Luxoft · iatsuta · Sep 6, 2024 · Sep 6, 2024 · Sep 6, 2024 · Sep 6, 2024
diff --git a/src/Framework.AutomationCore.ServiceEnvironment/Helpers/AuthManager.cs b/src/Framework.AutomationCore.ServiceEnvironment/Helpers/AuthManager.cs
@@ -37,7 +37,7 @@ public async Task AddUserRoleAsync(string principalName, TestPermission[] testPe
         {
             var securityRole = securityRoleSource.GetSecurityRole(testPermission.SecurityRole);
 
-            if (securityRole.IsVirtual)
+            if (securityRole.Information.IsVirtual)
             {
                 throw new Exception($"Assigned {nameof(SecurityRole)} {securityRole} can't be virtual");
             }

diff --git a/src/Framework.Configurator/Handlers/GetBusinessRoleHandler.cs b/src/Framework.Configurator/Handlers/GetBusinessRoleHandler.cs
@@ -24,8 +24,7 @@ protected override async Task<object> GetDataAsync(HttpContext context, Cancella
 
         var roleId = new Guid((string)context.Request.RouteValues["id"]!);
 
-        var operations = roleSource.GetRealRoles()
-                                   .Single(x => x.Id == roleId)
+        var operations = roleSource.GetSecurityRole(roleId)
                                    .Information
                                    .Operations
                                    .Select(o => new OperationDto { Name = o.Name, Description = operationInfoSource.GetSecurityOperationInfo(o).Description })

diff --git a/src/Framework.Configurator/Handlers/GetBusinessRolesHandler.cs b/src/Framework.Configurator/Handlers/GetBusinessRolesHandler.cs
@@ -22,12 +22,13 @@ protected override async Task<object> GetDataAsync(HttpContext context, Cancella
                                                    .ToList();
 
         return securityRoleSource
-               .GetRealRoles()
+               .SecurityRoles
                .Select(
                    x => new FullRoleDto
                         {
                             Id = x.Id,
                             Name = x.Name,
+                            IsVirtual = x.Information.IsVirtual,
                             Contexts =
                                 x.Information.Restriction.SecurityContextRestrictions?.Select(
                                     v => new RoleContextDto(securityContextSource.GetSecurityContextInfo(v.Type).Name, v.Required)).ToList()

diff --git a/src/Framework.Configurator/Handlers/GetOperationHandler.cs b/src/Framework.Configurator/Handlers/GetOperationHandler.cs
@@ -23,7 +23,7 @@ protected override async Task<object> GetDataAsync(HttpContext context, Cancella
 
         var operationName = (string)context.Request.RouteValues["name"]!;
 
-        var roles = roleSource.GetRealRoles()
+        var roles = roleSource.SecurityRoles
                               .Where(x => x.Information.Operations.Any(o => o.Name == operationName))
                               .ToList();
 

diff --git a/src/Framework.Configurator/Models/FullRoleDto.cs b/src/Framework.Configurator/Models/FullRoleDto.cs
@@ -2,5 +2,7 @@
 
 public class FullRoleDto : EntityDto
 {
+    public bool IsVirtual { get; set; }
+
     public List<RoleContextDto> Contexts { get; set; }
 }
diff --git a/src/Framework.Configurator/configurator-ui/package.json b/src/Framework.Configurator/configurator-ui/package.json
@@ -2,6 +2,7 @@
   "name": "configurator-ui",
   "version": "0.0.0",
   "scripts": {
+	"build": "ng build",
     "ng": "ng",
     "start": "ng serve --port 4201 --proxy-config proxy-local-back.conf.json",
     "start:dev": "ng serve --port 4202 --proxy-config proxy-dev-back.conf.json",

diff --git a/src/Framework.SecuritySystem.Abstract/SecurityRole/FullSecurityRole.cs b/src/Framework.SecuritySystem.Abstract/SecurityRole/FullSecurityRole.cs
@@ -5,6 +5,4 @@ public class FullSecurityRole(string name, SecurityRoleInfo information) : Secur
     public SecurityRoleInfo Information { get; } = information;
 
     public Guid Id => this.Information.Id;
-
-    public bool IsVirtual => this.Id == default;
 }
diff --git a/src/Framework.SecuritySystem.Abstract/SecurityRole/SecurityRoleInfo.cs b/src/Framework.SecuritySystem.Abstract/SecurityRole/SecurityRoleInfo.cs
@@ -15,4 +15,6 @@ public record SecurityRoleInfo(Guid Id)
     public string? Description { get; init; }
 
     public string? CustomName { get; init; }
+
+    public bool IsVirtual { get; init; }
 }
diff --git a/src/Framework.SecuritySystem.Abstract/SecurityRule/DomainSecurityRule.cs b/src/Framework.SecuritySystem.Abstract/SecurityRule/DomainSecurityRule.cs
@@ -115,6 +115,11 @@ public override string ToString() => this.SecurityRoles.Count == 1
                                                  ? this.SecurityRoles.Single().Name
                                                  : $"[{this.SecurityRoles.Join(", ", sr => sr.Name)}]";
 
