]
public async Task UpdateAsync(string roleName, string controller, string method, string fromUniqueIdentity, string toUniqueIdentity, string data, bool canHaveAccess)
[InlineData("Owner", "User", "Update", "1-2", "1-2", "{}", "{}", true)]
[InlineData("Owner", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""1-2-3-4""}", @"{""UniqueIdentity"":""1-2-3-4""}", true)]
[InlineData("Owner", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""3-4""}", @"{""UniqueIdentity"":""3-4""}", true)]
[InlineData("Moderator", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""1-2""}", @"{""UniqueIdentity"":""1-2""}", true)]
//[InlineData("Moderator", "User", "Update", "1-2", "1-2", @"{""UniqueIdentity"":""1-2""}", @"{""UniqueIdentity"":""3-4""}", false)]
public async Task UpdateAsync(string roleName, string controller, string method, string fromUniqueIdentity, string toUniqueIdentity, string addData, string data, bool canHaveAccess)
{
var model = JsonSerializer.Deserialize<DataModel>(data);
model.Id = await AddAsync(roleName, controller, "Add", fromUniqueIdentity, data, true);
model.Id = await AddAsync(roleName, controller, "Add", fromUniqueIdentity, addData, true);
model.UserName = Guid.NewGuid().ToString();
HttpClient currentHttpClient = new HttpClient();
await Login(currentHttpClient, roleName, fromUniqueIdentity);
Expand Down
2 changes: 1 addition & 1 deletion src/CSharp/EasyMicroservices.Cores.AspCoreApi/EasyMicroservices.Cores.AspCoreApi.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
<Platforms>AnyCPU;x64;x86</Platforms>
<Authors>EasyMicroservices</Authors>
<Version>0.0.0.92</Version>
<Version>0.0.0.93</Version>
<Description>asp core servces.</Description>
<Copyright>[email protected]</Copyright>
<PackageTags>core,cores,base,database,services,asp,aspnet</PackageTags>
Expand Down
2 changes: 1 addition & 1 deletion ....Cores.AspEntityFrameworkCoreApi/EasyMicroservices.Cores.AspEntityFrameworkCoreApi.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<TargetFrameworks>net6.0;net7.0;net8.0</TargetFrameworks>
<Platforms>AnyCPU;x64;x86</Platforms>
<Authors>EasyMicroservices</Authors>
<Version>0.0.0.92</Version>
<Version>0.0.0.93</Version>
<Description>asp core servces.</Description>
<Copyright>[email protected]</Copyright>
<PackageTags>core,cores,base,database,services,asp,aspnet,aspcore,efcore</PackageTags>
Expand Down
2 changes: 1 addition & 1 deletion src/CSharp/EasyMicroservices.Cores.Clients/EasyMicroservices.Cores.Clients.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<TargetFrameworks>netstandard2.0;netstandard2.1;net6.0;net8.0</TargetFrameworks>
<Platforms>AnyCPU;x64;x86</Platforms>
<Authors>EasyMicroservices</Authors>
<Version>0.0.0.92</Version>
<Version>0.0.0.93</Version>
<Description>core of database.</Description>
<Copyright>[email protected]</Copyright>
<PackageTags>core,cores,base,client,clients</PackageTags>
Expand Down
2 changes: 1 addition & 1 deletion src/CSharp/EasyMicroservices.Cores.Contracts/EasyMicroservices.Cores.Contracts.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<TargetFrameworks>netstandard2.0;netstandard2.1;net45;net6.0;net8.0</TargetFrameworks>
<Platforms>AnyCPU;x64;x86</Platforms>
<Authors>EasyMicroservices</Authors>
<Version>0.0.0.92</Version>
<Version>0.0.0.93</Version>
<Description>core contracts.</Description>
<Copyright>[email protected]</Copyright>
<PackageTags>core,cores,base,contract,contracts,dto,dtos</PackageTags>
Expand Down
43 changes: 21 additions & 22 deletions src/CSharp/EasyMicroservices.Cores.Database/Database/Logics/DatabaseLogicInfrastructure.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,22 +100,12 @@ private async Task<MessageContract> HasUniqueIdentityPermission<TEntity>(string
private async Task<IEasyReadableQueryableAsync<TEntity>> UniqueIdentityQueryMaker<TEntity>(IEasyReadableQueryableAsync<TEntity> easyReadableQueryable, string uniqueIdentity, GetUniqueIdentityType type)
where TEntity : class
{
bool hasUniqueIdentityRole = await _baseUnitOfWork.HasUniqueIdentityRole();
if (!typeof(IUniqueIdentitySchema).IsAssignableFrom(typeof(TEntity)))
{
if (!hasUniqueIdentityRole)
((MessageContract)(FailedReasonType.AccessDenied, $"type of {typeof(TEntity)} is not inheritance from IUniqueIdentitySchema and user has no UniqueIdentityRole access!")).ThrowsIfFails();
else
return easyReadableQueryable;
}
var uniqueIdentityManager = await GetIUniqueIdentityManager();
var currentUserUniqueIdentity = await _baseUnitOfWork.GetCurrentUserUniqueIdentity();
await HasUniqueIdentityPermission<TEntity>(uniqueIdentity).AsCheckedResult();
if (uniqueIdentity.IsNullOrEmpty())
uniqueIdentity = currentUserUniqueIdentity;
else if (!hasUniqueIdentityRole && DefaultUniqueIdentityManager.CutUniqueIdentityFromEnd(uniqueIdentity, 2) != DefaultUniqueIdentityManager.CutUniqueIdentityFromEnd(currentUserUniqueIdentity, 2))
((MessageContract)(FailedReasonType.AccessDenied, "UniqueIdentity access level error!")).ThrowsIfFails();
if (uniqueIdentity.IsNullOrEmpty() && hasUniqueIdentityRole)
return easyReadableQueryable;
var uniqueIdentityManager = await GetIUniqueIdentityManager();
var currentUserUniqueIdentity = await _baseUnitOfWork.GetCurrentUserUniqueIdentity();

