From 26448c670ea364121311cfcca73814f4be8c169f Mon Sep 17 00:00:00 2001 From: Halil ibrahim Kalkan Date: Sun, 3 Jun 2018 02:05:55 +0300 Subject: [PATCH] Crud app service base authorization control changes. --- .../AbpAuthorizationServiceExtensions.cs | 47 ++++++++++++++++++- .../Services/ApplicationService.cs | 33 +++++++++++++ .../Services/AsyncCrudAppService.cs | 40 +++++++++++++--- .../Application/Services/CrudAppService.cs | 36 ++++++++++++-- .../Services/CrudAppServiceBase.cs | 44 +++-------------- 5 files changed, 148 insertions(+), 52 deletions(-) diff --git a/src/Volo.Abp.Authorization/Microsoft/AspNetCore/Authorization/AbpAuthorizationServiceExtensions.cs b/src/Volo.Abp.Authorization/Microsoft/AspNetCore/Authorization/AbpAuthorizationServiceExtensions.cs index 8ddbc4fe72..a4cbb27da5 100644 --- a/src/Volo.Abp.Authorization/Microsoft/AspNetCore/Authorization/AbpAuthorizationServiceExtensions.cs +++ b/src/Volo.Abp.Authorization/Microsoft/AspNetCore/Authorization/AbpAuthorizationServiceExtensions.cs @@ -1,15 +1,39 @@ using System.Collections.Generic; +using System.Security.Claims; using System.Threading.Tasks; using Volo.Abp; using Volo.Abp.Authorization; +using Volo.Abp.Threading; namespace Microsoft.AspNetCore.Authorization { + // TODO: Complete all Sync extension methods! public static class AbpAuthorizationServiceExtensions { + public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, ClaimsPrincipal user, object resource, string policyName) + { + return AsyncHelper.RunSync(() => authorizationService.AuthorizeAsync(user, resource, policyName)); + } + + public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, ClaimsPrincipal user, object resource, IEnumerable requirements) + { + return AsyncHelper.RunSync(() => authorizationService.AuthorizeAsync(user, resource, requirements)); + } + public static Task AuthorizeAsync(this IAuthorizationService authorizationService, string policyName) { - return AuthorizeAsync(authorizationService, authorizationService.AsAbpAuthorizationService().CurrentPrincipal, + return AuthorizeAsync( + authorizationService, + authorizationService.AsAbpAuthorizationService().CurrentPrincipal, + policyName + ); + } + + public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, string policyName) + { + return Authorize( + authorizationService, + authorizationService.AsAbpAuthorizationService().CurrentPrincipal, policyName ); } @@ -56,12 +80,26 @@ namespace Microsoft.AspNetCore.Authorization policyName ); } - + + public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, object resource, string policyName) + { + return authorizationService.Authorize( + authorizationService.AsAbpAuthorizationService().CurrentPrincipal, + resource, + policyName + ); + } + public static async Task IsGrantedAsync(this IAuthorizationService authorizationService, string policyName) { return (await authorizationService.AuthorizeAsync(policyName)).Succeeded; } + public static bool IsGranted(this IAuthorizationService authorizationService, string policyName) + { + return authorizationService.Authorize(policyName).Succeeded; + } + public static async Task IsGrantedAsync(this IAuthorizationService authorizationService, object resource, IAuthorizationRequirement requirement) { return (await authorizationService.AuthorizeAsync(resource, requirement)).Succeeded; @@ -95,6 +133,11 @@ namespace Microsoft.AspNetCore.Authorization } } + public static void Check(this IAuthorizationService authorizationService, string policyName) + { + AsyncHelper.RunSync(() => authorizationService.CheckAsync(policyName)); + } + public static async Task CheckAsync(this IAuthorizationService authorizationService, object resource, IAuthorizationRequirement requirement) { if (!await authorizationService.IsGrantedAsync(resource, requirement)) diff --git a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/ApplicationService.cs b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/ApplicationService.cs index 85d0e74786..8d720363c5 100644 --- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/ApplicationService.cs +++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/ApplicationService.cs @@ -1,9 +1,12 @@ using System; using System.Collections.Generic; +using System.Threading.Tasks; +using JetBrains.Annotations; using Microsoft.AspNetCore.Authorization; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging.Abstractions; using Volo.Abp.Aspects; +using Volo.Abp.Authorization; using Volo.Abp.Guids; using Volo.Abp.MultiTenancy; using Volo.Abp.ObjectMapping; @@ -47,5 +50,35 @@ namespace Volo.Abp.Application.Services { GuidGenerator = SimpleGuidGenerator.Instance; } + + /// + /// Checks for given . + /// Throws if given policy has not been granted. + /// + /// The policy name. This method does nothing if given is null or empty. + protected virtual async Task CheckPolicyAsync([CanBeNull] string policyName) + { + if (string.IsNullOrEmpty(policyName)) + { + return; + } + + await AuthorizationService.CheckAsync(policyName); + } + + /// + /// Checks for given . + /// Throws if given policy has not been granted. + /// + /// The policy name. This method does nothing if given is null or empty. + protected virtual void CheckPolicy([CanBeNull] string policyName) + { + if (string.IsNullOrEmpty(policyName)) + { + return; + } + + AuthorizationService.Check(policyName); + } } } \ No newline at end of file diff --git a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/AsyncCrudAppService.cs b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/AsyncCrudAppService.cs index 108b73b1ba..0a86870bb2 100644 --- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/AsyncCrudAppService.cs +++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/AsyncCrudAppService.cs @@ -1,5 +1,6 @@ using System.Linq; using System.Threading.Tasks; +using Microsoft.AspNetCore.Authorization; using Volo.Abp.Application.Dtos; using Volo.Abp.Domain.Entities; using Volo.Abp.Domain.Repositories; @@ -61,7 +62,7 @@ namespace Volo.Abp.Application.Services public virtual async Task GetAsync(TKey id) { - CheckGetPermission(); + await CheckGetPolicyAsync(); var entity = await GetEntityByIdAsync(id); return MapToEntityDto(entity); @@ -69,7 +70,7 @@ namespace Volo.Abp.Application.Services public virtual async Task> GetListAsync(TGetAllInput input) { - CheckGetAllPermission(); + await CheckGetAllPolicyAsync(); var query = CreateFilteredQuery(input); @@ -88,7 +89,7 @@ namespace Volo.Abp.Application.Services public virtual async Task CreateAsync(TCreateInput input) { - CheckCreatePermission(); + await CheckCreatePolicyAsync(); var entity = MapToEntity(input); @@ -100,7 +101,7 @@ namespace Volo.Abp.Application.Services public virtual async Task UpdateAsync(TKey id, TUpdateInput input) { - CheckUpdatePermission(); + await CheckUpdatePolicyAsync(); var entity = await GetEntityByIdAsync(id); @@ -112,16 +113,41 @@ namespace Volo.Abp.Application.Services return MapToEntityDto(entity); } - public virtual Task DeleteAsync(TKey id) + public virtual async Task DeleteAsync(TKey id) { - CheckDeletePermission(); + await CheckDeletePolicyAsync(); - return Repository.DeleteAsync(id); + await Repository.DeleteAsync(id); } protected virtual Task GetEntityByIdAsync(TKey id) { return Repository.GetAsync(id); } + + protected virtual async Task CheckGetPolicyAsync() + { + await CheckPolicyAsync(GetPolicyName); + } + + protected virtual async Task CheckGetAllPolicyAsync() + { + await CheckPolicyAsync(GetAllPolicyName); + } + + protected virtual async Task CheckCreatePolicyAsync() + { + await CheckPolicyAsync(CreatePolicyName); + } + + protected virtual async Task CheckUpdatePolicyAsync() + { + await CheckPolicyAsync(UpdatePolicyName); + } + + protected virtual async Task CheckDeletePolicyAsync() + { + await CheckPolicyAsync(DeletePolicyName); + } } } diff --git a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppService.cs b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppService.cs index 68618a553e..f705593e87 