clean configurator/auth (#455)

* clean Framework.Authorization.Domain
Luxoft · Sep 4, 2024 · c06e264 · c06e264
1 parent 5c4372a
commit c06e264
Show file tree

Hide file tree

Showing 67 changed files with 277 additions and 1,159 deletions.
diff --git a/src/Framework.Configurator/Handlers/CreatePrincipalHandler.cs b/src/Framework.Configurator/Handlers/CreatePrincipalHandler.cs
@@ -1,7 +1,7 @@
 using Framework.Authorization.Domain;
 using Framework.Authorization.SecuritySystem;
 using Framework.Configurator.Interfaces;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.DomainDriven.Repository;
 using Framework.SecuritySystem;
 

diff --git a/src/Framework.Configurator/Handlers/DeletePrincipalHandler.cs b/src/Framework.Configurator/Handlers/DeletePrincipalHandler.cs
@@ -1,7 +1,7 @@
 using Framework.Authorization.Domain;
 using Framework.Authorization.SecuritySystem;
 using Framework.Configurator.Interfaces;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.DomainDriven.Repository;
 using Framework.SecuritySystem;
 

diff --git a/src/Framework.Configurator/Handlers/DownloadPermissionTemplateHandler.cs b/src/Framework.Configurator/Handlers/DownloadPermissionTemplateHandler.cs
@@ -1,19 +1,16 @@
 using ClosedXML.Excel;
 
-using Framework.Authorization.Domain;
 using Framework.Configurator.Interfaces;
-using Framework.DomainDriven.ApplicationCore;
-using Framework.DomainDriven.Repository;
+using Framework.Core;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.SecuritySystem;
 
 using Microsoft.AspNetCore.Http;
 
-using NHibernate.Linq;
-
 namespace Framework.Configurator.Handlers;
 
 public record DownloadPermissionTemplateHandler(
-    IRepositoryFactory<SecurityContextType> RepositoryFactory,
+    ISecurityContextSource SecurityContextSource,
     ISecuritySystem SecuritySystem)
     : IDownloadPermissionTemplateHandler
 {
@@ -23,24 +20,16 @@ public async Task Execute(HttpContext context, CancellationToken cancellationTok
     {
         this.SecuritySystem.CheckAccess(ApplicationSecurityRule.SecurityAdministrator);
 
-        var contexts = await this.RepositoryFactory
-                                 .Create()
-                                 .GetQueryable()
-                                 .Select(x => x.Name)
-                                 .ToListAsync(cancellationToken);
-
         var assembly = this.GetType().Assembly;
         var resourceStream = assembly.GetManifestResourceStream("Framework.Configurator.Templates.Permissions.xlsx");
         using var workbook = new XLWorkbook(resourceStream);
         var worksheet = workbook.Worksheet(1);
-        for (var i = 0; i < contexts.Count; i++)
-        {
-            var contextName = contexts[i];
 
-            worksheet.Cell(1, FirstContentColumnIndex + i).Value = contextName;
-        }
+        this.SecurityContextSource.SecurityContextTypes.Foreach(
+            (securityContextType, index) =>
+                worksheet.Cell(1, FirstContentColumnIndex + index).Value = securityContextType.Name);
 
-        var ms = new MemoryStream();
+        await using var ms = new MemoryStream();
         workbook.SaveAs(ms);
         ms.Position = 0;
         context.Response.ContentType = "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet";

diff --git a/src/Framework.Configurator/Handlers/GetBusinessRoleContextEntitiesHandler.cs b/src/Framework.Configurator/Handlers/GetBusinessRoleContextEntitiesHandler.cs
@@ -1,18 +1,15 @@
-using Framework.Authorization.Domain;
-using Framework.Authorization.SecuritySystem.ExternalSource;
-using Framework.Configurator.Interfaces;
+using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
-using Framework.DomainDriven.Repository;
+using Framework.DomainDriven.ApplicationCore.ExternalSource;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.SecuritySystem;
 
 using Microsoft.AspNetCore.Http;
 
 namespace Framework.Configurator.Handlers;
 
 public class GetBusinessRoleContextEntitiesHandler(
-    IRepositoryFactory<SecurityContextType> contextTypeRepositoryFactory,
-    IAuthorizationExternalSource externalSource,
+    ISecurityEntitySource externalSource,
     ISecuritySystem securitySystem)
     : BaseReadHandler, IGetBusinessRoleContextEntitiesHandler
 {
@@ -23,8 +20,7 @@ protected override async Task<object> GetDataAsync(HttpContext context, Cancella
         var securityContextTypeId = new Guid((string)context.Request.RouteValues["id"]!);
         var searchToken = context.Request.Query["searchToken"];
 
