Add `SetForClientAsync` extension method to `IPermissionManager `.

Resolve #17796
1 year ago · a4d57d63fe
parent 4115819755
commit a4d57d63fe
18 changed files with 232 additions and 7 deletions
--- a/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/ClientPermissionManagerExtensions.cs
+++ b/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/ClientPermissionManagerExtensions.cs
@ -0,0 +1,31 @@
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+using Volo.Abp.Authorization.Permissions;
+
+namespace Volo.Abp.PermissionManagement;
+
+public static class ClientPermissionManagerExtensions
+{
+    public static Task<PermissionWithGrantedProviders> GetForClientAsync([NotNull] this IPermissionManager permissionManager, string clientId, string permissionName)
+    {
+        Check.NotNull(permissionManager, nameof(permissionManager));
+
+        return permissionManager.GetAsync(permissionName, ClientPermissionValueProvider.ProviderName, clientId);
+    }
+
+    public static Task<List<PermissionWithGrantedProviders>> GetAllForClientAsync([NotNull] this IPermissionManager permissionManager, string clientId)
+    {
+        Check.NotNull(permissionManager, nameof(permissionManager));
+
+        return permissionManager.GetAllAsync(ClientPermissionValueProvider.ProviderName, clientId);
+    }
+
+    public static Task SetForClientAsync([NotNull] this IPermissionManager permissionManager, string clientId, [NotNull] string permissionName, bool isGranted)
+    {
+        Check.NotNull(permissionManager, nameof(permissionManager));
+
+        return permissionManager.SetAsync(permissionName, ClientPermissionValueProvider.ProviderName, clientId, isGranted);
+    }
+}
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo.Abp.IdentityServer.Domain.Tests.csproj
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo.Abp.IdentityServer.Domain.Tests.csproj
@ -12,6 +12,7 @@
  </PropertyGroup>

  <ItemGroup>
+    <ProjectReference Include="..\..\src\Volo.Abp.PermissionManagement.Domain.IdentityServer\Volo.Abp.PermissionManagement.Domain.IdentityServer.csproj" />
    <ProjectReference Include="..\Volo.Abp.IdentityServer.EntityFrameworkCore.Tests\Volo.Abp.IdentityServer.EntityFrameworkCore.Tests.csproj" />
  </ItemGroup>

--- a/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/AbpIdentityServerDomainTestModule.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/AbpIdentityServerDomainTestModule.cs
@ -1,8 +1,12 @@
 using Volo.Abp.Modularity;
+using Volo.Abp.PermissionManagement.IdentityServer;

 namespace Volo.Abp.IdentityServer;

-[DependsOn(typeof(AbpIdentityServerTestEntityFrameworkCoreModule))]
+[DependsOn(
+    typeof(AbpIdentityServerTestEntityFrameworkCoreModule),
+    typeof(AbpPermissionManagementDomainIdentityServerModule)
+)]
 public class AbpIdentityServerDomainTestModule : AbpModule
 {