+        public static ExpandedRolesSecurityRule Create(IEnumerable<SecurityRole> securityRoles)
+        {
+            return new ExpandedRolesSecurityRule(DeepEqualsCollection.Create(securityRoles));
+        }
+
         public static ExpandedRolesSecurityRule operator +(ExpandedRolesSecurityRule rule1, ExpandedRolesSecurityRule rule2)
         {
             if (rule1.CustomExpandType != rule2.CustomExpandType)

diff --git a/src/Framework.SecuritySystem/SecurityRole/SecurityRoleSource.cs b/src/Framework.SecuritySystem/SecurityRole/SecurityRoleSource.cs
@@ -16,7 +16,7 @@ public SecurityRoleSource(IEnumerable<FullSecurityRole> securityRoles)
 
         this.Validate();
 
-        this.securityRoleByIdDict = this.SecurityRoles.Where(sr => !sr.IsVirtual).ToDictionary(v => v.Id);
+        this.securityRoleByIdDict = this.SecurityRoles.ToDictionary(v => v.Id);
 
         this.securityRoleByNameDict = this.SecurityRoles.ToDictionary(v => v.Name);
 
@@ -42,12 +42,12 @@ public FullSecurityRole GetSecurityRole(Guid id)
 
     public IEnumerable<FullSecurityRole> GetRealRoles()
     {
-        return this.SecurityRoles.Where(sr => !sr.IsVirtual);
+        return this.SecurityRoles.Where(sr => !sr.Information.IsVirtual);
     }
 
     private void Validate()
     {
-        var idDuplicates = this.GetRealRoles()
+        var idDuplicates = this.SecurityRoles
                                .GetDuplicates(
                                    new EqualityComparerImpl<FullSecurityRole>(
                                        (sr1, sr2) => sr1.Id == sr2.Id,

diff --git a/src/Framework.SecuritySystem/Services/SecurityRolesIdentsResolver.cs b/src/Framework.SecuritySystem/Services/SecurityRolesIdentsResolver.cs
@@ -11,9 +11,8 @@ public IEnumerable<Guid> Resolve(DomainSecurityRule.RoleBaseSecurityRule securit
     {
         return securityRuleExpander.FullExpand(securityRule)
                                    .SecurityRoles
-                                   .Distinct()
                                    .Select(securityRoleSource.GetSecurityRole)
-                                   .Where(sr => !sr.IsVirtual)
+                                   .Where(sr => !sr.Information.IsVirtual)
                                    .Select(sr => sr.Id);
     }
 }
diff --git a/...horization/Framework.Authorization.Notification/NotificationBasePermissionFilterSource.cs b/...horization/Framework.Authorization.Notification/NotificationBasePermissionFilterSource.cs
@@ -2,20 +2,21 @@
 
 using Framework.Authorization.Domain;
 using Framework.Authorization.SecuritySystem;
+using Framework.Core;
 using Framework.SecuritySystem;
 
 namespace Framework.Authorization.Notification;
 
 public class NotificationBasePermissionFilterSource(
     IAvailablePermissionSource availablePermissionSource,
-    ISecurityRoleSource securityRoleSource)
+    ISecurityRolesIdentsResolver securityRolesIdentsResolver)
     : INotificationBasePermissionFilterSource
 {
     public Expression<Func<Permission, bool>> GetBasePermissionFilter(SecurityRole[] securityRoles)
     {
         if (securityRoles == null) throw new ArgumentNullException(nameof(securityRoles));
 
-        var businessRoleIdents = securityRoles.Select(securityRoleSource.GetSecurityRole).Where(sr => !sr.IsVirtual).Select(sr => sr.Id).ToList();
+        var businessRoleIdents = securityRolesIdentsResolver.Resolve(DomainSecurityRule.ExpandedRolesSecurityRule.Create(securityRoles)).ToList();
 
         var permissionQ = availablePermissionSource.GetAvailablePermissionsQueryable(applyCurrentUser: false);
 

diff --git a/src/_SampleSystem/SampleSystem.Security/SampleSystemSecuritySystemExtensions.cs b/src/_SampleSystem/SampleSystem.Security/SampleSystemSecuritySystemExtensions.cs
@@ -78,11 +78,18 @@ public static ISecuritySystemSettings AddSecurityRoles(this ISecuritySystemSetti
 
                .AddSecurityRole(
                    SampleSystemSecurityRole.TestVirtualRole,
-                   new SecurityRoleInfo(default) { Operations = [SampleSystemSecurityOperation.EmployeeView] })
+                   new SecurityRoleInfo(new Guid("{D75CFAB6-A089-4CEE-924E-0F057C627320}"))
+                   {
+                       IsVirtual = true,
+                       Operations = [SampleSystemSecurityOperation.EmployeeView]
+                   })
 
                .AddSecurityRole(
                    SampleSystemSecurityRole.TestVirtualRole2,
-                   new SecurityRoleInfo(default))
+                   new SecurityRoleInfo(new Guid("{649DE6F3-A943-46A3-9E81-AA056D24B52D}"))
+                   {
+                       IsVirtual = true,
+                   })
 
                .AddSecurityRole(
                    SampleSystemSecurityRole.PermissionAdministrator,