jbourdon/social-media
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged PR 73: Features to use roleManager and display roles of currentUser in the getCurrentUser endpoint

Browse Source 
Related work items: #48
This commit is contained in:
Dominic Villemure
2024-06-06 21:57:42 +00:00
parent 82b01c9448 c31b3a2e71
commit 0da652b4a4
20 changed files with 215 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/Application/Common/Interfaces/IIdentityService.cs
View File

@@ -5,12 +5,13 @@ namespace Hutopy.Application.Common.Interfaces;
public interface IIdentityService
{
Task<string?> GetUserNameAsync(string userId);
Task<Result> CreateUserAsync(string email, string userName, string firstName, string lastName, string password);
Task<UserModel?> FindUserByIdAsync(string id);
Task<UserModel?> GetCurrentUserAsync();
Task<UserModel?> FindUserByEmailAsync(string id);
Task<bool> IsInRoleAsync(string userId, string role);
Task<bool> AuthorizeAsync(string userId, string policyName);
Task<(Result Result, string UserId)> CreateUserAsync(string userName, string password);
Task<Result> AddRoleAsync(string userId, string role);
Task<IList<string>> GetCurrentUserRolesAsync();
Task<Result> DeleteUserAsync(string userId);
}

10
src/Application/Common/Interfaces/IRoleService.cs Normal file
View File

@@ -0,0 +1,10 @@
using Hutopy.Application.Common.Models;
namespace Hutopy.Application.Common.Interfaces;
public interface IRoleService
{
public Task<Result> CreateRoleAsync(string roleName);
public Task<Result> DeleteRoleAsync(string roleName);
public Task<RoleModel?> FindRoleByIdAsync(string roleId);
}

7
src/Application/Common/Models/RoleModel.cs Normal file
View File

@@ -0,0 +1,7 @@
namespace Hutopy.Application.Common.Models;
public class RoleModel
{
public string? Id { get; set; }
public string? Name { get; set; }
}

2
src/Domain/Models/UserModel.cs → src/Application/Common/Models/UserModel.cs
View File

@@ -1,4 +1,4 @@
namespace Hutopy.Domain.Models;
namespace Hutopy.Application.Common.Models;
public class UserModel
{

3
src/Application/DependencyInjection.cs
View File

@@ -1,4 +1,5 @@
using System.Reflection;
using Hutopy.Application.Common.Behaviours;
using Microsoft.Extensions.DependencyInjection;
namespace Hutopy.Application;
@@ -15,7 +16,7 @@ public static class DependencyInjection
{
cfg.RegisterServicesFromAssembly(Assembly.GetExecutingAssembly());
//cfg.AddBehavior(typeof(IPipelineBehavior<,>), typeof(UnhandledExceptionBehaviour<,>));
//cfg.AddBehavior(typeof(IPipelineBehavior<,>), typeof(AuthorizationBehaviour<,>));
cfg.AddBehavior(typeof(IPipelineBehavior<,>), typeof(AuthorizationBehaviour<,>));
//cfg.AddBehavior(typeof(IPipelineBehavior<,>), typeof(ValidationBehaviour<,>));
//cfg.AddBehavior(typeof(IPipelineBehavior<,>), typeof(PerformanceBehaviour<,>));
});

2
src/Application/FutureCreators/Queries/GetFutureCreatorList.cs
View File

@@ -2,9 +2,11 @@
using Hutopy.Application.Common.Interfaces;
using Hutopy.Application.Common.Mappings;
using Hutopy.Application.Common.Models;
using Hutopy.Application.Common.Security;
namespace Hutopy.Application.FutureCreators.Queries;
[Authorize(Roles = "Administrator")]
public record GetFutureCreatorListQuery : IRequest<PaginatedList<FutureCreatorListDto>>
{
public int PageNumber { get; init; } = 1;