--- a/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/PermissionManager_Tests.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/PermissionManager_Tests.cs
@ -0,0 +1,44 @@
+using System.Threading.Tasks;
+using Shouldly;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.IdentityServer;
+using Volo.Abp.PermissionManagement;
+using Xunit;
+
+namespace Volo.Abp.OpenIddict;
+
+public class PermissionManager_Tests : AbpIdentityServerDomainTestBase
+{
+    private readonly IPermissionManager _permissionManager;
+    private readonly IPermissionStore _permissionStore;
+    private readonly AbpIdentityServerTestData _testData;
+
+    public PermissionManager_Tests()
+    {
+        _permissionManager = GetRequiredService<IPermissionManager>();
+        _permissionStore = GetRequiredService<IPermissionStore>();
+        _testData = GetRequiredService<AbpIdentityServerTestData>();
+    }
+
+    [Fact]
+    public async Task Should_Grant_Permission_To_Client()
+    {
+        (await _permissionManager.GetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission1)).IsGranted.ShouldBeFalse();
+        (await _permissionStore.IsGrantedAsync(TestPermissionNames.MyPermission2, ClientPermissionValueProvider.ProviderName, _testData.Client1Name)).ShouldBeFalse();
+
+        await _permissionManager.SetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission2, true);
+
+        (await _permissionManager.GetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission2)).IsGranted.ShouldBeTrue();
+        (await _permissionStore.IsGrantedAsync(TestPermissionNames.MyPermission2, ClientPermissionValueProvider.ProviderName, _testData.Client1Name)).ShouldBeTrue();
+    }
+
+    [Fact]
+    public async Task Should_Revoke_Permission_From_Client()
+    {
+        await _permissionManager.SetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission1, true);
+        (await _permissionManager.GetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission1)).IsGranted.ShouldBeTrue();
+
+        await _permissionManager.SetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission1, false);
+        (await _permissionManager.GetForClientAsync(_testData.Client1Name, TestPermissionNames.MyPermission1)).IsGranted.ShouldBeFalse();
+    }
+}
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/TestPermissionNames.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/TestPermissionNames.cs
@ -0,0 +1,13 @@
+namespace Volo.Abp.IdentityServer;
+
+public static class TestPermissionNames
+{
+    public static class Groups
+    {
+        public const string TestGroup = "TestGroup";
+    }
+
+    public const string MyPermission1 = "MyPermission1";
+
+    public const string MyPermission2 = "MyPermission2";
+}
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/TestTestPermissionDefinitionProvider.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.Domain.Tests/Volo/Abp/IdentityServer/TestTestPermissionDefinitionProvider.cs
@ -0,0 +1,13 @@
+using Volo.Abp.Authorization.Permissions;
+
+namespace Volo.Abp.IdentityServer;
+
+public class TestTestPermissionDefinitionProvider : PermissionDefinitionProvider
+{
+    public override void Define(IPermissionDefinitionContext context)
+    {
+        var testGroup = context.AddGroup(TestPermissionNames.Groups.TestGroup);
+        testGroup.AddPermission(TestPermissionNames.MyPermission1);
+        testGroup.AddPermission(TestPermissionNames.MyPermission2);
+    }
+}
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests.csproj
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests.csproj
@ -16,6 +16,7 @@
    <ProjectReference Include="..\..\..\..\modules\identity\src\Volo.Abp.Identity.EntityFrameworkCore\Volo.Abp.Identity.EntityFrameworkCore.csproj" />
    <ProjectReference Include="..\Volo.Abp.IdentityServer.TestBase\Volo.Abp.IdentityServer.TestBase.csproj" />
    <ProjectReference Include="..\..\..\..\framework\src\Volo.Abp.EntityFrameworkCore.Sqlite\Volo.Abp.EntityFrameworkCore.Sqlite.csproj" />
+    <ProjectReference Include="..\..\..\..\modules\permission-management\src\Volo.Abp.PermissionManagement.EntityFrameworkCore\Volo.Abp.PermissionManagement.EntityFrameworkCore.csproj" />
  </ItemGroup>

  <ItemGroup>
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests/Volo/Abp/IdentityServer/AbpIdentityServerTestEntityFrameworkCoreModule.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.EntityFrameworkCore.Tests/Volo/Abp/IdentityServer/AbpIdentityServerTestEntityFrameworkCoreModule.cs
@ -8,6 +8,7 @@ using Volo.Abp.EntityFrameworkCore.Sqlite;
 using Volo.Abp.Identity.EntityFrameworkCore;
 using Volo.Abp.IdentityServer.EntityFrameworkCore;
 using Volo.Abp.Modularity;
+using Volo.Abp.PermissionManagement.EntityFrameworkCore;
 using Volo.Abp.Threading;