-        var contextType = await contextTypeRepositoryFactory.Create().LoadAsync(securityContextTypeId, cancellationToken);
-        var entities = externalSource.GetTyped(contextType).GetSecurityEntities();
+        var entities = externalSource.GetTyped(securityContextTypeId).GetSecurityEntities();
 
         if (!string.IsNullOrWhiteSpace(searchToken))
             entities = entities.Where(p => p.Name.Contains(searchToken!, StringComparison.OrdinalIgnoreCase));

diff --git a/src/Framework.Configurator/Handlers/GetBusinessRoleContextsHandler.cs b/src/Framework.Configurator/Handlers/GetBusinessRoleContextsHandler.cs
@@ -1,6 +1,6 @@
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.SecuritySystem;
 
 using Microsoft.AspNetCore.Http;

diff --git a/src/Framework.Configurator/Handlers/GetBusinessRoleHandler.cs b/src/Framework.Configurator/Handlers/GetBusinessRoleHandler.cs
@@ -1,7 +1,7 @@
 using Framework.Authorization.Domain;
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.DomainDriven.Repository;
 using Framework.SecuritySystem;
 

diff --git a/src/Framework.Configurator/Handlers/GetBusinessRolesHandler.cs b/src/Framework.Configurator/Handlers/GetBusinessRolesHandler.cs
@@ -1,6 +1,6 @@
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.SecuritySystem;
 
 using Microsoft.AspNetCore.Http;

diff --git a/src/Framework.Configurator/Handlers/GetOperationHandler.cs b/src/Framework.Configurator/Handlers/GetOperationHandler.cs
@@ -1,7 +1,7 @@
 using Framework.Authorization.Domain;
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.DomainDriven.Repository;
 using Framework.SecuritySystem;
 

diff --git a/src/Framework.Configurator/Handlers/GetOperationsHandler.cs b/src/Framework.Configurator/Handlers/GetOperationsHandler.cs
@@ -1,6 +1,6 @@
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.SecuritySystem;
 
 using Microsoft.AspNetCore.Http;

diff --git a/src/Framework.Configurator/Handlers/GetPrincipalHandler.cs b/src/Framework.Configurator/Handlers/GetPrincipalHandler.cs
@@ -1,8 +1,8 @@
 using Framework.Authorization.Domain;
-using Framework.Authorization.SecuritySystem.ExternalSource;
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.ExternalSource;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.DomainDriven.Repository;
 using Framework.SecuritySystem;
 
@@ -15,7 +15,7 @@ namespace Framework.Configurator.Handlers;
 public class GetPrincipalHandler(
     IRepositoryFactory<Permission> permissionRepoFactory,
     IRepositoryFactory<SecurityContextType> contextTypeRepoFactory,
-    IAuthorizationExternalSource externalSource,
+    ISecurityEntitySource externalSource,
     ISecuritySystem securitySystem) : BaseReadHandler, IGetPrincipalHandler
 {
     protected override async Task<object> GetDataAsync(HttpContext context, CancellationToken cancellationToken)
@@ -56,7 +56,7 @@ private async Task<Dictionary<Guid, ContextItem>> GetContextsAsync(IEnumerable<P
         foreach (var group in permissions.SelectMany(x => x.Contexts).GroupBy(x => x.Key, x => x.Value))
         {
             var contextType = await contextTypeRepoFactory.Create().LoadAsync(group.Key, token);
-            var entities = externalSource.GetTyped(contextType)
+            var entities = externalSource.GetTyped(group.Key)
                                          .GetSecurityEntitiesByIdents(group.Distinct().ToList())
                                          .ToDictionary(e => e.Id, e => e.Name);
 

diff --git a/src/Framework.Configurator/Handlers/GetPrincipalsHandler.cs b/src/Framework.Configurator/Handlers/GetPrincipalsHandler.cs
@@ -1,7 +1,7 @@
 using Framework.Authorization.Domain;
 using Framework.Configurator.Interfaces;
 using Framework.Configurator.Models;
-using Framework.DomainDriven.ApplicationCore;
+using Framework.DomainDriven.ApplicationCore.Security;
 using Framework.DomainDriven.Repository;
 using Framework.SecuritySystem;
 

diff --git a/src/Framework.Configurator/Handlers/GetRunAsHandler.cs b/src/Framework.Configurator/Handlers/GetRunAsHandler.cs
@@ -1,12 +1,12 @@
-using Framework.Authorization.SecuritySystem;
-using Framework.Configurator.Interfaces;
+using Framework.Configurator.Interfaces;
+using Framework.SecuritySystem.Services;
 
 using Microsoft.AspNetCore.Http;
 
 namespace Framework.Configurator.Handlers;
 