20
src/Application/Users/Commands/CreateUser.cs
View File

@@ -1,8 +1,4 @@
using System.Dynamic;
using Hutopy.Application.Common.Interfaces;
using Hutopy.Domain.Entities;
using Hutopy.Domain.Interfaces;
using Microsoft.EntityFrameworkCore;
using Hutopy.Application.Common.Interfaces;
namespace Hutopy.Application.Users.Commands;
public record CreateUserCommand : IRequest<Guid>
@@ -17,24 +13,22 @@ public record CreateUserCommand : IRequest<Guid>
public class CreateUserCommandHandler : IRequestHandler<CreateUserCommand, Guid>
{
private readonly IApplicationDbContext _context;
private readonly IUserService _userService;
private readonly IIdentityService _identityService;
public CreateUserCommandHandler(IApplicationDbContext context, IUserService userService)
public CreateUserCommandHandler(IApplicationDbContext context, IIdentityService identityService)
{
_context = context;
_userService = userService;
_identityService = identityService;
}
public async Task<Guid> Handle(CreateUserCommand request, CancellationToken cancellationToken)
{
// Dont really need the handler for the create. The get will work like this :
var user = await _userService.FindUserByIdAsync("072ae7d5-8c4a-4a0f-b250-7d39941125cb");
// var user2 = await _userService.FindUserByEmailAsync("test10@hotmail.com");
await _identityService.CreateUserAsync(request.EmailAddress, request.UserName, request.FirstName, request.LastName, request.Password);
var tt = user?.FirstName;
var user = await _identityService.FindUserByEmailAsync(request.EmailAddress);
await _context.SaveChangesAsync(cancellationToken);
return Guid.NewGuid();
return new Guid(user?.Id ?? string.Empty);
}
}

12
src/Application/Users/Queries/GetCurrentUser/GetCurrentUser.cs
View File

@@ -1,5 +1,4 @@
using Hutopy.Application.Common.Interfaces;
using Hutopy.Domain.Interfaces;
namespace Hutopy.Application.Users.Queries.GetCurrentUser;
@@ -8,13 +7,13 @@ public record GetCurrentUserQuery : IRequest<UserDto>;
public class GetCurrentUserQueryHandler(
IApplicationDbContext context,
IMapper mapper,
IUserService userService
IIdentityService identityService
)
: IRequestHandler<GetCurrentUserQuery, UserDto>
{
public async Task<UserDto> Handle(GetCurrentUserQuery request, CancellationToken cancellationToken)
{
var identityUser = await userService.GetCurrentUserAsync();
var identityUser = await identityService.GetCurrentUserAsync();
var currentUserId = new Guid(identityUser?.Id ?? "");
var transactions = await context.UserTransactions
@@ -24,14 +23,17 @@ public class GetCurrentUserQueryHandler(
.Where(x => x.IsConfirmed == true)
.ToListAsync(cancellationToken);
var user = new UserDto()
var roles = await identityService.GetCurrentUserRolesAsync();
var user = new UserDto
{
Id = currentUserId,
FirstName = identityUser?.FirstName ?? "",
LastName = identityUser?.LastName ?? "",
UserName =identityUser?.UserName ?? "",
UserTransactions = transactions,
TotalBalance = transactions.Sum(x => x.Amount)
TotalBalance = transactions.Sum(x => x.Amount),
UserRoles = roles
};
return user;

1
src/Application/Users/Queries/GetCurrentUser/UserDto.cs
View File

@@ -7,6 +7,7 @@ public class UserDto
public required string LastName { get; init; }
public string UserName { get; init; } = String.Empty;
public List<UserTransactionDto> UserTransactions { get; init; } = [];
public IList<string> UserRoles { get; init; } = [];
public required decimal TotalBalance { get; init; }