 namespace Volo.Abp.IdentityServer;
@ -16,7 +17,8 @@ namespace Volo.Abp.IdentityServer;
    typeof(AbpIdentityEntityFrameworkCoreModule),
    typeof(AbpIdentityServerEntityFrameworkCoreModule),
    typeof(AbpIdentityServerTestBaseModule),
-    typeof(AbpEntityFrameworkCoreSqliteModule)
+    typeof(AbpEntityFrameworkCoreSqliteModule),
+    typeof(AbpPermissionManagementEntityFrameworkCoreModule)
    )]
 public class AbpIdentityServerTestEntityFrameworkCoreModule : AbpModule
 {
@ -46,6 +48,10 @@ public class AbpIdentityServerTestEntityFrameworkCoreModule : AbpModule
            new DbContextOptionsBuilder<IdentityServerDbContext>().UseSqlite(connection).Options
        ).GetService<IRelationalDatabaseCreator>().CreateTables();

+        new PermissionManagementDbContext(
+            new DbContextOptionsBuilder<PermissionManagementDbContext>().UseSqlite(connection).Options
+        ).GetService<IRelationalDatabaseCreator>().CreateTables();
+
        return connection;
    }
 }
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/AbpIdentityServerTestData.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/AbpIdentityServerTestData.cs
@ -7,6 +7,8 @@ public class AbpIdentityServerTestData : ISingletonDependency
 {
    public Guid Client1Id { get; } = Guid.NewGuid();

+    public string Client1Name { get; } = "ClientId1";
+
    public Guid ApiResource1Id { get; } = Guid.NewGuid();

    public Guid IdentityResource1Id { get; } = Guid.NewGuid();
--- a/modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/AbpIdentityServerTestDataBuilder.cs
+++ b/modules/identityserver/test/Volo.Abp.IdentityServer.TestBase/Volo/Abp/IdentityServer/AbpIdentityServerTestDataBuilder.cs
@ -139,7 +139,7 @@ public class AbpIdentityServerTestDataBuilder : ITransientDependency

    private async Task AddClients()
    {
-        var client = new Client(_testData.Client1Id, "ClientId1")
+        var client = new Client(_testData.Client1Id, _testData.Client1Name)
        {
            Description = nameof(Client.Description),
            ClientName = nameof(Client.ClientName),
--- a/modules/openiddict/src/Volo.Abp.PermissionManagement.Domain.OpenIddict/Volo/Abp/PermissionManagement/ClientPermissionManagerExtensions.cs
+++ b/modules/openiddict/src/Volo.Abp.PermissionManagement.Domain.OpenIddict/Volo/Abp/PermissionManagement/ClientPermissionManagerExtensions.cs
@ -0,0 +1,31 @@
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+using Volo.Abp.Authorization.Permissions;
+
+namespace Volo.Abp.PermissionManagement;
+
+public static class ClientPermissionManagerExtensions
+{
+    public static Task<PermissionWithGrantedProviders> GetForClientAsync([NotNull] this IPermissionManager permissionManager, string clientId, string permissionName)
+    {
+        Check.NotNull(permissionManager, nameof(permissionManager));
+
+        return permissionManager.GetAsync(permissionName, ClientPermissionValueProvider.ProviderName, clientId);
+    }
+
+    public static Task<List<PermissionWithGrantedProviders>> GetAllForClientAsync([NotNull] this IPermissionManager permissionManager, string clientId)
+    {
+        Check.NotNull(permissionManager, nameof(permissionManager));
+
+        return permissionManager.GetAllAsync(ClientPermissionValueProvider.ProviderName, clientId);
+    }
+
+    public static Task SetForClientAsync([NotNull] this IPermissionManager permissionManager, string clientId, [NotNull] string permissionName, bool isGranted)
+    {
+        Check.NotNull(permissionManager, nameof(permissionManager));
+
+        return permissionManager.SetAsync(permissionName, ClientPermissionValueProvider.ProviderName, clientId, isGranted);
+    }
+}
--- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo.Abp.OpenIddict.Domain.Tests.csproj
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo.Abp.OpenIddict.Domain.Tests.csproj
@ -12,6 +12,7 @@
  </ItemGroup>