100644 --- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppService.cs +++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppService.cs @@ -1,4 +1,5 @@ using System.Linq; +using Microsoft.AspNetCore.Authorization; using Volo.Abp.Application.Dtos; using Volo.Abp.Domain.Entities; using Volo.Abp.Domain.Repositories; @@ -56,7 +57,7 @@ namespace Volo.Abp.Application.Services public virtual TEntityDto Get(TKey id) { - CheckGetPermission(); + CheckGetPolicy(); var entity = GetEntityById(id); return MapToEntityDto(entity); @@ -64,7 +65,7 @@ namespace Volo.Abp.Application.Services public virtual PagedResultDto GetAll(TGetAllInput input) { - CheckGetAllPermission(); + CheckGetAllPolicy(); var query = CreateFilteredQuery(input); @@ -83,7 +84,7 @@ namespace Volo.Abp.Application.Services public virtual TEntityDto Create(TCreateInput input) { - CheckCreatePermission(); + CheckCreatePolicy(); var entity = MapToEntity(input); @@ -95,7 +96,7 @@ namespace Volo.Abp.Application.Services public virtual TEntityDto Update(TKey id, TUpdateInput input) { - CheckUpdatePermission(); + CheckUpdatePolicy(); var entity = GetEntityById(id); @@ -107,7 +108,7 @@ namespace Volo.Abp.Application.Services public virtual void Delete(TKey id) { - CheckDeletePermission(); + CheckDeletePolicy(); Repository.Delete(id); } @@ -116,5 +117,30 @@ namespace Volo.Abp.Application.Services { return Repository.Get(id); } + + protected virtual void CheckGetPolicy() + { + CheckPolicy(GetPolicyName); + } + + protected virtual void CheckGetAllPolicy() + { + CheckPolicy(GetAllPolicyName); + } + + protected virtual void CheckCreatePolicy() + { + CheckPolicy(CreatePolicyName); + } + + protected virtual void CheckUpdatePolicy() + { + CheckPolicy(UpdatePolicyName); + } + + protected virtual void CheckDeletePolicy() + { + CheckPolicy(DeletePolicyName); + } } } diff --git a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppServiceBase.cs b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppServiceBase.cs index 0e7e37dcab..296533acbc 100644 --- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppServiceBase.cs +++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppServiceBase.cs @@ -4,6 +4,7 @@ using System.Linq.Dynamic.Core; using Volo.Abp.Application.Dtos; using Volo.Abp.Domain.Entities; using Volo.Abp.Domain.Repositories; +using Volo.Abp.ObjectMapping; namespace Volo.Abp.Application.Services { @@ -17,15 +18,15 @@ namespace Volo.Abp.Application.Services { protected IRepository Repository { get; } - protected virtual string GetPermissionName { get; set; } + protected virtual string GetPolicyName { get; set; } - protected virtual string GetAllPermissionName { get; set; } + protected virtual string GetAllPolicyName { get; set; } - protected virtual string CreatePermissionName { get; set; } + protected virtual string CreatePolicyName { get; set; } - protected virtual string UpdatePermissionName { get; set; } + protected virtual string UpdatePolicyName { get; set; } - protected virtual string DeletePermissionName { get; set; } + protected virtual string DeletePolicyName { get; set; } protected CrudAppServiceBase(IRepository repository) { @@ -143,38 +144,5 @@ namespace Volo.Abp.Application.Services { ObjectMapper.Map(updateInput, entity); } - - protected virtual void CheckPermission(string permissionName) - { - if (!string.IsNullOrEmpty(permissionName)) - { - //TODO: PermissionChecker.Authorize(permissionName); //Will be implemented when PermissionChecker is available - } - } - - protected virtual void CheckGetPermission() - { - CheckPermission(GetPermissionName); - } - - protected virtual void CheckGetAllPermission() - { - CheckPermission(GetAllPermissionName); - } - - protected virtual void CheckCreatePermission() - { - CheckPermission(CreatePermissionName); - } - - protected virtual void CheckUpdatePermission() - { - CheckPermission(UpdatePermissionName); - } - - protected virtual void CheckDeletePermission() - { - CheckPermission(DeletePermissionName); - } } }