Crud app service base authorization control changes.

8 years ago · 26448c670e
parent d10b0462d0
commit 26448c670e
5 changed files with 148 additions and 52 deletions
--- a/src/Volo.Abp.Authorization/Microsoft/AspNetCore/Authorization/AbpAuthorizationServiceExtensions.cs
+++ b/src/Volo.Abp.Authorization/Microsoft/AspNetCore/Authorization/AbpAuthorizationServiceExtensions.cs
@ -1,15 +1,39 @@
 using System.Collections.Generic;
+using System.Security.Claims;
 using System.Threading.Tasks;
 using Volo.Abp;
 using Volo.Abp.Authorization;
+using Volo.Abp.Threading;

 namespace Microsoft.AspNetCore.Authorization
 {
+    // TODO: Complete all Sync extension methods!
    public static class AbpAuthorizationServiceExtensions
    {
+        public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, ClaimsPrincipal user, object resource, string policyName)
+        {
+            return AsyncHelper.RunSync(() => authorizationService.AuthorizeAsync(user, resource, policyName));
+        }
+
+        public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, ClaimsPrincipal user, object resource, IEnumerable<IAuthorizationRequirement> requirements)
+        {
+            return AsyncHelper.RunSync(() => authorizationService.AuthorizeAsync(user, resource, requirements));
+        }
+
        public static Task<AuthorizationResult> AuthorizeAsync(this IAuthorizationService authorizationService, string policyName)
        {
-            return AuthorizeAsync(authorizationService, authorizationService.AsAbpAuthorizationService().CurrentPrincipal,
+            return AuthorizeAsync(
+                authorizationService,
+                authorizationService.AsAbpAuthorizationService().CurrentPrincipal,
+                policyName
+            );
+        }
+
+        public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, string policyName)
+        {
+            return Authorize(
+                authorizationService, 
+                authorizationService.AsAbpAuthorizationService().CurrentPrincipal,
                policyName
            );
        }
@ -57,11 +81,25 @@ namespace Microsoft.AspNetCore.Authorization
            );
        }

+        public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, object resource, string policyName)
+        {
+            return authorizationService.Authorize(
+                authorizationService.AsAbpAuthorizationService().CurrentPrincipal,
+                resource,
+                policyName
+            );
+        }
+
        public static async Task<bool> IsGrantedAsync(this IAuthorizationService authorizationService, string policyName)
        {
            return (await authorizationService.AuthorizeAsync(policyName)).Succeeded;
        }

+        public static bool IsGranted(this IAuthorizationService authorizationService, string policyName)
+        {
+            return authorizationService.Authorize(policyName).Succeeded;
+        }
+
        public static async Task<bool> IsGrantedAsync(this IAuthorizationService authorizationService, object resource, IAuthorizationRequirement requirement)
        {
            return (await authorizationService.AuthorizeAsync(resource, requirement)).Succeeded;
@ -95,6 +133,11 @@ namespace Microsoft.AspNetCore.Authorization
            }
        }

+        public static void Check(this IAuthorizationService authorizationService, string policyName)
+        {
+            AsyncHelper.RunSync(() => authorizationService.CheckAsync(policyName));
+        }
+
        public static async Task CheckAsync(this IAuthorizationService authorizationService, object resource, IAuthorizationRequirement requirement)
        {
            if (!await authorizationService.IsGrantedAsync(resource, requirement))
--- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/ApplicationService.cs
+++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/ApplicationService.cs
@ -1,9 +1,12 @@
 using System;
 using System.Collections.Generic;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Logging.Abstractions;
 using Volo.Abp.Aspects;
+using Volo.Abp.Authorization;
 using Volo.Abp.Guids;
 using Volo.Abp.MultiTenancy;
 using Volo.Abp.ObjectMapping;
@ -47,5 +50,35 @@ namespace Volo.Abp.Application.Services
        {
            GuidGenerator = SimpleGuidGenerator.Instance;
        }
+
+        /// <summary>
+        /// Checks for given <paramref name="policyName"/>.
+        /// Throws <see cref="AbpAuthorizationException"/> if given policy has not been granted.
+        /// </summary>
+        /// <param name="policyName">The policy name. This method does nothing if given <paramref name="policyName"/> is null or empty.</param>
+        protected virtual async Task CheckPolicyAsync([CanBeNull] string policyName)
+        {
+            if (string.IsNullOrEmpty(policyName))
+            {
+                return;
+            }
+
+            await AuthorizationService.CheckAsync(policyName);
+        }
+
+        /// <summary>
+        /// Checks for given <paramref name="policyName"/>.
+        /// Throws <see cref="AbpAuthorizationException"/> if given policy has not been granted.
+        /// </summary>
+        /// <param name="policyName">The policy name. This method does nothing if given <paramref name="policyName"/> is null or empty.</param>
+        protected virtual void CheckPolicy([CanBeNull] string policyName)
+        {
+            if (string.IsNullOrEmpty(policyName))
+            {
+                return;
+            }
+
+            AuthorizationService.Check(policyName);
+        }
    }
 }
--- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/AsyncCrudAppService.cs
+++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/AsyncCrudAppService.cs
@ -1,5 +1,6 @@
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Volo.Abp.Application.Dtos;
 using Volo.Abp.Domain.Entities;
 using Volo.Abp.Domain.Repositories;
@ -61,7 +62,7 @@ namespace Volo.Abp.Application.Services