IEasyReadableQueryableAsync<TEntity> queryable = easyReadableQueryable;
if (!uniqueIdentityManager.IsUniqueIdentityForThisTable<TEntity>(easyReadableQueryable.Context, uniqueIdentity))
uniqueIdentity += "-";
Expand Down Expand Up @@ -148,8 +138,11 @@ private async Task<IEasyReadableQueryableAsync<TEntity>> UniqueIdentityQueryMake
private async Task<IEasyReadableQueryableAsync<TEntity>> SetTheUserUniqueIdentityToQuery<TEntity>(IEasyReadableQueryableAsync<TEntity> easyReadableQueryable)
where TEntity : class
{
var currentUserUniqueIdentity = await _baseUnitOfWork.GetCurrentUserUniqueIdentity();
return await UniqueIdentityQueryMaker(easyReadableQueryable, currentUserUniqueIdentity, GetUniqueIdentityType.All);
var uniqueIdentityPermission = await HasUniqueIdentityPermission<TEntity>(null);
string uniqueIdentity = default;
if (!uniqueIdentityPermission)
uniqueIdentity = await _baseUnitOfWork.GetCurrentUserUniqueIdentity();
return await UniqueIdentityQueryMaker(easyReadableQueryable, uniqueIdentity, GetUniqueIdentityType.All);
}

#region Get one
Expand Down Expand Up @@ -226,9 +219,6 @@ public async Task<MessageContract<TEntity>> GetBy<TEntity>(IEasyReadableQueryabl
public async Task<MessageContract<TContract>> GetBy<TEntity, TContract, TId>(IEasyReadableQueryableAsync<TEntity> easyReadableQueryable, GetByRequestContract<TId> request, Func<IEasyReadableQueryableAsync<TEntity>, IEasyReadableQueryableAsync<TEntity>> query = default, CancellationToken cancellationToken = default)
where TEntity : class
{
var uniqueIdentityPermission = await HasUniqueIdentityPermission<TEntity>(request.UniqueIdentity);
if (!uniqueIdentityPermission)
return uniqueIdentityPermission.ToContract<TContract>();
if (!request.Id.Equals(default(TId)))
{
easyReadableQueryable = easyReadableQueryable.ConvertToReadable(easyReadableQueryable.Where(x => ((IIdSchema<TId>)x).Id.Equals(request.Id)));
Expand All @@ -237,6 +227,12 @@ public async Task<MessageContract<TContract>> GetBy<TEntity, TContract, TId>(IEa
{
easyReadableQueryable = await UniqueIdentityQueryMaker(easyReadableQueryable, request.UniqueIdentity, request.UniqueIdentityType ?? GetUniqueIdentityType.All);
}
else
{
var uniqueIdentityPermission = await HasUniqueIdentityPermission<TEntity>(request.UniqueIdentity);
if (!uniqueIdentityPermission)
return uniqueIdentityPermission.ToContract<TContract>();
}
var entityResult = await GetBy(easyReadableQueryable, query, false, cancellationToken);
if (!entityResult)
return entityResult.ToContract<TContract>();
Expand Down Expand Up @@ -352,13 +348,16 @@ public async Task<MessageContract<TContract>> GetByUniqueIdentity<TEntity, TCont
where TEntity : class
where TContract : class
{
var uniqueIdentityPermission = await HasUniqueIdentityPermission<TEntity>(request.UniqueIdentity);
if (!uniqueIdentityPermission)
return uniqueIdentityPermission.ToContract<TContract>();
if (request.UniqueIdentity.HasValue() && typeof(IUniqueIdentitySchema).IsAssignableFrom(typeof(TEntity)))
{
easyReadableQueryable = await UniqueIdentityQueryMaker(easyReadableQueryable, request.UniqueIdentity, type);
}
else
{
var uniqueIdentityPermission = await HasUniqueIdentityPermission<TEntity>(request.UniqueIdentity);
if (!uniqueIdentityPermission)
return uniqueIdentityPermission.ToContract<TContract>();
}
var entityResult = await GetBy(easyReadableQueryable, query, false, cancellationToken);
if (!entityResult)
return entityResult.ToContract<TContract>();
Expand Down
Loading

0 comments on commit 7f2ba73

Please sign in to comment.