-public class GetRunAsHandler(ICurrentPrincipalSource principalSource) : BaseReadHandler, IGetRunAsHandler
+public class GetRunAsHandler(IRunAsManager? runAsManager = null) : BaseReadHandler, IGetRunAsHandler
 {
     protected override async Task<object> GetDataAsync(HttpContext context, CancellationToken cancellationToken) =>
-        principalSource.CurrentPrincipal.RunAs?.Name ?? string.Empty;
+        runAsManager?.RunAsName ?? string.Empty;
 }
diff --git a/src/Framework.Core.Pipe/PipeMaybeObjectExtensions.cs b/src/Framework.Core.Pipe/PipeMaybeObjectExtensions.cs
@@ -17,13 +17,11 @@ public static void Maybe<TSource>(this TSource? source, Action<TSource> evaluate
     }
 
     [DebuggerStepThrough]
-    public static TResult? Maybe<TSource, TResult>(this TSource? source, Func<TSource, TResult> selector)
-            where TSource : class
+    public static TResult Maybe<TSource, TResult>(this TSource? source, Func<TSource, TResult> selector)
     {
-        return null == source ? default(TResult) : selector(source);
+        return null == source ? default : selector(source);
     }
 
-
     public static void MaybeNullable<TSource>(this TSource? source, Action<TSource> evaluate)
             where TSource : struct
     {

diff --git a/...ySystem/ISecurityContextDisplayService.cs → ...ySystem/ISecurityContextDisplayService.cs b/...ySystem/ISecurityContextDisplayService.cs → ...ySystem/ISecurityContextDisplayService.cs
diff --git a/src/_Authorization/Framework.Authorization.BLL.Core/Context/IAuthorizationBLLContext.cs b/src/_Authorization/Framework.Authorization.BLL.Core/Context/IAuthorizationBLLContext.cs
@@ -1,9 +1,9 @@
 using Framework.Authorization.Domain;
 using Framework.Authorization.Notification;
 using Framework.Authorization.SecuritySystem;
-using Framework.Authorization.SecuritySystem.ExternalSource;
 using Framework.Authorization.SecuritySystem.Validation;
 using Framework.Core;
+using Framework.DomainDriven.ApplicationCore.ExternalSource;
 using Framework.DomainDriven.BLL.Security;
 using Framework.DomainDriven.Tracking;
 using Framework.SecuritySystem;
@@ -38,13 +38,9 @@ public partial interface IAuthorizationBLLContext :
 
     TimeProvider TimeProvider { get; }
 
-    IAuthorizationExternalSource ExternalSource { get; }
+    ISecurityEntitySource ExternalSource { get; }
 
     INotificationPrincipalExtractor NotificationPrincipalExtractor { get; }
 
     SecurityContextType GetSecurityContextType(Type type);
-
-    SecurityContextType GetSecurityContextType(string domainTypeName);
-
-    SecurityContextType GetSecurityContextType(Guid domainTypeId);
 }
diff --git a/...orization/Framework.Authorization.BLL.Core/Logics/LegacyNotificationPrincipalExtractor.cs b/...orization/Framework.Authorization.BLL.Core/Logics/LegacyNotificationPrincipalExtractor.cs
@@ -9,18 +9,12 @@
 
 namespace Framework.Authorization.BLL;
 
-public class LegacyNotificationPrincipalExtractor : BLLContextContainer<IAuthorizationBLLContext>, INotificationPrincipalExtractor
+public class LegacyNotificationPrincipalExtractor(
+    IAuthorizationBLLContext context,
+    INotificationBasePermissionFilterSource notificationBasePermissionFilterSource,
+    ISecurityContextSource securityContextSource)
+    : BLLContextContainer<IAuthorizationBLLContext>(context), INotificationPrincipalExtractor
 {
-    private readonly INotificationBasePermissionFilterSource notificationBasePermissionFilterSource;
-
-    public LegacyNotificationPrincipalExtractor(
-        IAuthorizationBLLContext context,
-        INotificationBasePermissionFilterSource notificationBasePermissionFilterSource)
-        : base(context)
-    {
-        this.notificationBasePermissionFilterSource = notificationBasePermissionFilterSource;
-    }
-
     public IEnumerable<Principal> GetNotificationPrincipalsByRoles(
         SecurityRole[] securityRoles,
         IEnumerable<NotificationFilterGroup> notificationFilterGroups)
@@ -36,7 +30,7 @@ private IEnumerable<Principal[]> GetInternalNotificationPrincipals(SecurityRole[
         if (securityRoles == null) throw new ArgumentNullException(nameof(securityRoles));
         if (baseNotificationFilterGroups == null) throw new ArgumentNullException(nameof(baseNotificationFilterGroups));
 