        public virtual async Task<TEntityDto> GetAsync(TKey id)
        {
-            CheckGetPermission();
+            await CheckGetPolicyAsync();

            var entity = await GetEntityByIdAsync(id);
            return MapToEntityDto(entity);
@ -69,7 +70,7 @@ namespace Volo.Abp.Application.Services

        public virtual async Task<PagedResultDto<TEntityDto>> GetListAsync(TGetAllInput input)
        {
-            CheckGetAllPermission();
+            await CheckGetAllPolicyAsync();

            var query = CreateFilteredQuery(input);

@ -88,7 +89,7 @@ namespace Volo.Abp.Application.Services

        public virtual async Task<TEntityDto> CreateAsync(TCreateInput input)
        {
-            CheckCreatePermission();
+            await CheckCreatePolicyAsync();

            var entity = MapToEntity(input);

@ -100,7 +101,7 @@ namespace Volo.Abp.Application.Services

        public virtual async Task<TEntityDto> UpdateAsync(TKey id, TUpdateInput input)
        {
-            CheckUpdatePermission();
+            await CheckUpdatePolicyAsync();

            var entity = await GetEntityByIdAsync(id);

@ -112,16 +113,41 @@ namespace Volo.Abp.Application.Services
            return MapToEntityDto(entity);
        }

-        public virtual Task DeleteAsync(TKey id)
+        public virtual async Task DeleteAsync(TKey id)
        {
-            CheckDeletePermission();
+            await CheckDeletePolicyAsync();

-            return Repository.DeleteAsync(id);
+            await Repository.DeleteAsync(id);
        }

        protected virtual Task<TEntity> GetEntityByIdAsync(TKey id)
        {
            return Repository.GetAsync(id);
        }
+
+        protected virtual async Task CheckGetPolicyAsync()
+        {
+            await CheckPolicyAsync(GetPolicyName);
+        }
+
+        protected virtual async Task CheckGetAllPolicyAsync()
+        {
+            await CheckPolicyAsync(GetAllPolicyName);
+        }
+
+        protected virtual async Task CheckCreatePolicyAsync()
+        {
+            await CheckPolicyAsync(CreatePolicyName);
+        }
+
+        protected virtual async Task CheckUpdatePolicyAsync()
+        {
+            await CheckPolicyAsync(UpdatePolicyName);
+        }
+
+        protected virtual async Task CheckDeletePolicyAsync()
+        {
+            await CheckPolicyAsync(DeletePolicyName);
+        }
    }
 }
--- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppService.cs
+++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppService.cs
@ -1,4 +1,5 @@
 using System.Linq;
+using Microsoft.AspNetCore.Authorization;
 using Volo.Abp.Application.Dtos;
 using Volo.Abp.Domain.Entities;
 using Volo.Abp.Domain.Repositories;
@ -56,7 +57,7 @@ namespace Volo.Abp.Application.Services

        public virtual TEntityDto Get(TKey id)
        {
-            CheckGetPermission();
+            CheckGetPolicy();

            var entity = GetEntityById(id);
            return MapToEntityDto(entity);
@ -64,7 +65,7 @@ namespace Volo.Abp.Application.Services

        public virtual PagedResultDto<TEntityDto> GetAll(TGetAllInput input)
        {
-            CheckGetAllPermission();
+            CheckGetAllPolicy();

            var query = CreateFilteredQuery(input);