8
src/Application/Users/Queries/GetMinimalUser/GetMinimalUser.cs
View File

@@ -1,4 +1,4 @@
using Hutopy.Domain.Interfaces;
using Hutopy.Application.Common.Interfaces;
namespace Hutopy.Application.Users.Queries.GetMinimalUser;
@@ -8,15 +8,15 @@ public record GetMinimalUserQuery : IRequest<MinimalUserDto>
};
public class GetMinimalUserQueryHandler(
IUserService userService
IIdentityService identityService
)
: IRequestHandler<GetMinimalUserQuery, MinimalUserDto>
{
public async Task<MinimalUserDto> Handle(GetMinimalUserQuery request, CancellationToken cancellationToken)
{
var identityUser = await userService.FindUserByIdAsync(request.UserId);
var identityUser = await identityService.FindUserByIdAsync(request.UserId);
var user = new MinimalUserDto()
var user = new MinimalUserDto
{
FirstName = identityUser?.FirstName ?? "",
LastName = identityUser?.LastName ?? "",

13
src/Domain/Interfaces/IUserService.cs
View File

@@ -1,13 +0,0 @@
using Hutopy.Domain.Models;
namespace Hutopy.Domain.Interfaces;
public interface IUserService
{
Task CreateUserAsync(string email, string userName, string firstName, string lastName, string password);
Task<UserModel?> FindUserByIdAsync(string id);
Task<UserModel?> GetCurrentUserAsync();
Task<UserModel?> FindUserByEmailAsync(string id);
}

9
src/Infrastructure/DependencyInjection.cs
View File

@@ -1,11 +1,8 @@
using System;
using Hutopy.Application.Common.Interfaces;
using Hutopy.Application.Common.Interfaces;
using Hutopy.Domain.Constants;
using Hutopy.Domain.Interfaces;
using Hutopy.Infrastructure.Data;
using Hutopy.Infrastructure.Data.Interceptors;
using Hutopy.Infrastructure.Identity;
using Hutopy.Infrastructure.Services;
using Hutopy.Infrastructure.Stripe;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
@@ -51,8 +48,6 @@ public static class DependencyInjection
.AddBearerToken(IdentityConstants.BearerScheme);
services.AddAuthorizationBuilder();
services.AddScoped<IUserService, UserService>();
// Might need to change and use AddIdentity<User, Role>() when we need to integrate connection via third party ( facebook, google )
services
@@ -62,7 +57,7 @@ public static class DependencyInjection
.AddApiEndpoints();
services.AddSingleton(TimeProvider.System);
services.AddTransient<IIdentityService, IdentityService>();
services.AddScoped<IIdentityService, IdentityService>();
services.AddTransient<IStripeService, StripeService>();
services.AddAuthorization(options =>

7
src/Infrastructure/Identity/ApplicationRole.cs Normal file
View File

@@ -0,0 +1,7 @@
using Microsoft.AspNetCore.Identity;
namespace Hutopy.Infrastructure.Identity;
public class ApplicationRole : IdentityRole
{
}

