ServiceStack/src/ServiceStack.ServiceInterface/Auth/AssignRolesService.cs at async · IcodeNet/ServiceStack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
using System.Collections.Generic;
using System.Linq;
using ServiceStack.Common;
using ServiceStack.Common.Web;
using ServiceStack.ServiceInterface.ServiceModel;

namespace ServiceStack.ServiceInterface.Auth
{
    public class AssignRoles
    {
        public AssignRoles()
        {
            this.Roles = new List<string>();
            this.Permissions = new List<string>();
        }

        public string UserName { get; set; }

        public List<string> Permissions { get; set; }

        public List<string> Roles { get; set; }
    }

    public class AssignRolesResponse : IHasResponseStatus
    {
        public AssignRolesResponse()
        {
            this.AllRoles = new List<string>();
            this.AllPermissions = new List<string>();
        }

        public List<string> AllRoles { get; set; }

        public List<string> AllPermissions { get; set; }

        public ResponseStatus ResponseStatus { get; set; }
    }

    [RequiredRole(RoleNames.Admin)]
    public class AssignRolesService : RestServiceBase<AssignRoles>
    {
        public IUserAuthRepository UserAuthRepo { get; set; }

        public override object OnPost(AssignRoles request)
        {
            request.UserName.ThrowIfNullOrEmpty();

            var userAuth = UserAuthRepo.GetUserAuthByUserName(request.UserName);
            if (userAuth == null)
                throw HttpError.NotFound(request.UserName);

            if (!request.Roles.IsEmpty())
            {
                foreach (var missingRole in request.Roles.Where(x => !userAuth.Roles.Contains(x)))
                {
                    userAuth.Roles.Add(missingRole);
                }
            }
            if (!request.Permissions.IsEmpty())
            {
                foreach (var missingPermission in request.Permissions.Where(x => !userAuth.Permissions.Contains(x)))
                {
                    userAuth.Permissions.Add(missingPermission);
                }
            }

            UserAuthRepo.SaveUserAuth(userAuth);

            return new AssignRolesResponse {
                AllRoles = userAuth.Roles,
                AllPermissions = userAuth.Permissions,
            };
        }
    }
}