  <ItemGroup>
+    <ProjectReference Include="..\..\src\Volo.Abp.PermissionManagement.Domain.OpenIddict\Volo.Abp.PermissionManagement.Domain.OpenIddict.csproj" />
    <ProjectReference Include="..\Volo.Abp.OpenIddict.EntityFrameworkCore.Tests\Volo.Abp.OpenIddict.EntityFrameworkCore.Tests.csproj" />
  </ItemGroup>

--- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/OpenIddictDomainTestModule.cs
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/OpenIddictDomainTestModule.cs
@ -1,5 +1,6 @@
 using Volo.Abp.OpenIddict.EntityFrameworkCore;
 using Volo.Abp.Modularity;
+using Volo.Abp.PermissionManagement.OpenIddict;

 namespace Volo.Abp.OpenIddict;

@ -8,9 +9,10 @@ namespace Volo.Abp.OpenIddict;
 * database independent anyway.
 */
 [DependsOn(
-    typeof(OpenIddictEntityFrameworkCoreTestModule)
+    typeof(OpenIddictEntityFrameworkCoreTestModule),
+    typeof(AbpPermissionManagementDomainOpenIddictModule)
    )]
 public class OpenIddictDomainTestModule : AbpModule
 {
-    
+
 }
--- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/PermissionManager_Tests.cs
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/PermissionManager_Tests.cs
@ -0,0 +1,43 @@
+using System.Threading.Tasks;
+using Shouldly;
+using Volo.Abp.Authorization.Permissions;
+using Volo.Abp.PermissionManagement;
+using Xunit;
+
+namespace Volo.Abp.OpenIddict;
+
+public class PermissionManager_Tests : OpenIddictDomainTestBase
+{
+    private readonly IPermissionManager _permissionManager;
+    private readonly IPermissionStore _permissionStore;
+    private readonly AbpOpenIddictTestData _testData;
+
+    public PermissionManager_Tests()
+    {
+        _permissionManager = GetRequiredService<IPermissionManager>();
+        _permissionStore = GetRequiredService<IPermissionStore>();
+        _testData = GetRequiredService<AbpOpenIddictTestData>();
+    }
+
+    [Fact]
+    public async Task Should_Grant_Permission_To_Client()
+    {
+        (await _permissionManager.GetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission1)).IsGranted.ShouldBeFalse();
+        (await _permissionStore.IsGrantedAsync(TestPermissionNames.MyPermission2, ClientPermissionValueProvider.ProviderName, _testData.App1ClientId)).ShouldBeFalse();
+
+        await _permissionManager.SetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission2, true);
+
+        (await _permissionManager.GetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission2)).IsGranted.ShouldBeTrue();
+        (await _permissionStore.IsGrantedAsync(TestPermissionNames.MyPermission2, ClientPermissionValueProvider.ProviderName, _testData.App1ClientId)).ShouldBeTrue();
+    }
+
+    [Fact]
+    public async Task Should_Revoke_Permission_From_Client()
+    {
+        await _permissionManager.SetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission1, true);
+        (await _permissionManager.GetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission1)).IsGranted.ShouldBeTrue();
+
+        await _permissionManager.SetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission1, false);
+        (await _permissionManager.GetForClientAsync(_testData.App1ClientId, TestPermissionNames.MyPermission1)).IsGranted.ShouldBeFalse();
+    }
+}
--- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/TestPermissionDefinitionProvider.cs
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/TestPermissionDefinitionProvider.cs
@ -0,0 +1,13 @@
+using Volo.Abp.Authorization.Permissions;
+
+namespace Volo.Abp.OpenIddict;
+
+public class TestPermissionDefinitionProvider : PermissionDefinitionProvider
+{
+    public override void Define(IPermissionDefinitionContext context)
+    {
+        var testGroup = context.AddGroup(TestPermissionNames.Groups.TestGroup);
+        testGroup.AddPermission(TestPermissionNames.MyPermission1);
+        testGroup.AddPermission(TestPermissionNames.MyPermission2);
+    }
+}
--- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/TestPermissionNames.cs
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/TestPermissionNames.cs
@ -0,0 +1,13 @@
+namespace Volo.Abp.OpenIddict;
+
+public static class TestPermissionNames
+{
+    public static class Groups
+    {
+        public const string TestGroup = "TestGroup";
+    }
+
+    public const string MyPermission1 = "MyPermission1";
+
+    public const string MyPermission2 = "MyPermission2";
+}
--- a/modules/openiddict/test/Volo.Abp.OpenIddict.EntityFrameworkCore.Tests/Volo.Abp.OpenIddict.EntityFrameworkCore.Tests.csproj
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.EntityFrameworkCore.Tests/Volo.Abp.OpenIddict.EntityFrameworkCore.Tests.csproj
@ -16,6 +16,7 @@
    <ProjectReference Include="..\Volo.Abp.OpenIddict.TestBase\Volo.Abp.OpenIddict.TestBase.csproj" />
    <ProjectReference Include="..\..\..\..\framework\src\Volo.Abp.EntityFrameworkCore.Sqlite\Volo.Abp.EntityFrameworkCore.Sqlite.csproj" />
    <ProjectReference Include="..\..\..\..\modules\identity\src\Volo.Abp.Identity.EntityFrameworkCore\Volo.Abp.Identity.EntityFrameworkCore.csproj" />
+    <ProjectReference Include="..\..\..\..\modules\permission-management\src\Volo.Abp.PermissionManagement.EntityFrameworkCore\Volo.Abp.PermissionManagement.EntityFrameworkCore.csproj" />
  </ItemGroup>