104
src/Infrastructure/Identity/IdentityService.cs
View File

@@ -1,6 +1,8 @@
using System.Security.Claims;
using Hutopy.Application.Common.Interfaces;
using Hutopy.Application.Common.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
namespace Hutopy.Infrastructure.Identity;
@@ -8,7 +10,9 @@ namespace Hutopy.Infrastructure.Identity;
public class IdentityService(
UserManager<ApplicationUser> userManager,
IUserClaimsPrincipalFactory<ApplicationUser> userClaimsPrincipalFactory,
IAuthorizationService authorizationService)
IAuthorizationService authorizationService,
IHttpContextAccessor contextAccessor
)
: IIdentityService
{
public async Task<string?> GetUserNameAsync(string userId)
@@ -30,6 +34,68 @@ public class IdentityService(
return (result.ToApplicationResult(), user.Id);
}
public async Task<Result> CreateUserAsync(string email, string userName, string firstName, string lastName, string password)
{
var applicationUser = new ApplicationUser
{
UserName = userName,
Email = email,
FirstName = firstName,
LastName = lastName
};
var response = await userManager.CreateAsync(applicationUser, password);
return response.ToApplicationResult();
}
public async Task<UserModel?> FindUserByIdAsync(string id)
{
var response = await userManager.FindByIdAsync(id);
if (response == null) return null;
var userModel = new UserModel()
{
Id = response.Id,
UserName = response.UserName,
FirstName = response.FirstName,
LastName = response.LastName,
Email = response.Email,
};
return userModel;
}
public async Task<UserModel?> GetCurrentUserAsync()
{
var currentUserId = contextAccessor.HttpContext?.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (string.IsNullOrEmpty(currentUserId))
{
return null;
}
return await FindUserByIdAsync(currentUserId);
}
public async Task<UserModel?> FindUserByEmailAsync(string email)
{
var response = await userManager.FindByEmailAsync(email);
if (response == null) return null;
var userModel = new UserModel
{
Id = response.Id,
UserName = response.UserName,
FirstName = response.FirstName,
LastName = response.LastName,
Email = response.Email
};
return userModel;
}
public async Task<bool> IsInRoleAsync(string userId, string role)
{
@@ -37,6 +103,14 @@ public class IdentityService(
return user != null && await userManager.IsInRoleAsync(user, role);
}
public async Task<bool> CurrentUserIsInRoleAsync(string role)
{
var currentUserModel = await GetCurrentUserAsync();
var currentUser = await userManager.FindByIdAsync(currentUserModel?.Id ?? "");
return currentUser != null && await userManager.IsInRoleAsync(currentUser, role);
}
public async Task<bool> AuthorizeAsync(string userId, string policyName)
{
@@ -67,4 +141,32 @@ public class IdentityService(
return result.ToApplicationResult();
}
public async Task<Result> AddRoleAsync(string userId, string role)
{
var hasAdminAccess = await CurrentUserIsInRoleAsync("Administrator");
if (!hasAdminAccess) return Result.Failure(new []{"Only administrator can assign new roles to a user."});
var user = await userManager.FindByIdAsync(userId);
if (user is null) return Result.Failure(new []{"User not found."});
var result = await userManager.AddToRoleAsync(user, role);
return result.ToApplicationResult();
}
public async Task<IList<string>> GetCurrentUserRolesAsync()
{
var currentUserModel = await GetCurrentUserAsync();
var currentUser = await userManager.FindByIdAsync(currentUserModel?.Id ?? "");
if (currentUser is null) return [];
var userRoles = await userManager.GetRolesAsync(currentUser);
return userRoles;
}
}

49
src/Infrastructure/Identity/RoleService.cs Normal file
View File

@@ -0,0 +1,49 @@
using Hutopy.Application.Common.Interfaces;
using Hutopy.Application.Common.Models;
using Microsoft.AspNetCore.Identity;
namespace Hutopy.Infrastructure.Identity;
public class RoleService(
RoleManager<ApplicationRole> roleManager
)
: IRoleService
{
public async Task<Result> CreateRoleAsync(string roleName)
{
var role = new ApplicationRole { Name = roleName, Id = Guid.NewGuid().ToString()};
var result = await roleManager.CreateAsync(role);
return result.ToApplicationResult();
}
public async Task<Result> DeleteRoleAsync(string roleName)
{
var role = new ApplicationRole { Name = roleName };
var result = await roleManager.DeleteAsync(role);
return result.ToApplicationResult();
}
public async Task<RoleModel?> FindRoleByIdAsync(string roleId)
{
var result = await roleManager.FindByIdAsync(roleId);
if (result is null) return null;
var roleModel = new RoleModel { Id = result.Id, Name = result.Name };
return roleModel;
}
public async Task<RoleModel?> FindRoleByNameAsync(string roleName)
{
var result = await roleManager.FindByNameAsync(roleName);
if (result is null) return null;
var roleModel = new RoleModel { Id = result.Id, Name = result.Name };
return roleModel;
}
}