-        var baseNotificationFilter = this.notificationBasePermissionFilterSource.GetBasePermissionFilter(securityRoles);
+        var baseNotificationFilter = notificationBasePermissionFilterSource.GetBasePermissionFilter(securityRoles);
 
         foreach (var notificationFilterGroups in baseNotificationFilterGroups.PermuteByExpand())
         {
@@ -46,9 +40,7 @@ private IEnumerable<Principal[]> GetInternalNotificationPrincipals(SecurityRole[
             {
                 var tailGroups = notificationFilterGroups.Skip(1).ToArray();
 
-                var firstGroupSecurityContextType = this.Context.GetSecurityContextType(firstGroup.SecurityContextType);
-
-                var firstGroupExternalSource = this.Context.ExternalSource.GetTyped(firstGroupSecurityContextType);
+                var firstGroupExternalSource = this.Context.ExternalSource.GetTyped(firstGroup.SecurityContextType);
 
                 foreach (var preExpandedIdent in firstGroup.Idents)
                 {
@@ -95,23 +87,23 @@ private IEnumerable<Principal> GetDirectNotificationPrincipals(
 
         var totalFilter = notificationFilterGroups.Aggregate(baseNotificationFilter, (accumFilter, group) =>
         {
-            var securityContextType = this.Context.GetSecurityContextType(group.SecurityContextType);
-
-            var securityContextTypeFilter = this.GetDirectPermissionFilter(securityContextType, group.Idents, group.ExpandType.AllowEmpty());
+            var securityContextTypeFilter = this.GetDirectPermissionFilter(group.SecurityContextType, group.Idents, group.ExpandType.AllowEmpty());
 
             return accumFilter.BuildAnd(securityContextTypeFilter);
         });
 
         return this.GetNotificationPrincipalsByRoles(totalFilter);
     }
 
-    private Expression<Func<Permission, bool>> GetDirectPermissionFilter(SecurityContextType securityContextType, IEnumerable<Guid> idetns, bool allowEmpty)
+    private Expression<Func<Permission, bool>> GetDirectPermissionFilter(Type securityContextType, IEnumerable<Guid> idetns, bool allowEmpty)
     {
         if (securityContextType == null) throw new ArgumentNullException(nameof(securityContextType));
         if (idetns == null) throw new ArgumentNullException(nameof(idetns));
 
-        return permission => permission.Restrictions.Any(fi => fi.SecurityContextType == securityContextType && idetns.Contains(fi.SecurityContextId))
-                             || (allowEmpty && permission.Restrictions.All(fi => fi.SecurityContextType != securityContextType));
+        var securityContextTypeId = securityContextSource.GetSecurityContextInfo(securityContextType).Id;
+
+        return permission => permission.Restrictions.Any(fi => fi.SecurityContextType.Id == securityContextTypeId && idetns.Contains(fi.SecurityContextId))
+                             || (allowEmpty && permission.Restrictions.All(fi => fi.SecurityContextType.Id != securityContextTypeId));
     }
 
     private IEnumerable<Principal> GetNotificationPrincipalsByRoles(Expression<Func<Permission, bool>> filter)

diff --git a/...tion/Framework.Authorization.BLL.Core/_Generated/Authorization.ValidationMap.Generated.cs b/...tion/Framework.Authorization.BLL.Core/_Generated/Authorization.ValidationMap.Generated.cs
@@ -146,10 +146,6 @@ protected override Framework.Validation.IClassValidationMap<TSource> GetInternal
             {
                 return ((Framework.Validation.IClassValidationMap<TSource>)(this.GetSecurityContextTypeValidationMap()));
             }
-            else if ((typeof(TSource) == typeof(Framework.Authorization.Domain.SecurityEntity)))
-            {
-                return ((Framework.Validation.IClassValidationMap<TSource>)(this.GetSecurityEntityValidationMap()));
-            }
             else if ((typeof(TSource) == typeof(Framework.Authorization.Domain.UpdatePermissionDelegatesModel)))
             {
                 return ((Framework.Validation.IClassValidationMap<TSource>)(this.GetUpdatePermissionDelegatesModelValidationMap()));
@@ -379,21 +375,6 @@ protected override Framework.Validation.IClassValidationMap<TSource> GetInternal
             return new Framework.Validation.ClassValidationMap<Framework.Authorization.Domain.SecurityContextType>(this.GetSecurityContextTypeProperties);
         }
 