 </Project>
--- a/modules/openiddict/test/Volo.Abp.OpenIddict.EntityFrameworkCore.Tests/Volo/Abp/OpenIddict/EntityFrameworkCore/OpenIddictEntityFrameworkCoreTestModule.cs
+++ b/modules/openiddict/test/Volo.Abp.OpenIddict.EntityFrameworkCore.Tests/Volo/Abp/OpenIddict/EntityFrameworkCore/OpenIddictEntityFrameworkCoreTestModule.cs
@ -6,6 +6,7 @@ using Volo.Abp.EntityFrameworkCore;
 using Volo.Abp.EntityFrameworkCore.Sqlite;
 using Volo.Abp.Identity.EntityFrameworkCore;
 using Volo.Abp.Modularity;
+using Volo.Abp.PermissionManagement.EntityFrameworkCore;

 namespace Volo.Abp.OpenIddict.EntityFrameworkCore;

@ -13,7 +14,8 @@ namespace Volo.Abp.OpenIddict.EntityFrameworkCore;
    typeof(OpenIddictTestBaseModule),
    typeof(AbpOpenIddictEntityFrameworkCoreModule),
    typeof(AbpIdentityEntityFrameworkCoreModule),
-    typeof(AbpEntityFrameworkCoreSqliteModule)
+    typeof(AbpEntityFrameworkCoreSqliteModule),
+    typeof(AbpPermissionManagementEntityFrameworkCoreModule)
    )]
 public class OpenIddictEntityFrameworkCoreTestModule : AbpModule
 {
@ -38,11 +40,15 @@ public class OpenIddictEntityFrameworkCoreTestModule : AbpModule
        new IdentityDbContext(
            new DbContextOptionsBuilder<IdentityDbContext>().UseSqlite(connection).Options
        ).GetService<IRelationalDatabaseCreator>().CreateTables();
-        
+
        new OpenIddictDbContext(
            new DbContextOptionsBuilder<OpenIddictDbContext>().UseSqlite(connection).Options
        ).GetService<IRelationalDatabaseCreator>().CreateTables();

+        new PermissionManagementDbContext(
+            new DbContextOptionsBuilder<PermissionManagementDbContext>().UseSqlite(connection).Options
+        ).GetService<IRelationalDatabaseCreator>().CreateTables();
+
        return connection;
    }
 }