store and get current app id (draft)

This commit is contained in:
2020-05-20 16:09:56 +02:00
parent 96cc8131bb
commit ea777ec13e
8 changed files with 115 additions and 4 deletions
+39
View File
@@ -0,0 +1,39 @@
//using Microsoft.AspNetCore.Http;
//using Microsoft.AspNetCore.Identity;
//using System;
//using System.Collections.Generic;
//using System.Linq;
//using System.Security.Claims;
//using System.Text;
//using zero.Core.Entities;
//namespace zero.Core.Api
//{
// public class AppIdService
// {
// protected UserManager<User> UserManager { get; private set; }
// protected IHttpContextAccessor HttpContextAccessor { get; set; }
// protected ClaimsPrincipal Principal => HttpContextAccessor.HttpContext?.User;
// public AppIdService(UserManager<User> userManager, IHttpContextAccessor httpContextAccessor)
// {
// UserManager = userManager;
// HttpContextAccessor = httpContextAccessor;
// }
// /// <inheritdoc />
// public string[] GetAllowedAppIds()
// {
// return Principal.Claims
// .Where(claim => claim.Type == Constants.Auth.Claims.Permission && (prefix == null || claim.Value.StartsWith(prefix)))
// .Select(claim => Permission.FromClaim(claim, prefix))
// .ToList();
// //return GetPermissions(Permissions.Applications).Where(x => x.CanRead).Select(x => x.NormalizedKey).ToArray();
// }
// }
//}
+5 -2
View File
@@ -1,11 +1,13 @@
using FluentValidation;
using FluentValidation.Results;
using Microsoft.AspNetCore.Http;
using Raven.Client.Documents;
using Raven.Client.Documents.Linq;
using Raven.Client.Documents.Session;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using zero.Core.Attributes;
using zero.Core.Entities;
@@ -237,9 +239,10 @@ namespace zero.Core.Api
public class AppAwareBackofficeStore : BackofficeStore, IAppAwareBackofficeStore
{
public AppAwareBackofficeStore(IDocumentStore raven, IMediaUpload media) : base(raven, media)
public AppAwareBackofficeStore(IDocumentStore raven, IMediaUpload media, IHttpContextAccessor httpContextAccessor) : base(raven, media)
{
AppId = "zero.applications.1-A"; // TODO
Claim appIdClaim = httpContextAccessor.HttpContext?.User.Claims.FirstOrDefault(x => x.Type == Constants.Auth.Claims.CurrentAppId);
AppId = appIdClaim.Value;
}
}
}
+1 -1
View File
@@ -249,7 +249,7 @@ namespace zero.Core.Api
IsActive = true,
Claims = new List<IUserClaim>()
{
new UserClaim(type, Permissions.Applications, PermissionsValue.Write),
//new UserClaim(type, Permissions.Applications, PermissionsValue.Write),
new UserClaim(type, Permissions.Sections.Dashboard, PermissionsValue.True),
new UserClaim(type, Permissions.Sections.Spaces, PermissionsValue.True),
new UserClaim(type, Permissions.Sections.Pages, PermissionsValue.True),
+2
View File
@@ -23,6 +23,8 @@
public const string Role = "zero.claim.rolealias";
public const string SecurityStamp = "zero.claim.securitystamp";
public const string Permission = "zero.claim.permission";
public const string DefaultAppId = "zero.claim.defaultAppId";
public const string CurrentAppId = "zero.claim.currentAppId";
}
}
+8
View File
@@ -8,6 +8,9 @@ namespace zero.Core.Entities
/// <inheritdoc />
public string AppId { get; set; }
/// <inheritdoc />
public string CurrentAppId { get; set; }
/// <inheritdoc/>
public bool IsSuper { get; set; }
@@ -72,6 +75,11 @@ namespace zero.Core.Entities
public interface IUser : IZeroEntity, IAppAwareEntity, IZeroDbConventions
{
/// <summary>
/// Currently selected app id for the backoffice
/// </summary>
public string CurrentAppId { get; set; }
/// <summary>
/// sudo.
/// The user who created the instance.
@@ -0,0 +1,41 @@
//using Microsoft.AspNetCore.Http;
//using Microsoft.AspNetCore.Identity;
//using Raven.Client.Documents;
//using Raven.Client.Documents.Linq;
//using Raven.Client.Documents.Session;
//using System;
//using System.Collections.Generic;
//using System.Linq;
//using System.Security.Claims;
//using System.Threading.Tasks;
//using zero.Core.Entities;
//using zero.Core.Identity;
//namespace zero.Core.Extensions
//{
// public static class HttpContextExtensions
// {
// public static string GetCurrentAppId(this HttpContext context)
// {
// ClaimsPrincipal user = context.User;
// var permissions = user.Claims.Where(x => x.Type == Constants.Auth.Claims.Permission && );
// user.HasClaim(Constants.Auth.Claims.Permission, Permissions.Applications + ":" + PermissionsValue.Write)
// // this is not the final decision,
// // as we need to check permissions too
// string currentAppId = user.CurrentAppId;
// // set to default app id when nothing selected yet
// if (currentAppId.IsNullOrEmpty())
// {
// currentAppId = user.AppId;
// }
// UserManager<User> manager;
// manager.cla
// }
// }
//}
+1 -1
View File
@@ -6,7 +6,7 @@
/// Ability to switch zero applications and read/write other applications out of the user appId
/// If PermissionsValue.Write is set for this permission, the user will be limited to his/her claims in other applications too
/// </summary>
public const string Applications = "applications";
public const string Applications = "applications.";
public struct Settings
+18
View File
@@ -1,5 +1,7 @@
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Options;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using zero.Core;
@@ -27,6 +29,22 @@ namespace zero.Web
identity.AddClaim(new Claim(Constants.Auth.Claims.IsSuper, PermissionsValue.True));
}
// get all allowed app ids
IEnumerable<Permission> permissions = identity.Claims
.Where(claim => claim.Type == Constants.Auth.Claims.Permission && claim.Value.StartsWith(Permissions.Applications))
.Select(x => Permission.FromClaim(x, Permissions.Applications));
string[] appIds = permissions.Where(x => x.IsTrue).Select(x => x.NormalizedKey).ToArray();
string currentAppId = user.CurrentAppId ?? user.AppId;
if (!user.IsSuper && !appIds.Contains(currentAppId))
{
currentAppId = user.AppId;
}
identity.AddClaim(new Claim(Constants.Auth.Claims.CurrentAppId, currentAppId));
return principal;
}
}