-        protected virtual System.Collections.Generic.IEnumerable<Framework.Validation.IPropertyValidator<Framework.Authorization.Domain.SecurityEntity, string>> GetSecurityEntity_NameValidators()
-        {
-            yield return new Framework.Validation.MaxLengthValidator.StringMaxLengthValidator<Framework.Authorization.Domain.SecurityEntity>(this.AvailableValues.GetAvailableSize<string>());
-        }
-
-        protected virtual System.Collections.Generic.IEnumerable<Framework.Validation.IPropertyValidationMap<Framework.Authorization.Domain.SecurityEntity>> GetSecurityEntityProperties(Framework.Validation.IClassValidationMap<Framework.Authorization.Domain.SecurityEntity> currentClass)
-        {
-            yield return new Framework.Validation.SinglePropertyValidationMap<Framework.Authorization.Domain.SecurityEntity, string>(source => source.Name, currentClass, this.GetSecurityEntity_NameValidators(), this.GetClassMap<string>(true));
-        }
-
-        protected virtual Framework.Validation.IClassValidationMap<Framework.Authorization.Domain.SecurityEntity> GetSecurityEntityValidationMap()
-        {
-            return new Framework.Validation.ClassValidationMap<Framework.Authorization.Domain.SecurityEntity>(this.GetSecurityEntityProperties);
-        }
-
         protected virtual System.Collections.Generic.IEnumerable<Framework.Validation.IPropertyValidator<Framework.Authorization.Domain.UpdatePermissionDelegatesModel, System.Collections.Generic.IList<Framework.Authorization.Domain.DelegateToItemModel>>> GetUpdatePermissionDelegatesModel_AddItemsValidators()
         {
             yield return new Framework.Validation.RequiredValidator<Framework.Authorization.Domain.UpdatePermissionDelegatesModel, System.Collections.Generic.IList<Framework.Authorization.Domain.DelegateToItemModel>>(Framework.Restriction.RequiredMode.Default);

diff --git a/...rization/Framework.Authorization.BLL.Core/_Generated/Authorization.Validator.Generated.cs b/...rization/Framework.Authorization.BLL.Core/_Generated/Authorization.Validator.Generated.cs
@@ -34,7 +34,6 @@ public AuthorizationValidatorBase(Framework.Authorization.BLL.IAuthorizationBLLC
             base.RegisterHandler<Framework.Authorization.Domain.PermissionRestriction>(this.GetPermissionRestrictionValidationResult);
             base.RegisterHandler<Framework.Authorization.Domain.Principal>(this.GetPrincipalValidationResult);
             base.RegisterHandler<Framework.Authorization.Domain.SecurityContextType>(this.GetSecurityContextTypeValidationResult);
-            base.RegisterHandler<Framework.Authorization.Domain.SecurityEntity>(this.GetSecurityEntityValidationResult);
             base.RegisterHandler<Framework.Authorization.Domain.UpdatePermissionDelegatesModel>(this.GetUpdatePermissionDelegatesModelValidationResult);
         }
 
@@ -78,11 +77,6 @@ protected virtual Framework.Validation.ValidationResult GetSecurityContextTypeVa
             return base.GetValidationResult(source, operationContext, ownerState, false);
         }
 
-        protected virtual Framework.Validation.ValidationResult GetSecurityEntityValidationResult(Framework.Authorization.Domain.SecurityEntity source, Framework.Authorization.Domain.AuthorizationOperationContext operationContext, Framework.Validation.IValidationState ownerState)
-        {
-            return base.GetValidationResult(source, operationContext, ownerState, false);
-        }
-
         protected virtual Framework.Validation.ValidationResult GetUpdatePermissionDelegatesModelValidationResult(Framework.Authorization.Domain.UpdatePermissionDelegatesModel source, Framework.Authorization.Domain.AuthorizationOperationContext operationContext, Framework.Validation.IValidationState ownerState)
         {
             return base.GetValidationResult(source, operationContext, ownerState, false);