78
src/Infrastructure/Services/UserService.cs
View File

@@ -1,78 +0,0 @@
using System.Security.Claims;
using Hutopy.Domain.Interfaces;
using Hutopy.Domain.Models;
using Hutopy.Infrastructure.Identity;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
namespace Hutopy.Infrastructure.Services;
public class UserService(UserManager<ApplicationUser> userManager, IHttpContextAccessor contextAccessor) : IUserService
{
public async Task CreateUserAsync(string email, string userName, string firstName, string lastName, string password)
{
var applicationUser = new ApplicationUser
{
UserName = userName,
Email = email,
FirstName = firstName,
LastName = lastName
};
//todo: Need to handle errors better for the user.
var response = await userManager.CreateAsync(applicationUser, password);
if (response.Errors.Any())
{
throw new InvalidOperationException(response.Errors.First().Description);
}
}
public async Task<UserModel?> FindUserByIdAsync(string id)
{
var response = await userManager.FindByIdAsync(id);
if (response == null) return null;
var userModel = new UserModel()
{
Id = response.Id,
UserName = response.UserName,
FirstName = response.FirstName,
LastName = response.LastName,
Email = response.Email,
};
return userModel;
}
public async Task<UserModel?> GetCurrentUserAsync()
{
var currentUserId = contextAccessor.HttpContext?.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (string.IsNullOrEmpty(currentUserId))
{
return null;
}
return await FindUserByIdAsync(currentUserId);
}
public async Task<UserModel?> FindUserByEmailAsync(string email)
{
var response = await userManager.FindByEmailAsync(email);
if (response == null) return null;
var userModel = new UserModel()
{
Id = response.Id,
UserName = response.UserName,
FirstName = response.FirstName,
LastName = response.LastName,
Email = response.Email
};
return userModel;
}
}

4
src/Web/DependencyInjection.cs
View File

@@ -1,8 +1,6 @@
using Azure.Identity;
using Hutopy.Application.Common.Interfaces;
using Hutopy.Domain.Interfaces;
using Hutopy.Infrastructure.Data;
using Hutopy.Infrastructure.Services;
using Hutopy.Web.Services;
using Microsoft.AspNetCore.Mvc;
using NSwag;
@@ -17,8 +15,6 @@ public static class DependencyInjection
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddScoped<IUser, CurrentUser>();
services.AddScoped<IUserService, UserService>();
services.AddHttpContextAccessor();

4
src/Web/Endpoints/Users.cs
View File

@@ -1,6 +1,5 @@
using Hutopy.Application.Users.Commands;
using Hutopy.Application.Users.Queries.GetMinimalUser;
using Hutopy.Domain.Interfaces;
using Hutopy.Infrastructure.Identity;
namespace Hutopy.Web.Endpoints;
@@ -15,9 +14,8 @@ public class Users : EndpointGroupBase
.MapIdentityApi<ApplicationUser>();
}
private static async Task<Guid> CreateUser(ISender sender, CreateUserCommand command, IUserService userService)
private static async Task<Guid> CreateUser(ISender sender, CreateUserCommand command)
{
await userService.CreateUserAsync(command.EmailAddress, command.UserName, command.FirstName, command.LastName, command.Password);
return await sender.Send(command);
}

4
src/Web/Program.cs
View File

@@ -1,8 +1,6 @@
using Hutopy.Application;
using Hutopy.Domain.Interfaces;
using Hutopy.Infrastructure;
using Hutopy.Infrastructure.Data;
using Hutopy.Infrastructure.Services;
using Hutopy.Web;
using Azure.Identity;
@@ -47,8 +45,6 @@ builder.Services.AddApplicationServices();
builder.Services.AddInfrastructureServices(builder.Configuration);
builder.Services.AddWebServices();
builder.Services.AddScoped<IUserService, UserService>();
var app = builder.Build();
app.UseCors("AllowAll");

6
src/Web/wwwroot/api/specification.json
View File

@@ -711,6 +711,12 @@
"$ref": "#/components/schemas/UserTransactionDto"
}
},
"userRoles": {
"type": "array",
"items": {
"type": "string"
}
},
"totalBalance": {
"type": "number",
"format": "decimal"