@ -83,7 +84,7 @@ namespace Volo.Abp.Application.Services

        public virtual TEntityDto Create(TCreateInput input)
        {
-            CheckCreatePermission();
+            CheckCreatePolicy();

            var entity = MapToEntity(input);

@ -95,7 +96,7 @@ namespace Volo.Abp.Application.Services

        public virtual TEntityDto Update(TKey id, TUpdateInput input)
        {
-            CheckUpdatePermission();
+            CheckUpdatePolicy();

            var entity = GetEntityById(id);

@ -107,7 +108,7 @@ namespace Volo.Abp.Application.Services

        public virtual void Delete(TKey id)
        {
-            CheckDeletePermission();
+            CheckDeletePolicy();

            Repository.Delete(id);
        }
@ -116,5 +117,30 @@ namespace Volo.Abp.Application.Services
        {
            return Repository.Get(id);
        }
+
+        protected virtual void CheckGetPolicy()
+        {
+            CheckPolicy(GetPolicyName);
+        }
+
+        protected virtual void CheckGetAllPolicy()
+        {
+            CheckPolicy(GetAllPolicyName);
+        }
+
+        protected virtual void CheckCreatePolicy()
+        {
+            CheckPolicy(CreatePolicyName);
+        }
+
+        protected virtual void CheckUpdatePolicy()
+        {
+            CheckPolicy(UpdatePolicyName);
+        }
+
+        protected virtual void CheckDeletePolicy()
+        {
+            CheckPolicy(DeletePolicyName);
+        }
    }
 }
--- a/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppServiceBase.cs
+++ b/src/Volo.Abp.Ddd.Application/Volo/Abp/Application/Services/CrudAppServiceBase.cs
@ -4,6 +4,7 @@ using System.Linq.Dynamic.Core;
 using Volo.Abp.Application.Dtos;
 using Volo.Abp.Domain.Entities;
 using Volo.Abp.Domain.Repositories;
+using Volo.Abp.ObjectMapping;

 namespace Volo.Abp.Application.Services
 {
@ -17,15 +18,15 @@ namespace Volo.Abp.Application.Services
    {
        protected IRepository<TEntity, TKey> Repository { get; }
        
-        protected virtual string GetPermissionName { get; set; }
+        protected virtual string GetPolicyName { get; set; }

-        protected virtual string GetAllPermissionName { get; set; }
+        protected virtual string GetAllPolicyName { get; set; }

-        protected virtual string CreatePermissionName { get; set; }
+        protected virtual string CreatePolicyName { get; set; }

-        protected virtual string UpdatePermissionName { get; set; }
+        protected virtual string UpdatePolicyName { get; set; }

-        protected virtual string DeletePermissionName { get; set; }
+        protected virtual string DeletePolicyName { get; set; }

        protected CrudAppServiceBase(IRepository<TEntity, TKey> repository)
        {
@ -143,38 +144,5 @@ namespace Volo.Abp.Application.Services
        {
            ObjectMapper.Map(updateInput, entity);
        }
-
-        protected virtual void CheckPermission(string permissionName)
-        {
-            if (!string.IsNullOrEmpty(permissionName))
-            {
-                //TODO: PermissionChecker.Authorize(permissionName); //Will be implemented when PermissionChecker is available
-            }
-        }
-
-        protected virtual void CheckGetPermission()
-        {
-            CheckPermission(GetPermissionName);
-        }
-
-        protected virtual void CheckGetAllPermission()
-        {
-            CheckPermission(GetAllPermissionName);
-        }
-
-        protected virtual void CheckCreatePermission()
-        {
-            CheckPermission(CreatePermissionName);
-        }
-
-        protected virtual void CheckUpdatePermission()
-        {
-            CheckPermission(UpdatePermissionName);
-        }
-
-        protected virtual void CheckDeletePermission()
-        {
-            CheckPermission(DeletePermissionName);
-        }
    }
 }