Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add admin role and expose it + add admin controller for testing #171

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Add admin role and expose it + add admin controller for testing #171

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions backend/src/StamAcasa.Api/Controllers/AdminController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace StamAcasa.Api.Controllers
{
[Authorize(AuthenticationSchemes = "answersApi", Roles = "Admin")]
[Route("api/admin")]
[ApiController]
public class AdminController : ControllerBase
{

[HttpGet]
public IActionResult Get()
{
return Content("Yes you are admin");
}
}
}
2 changes: 2 additions & 0 deletions backend/src/StamAcasa.IdentityServer/IdentityHostingStartup.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
using IdentityServer.Data;
using IdentityServerAspNetIdentity;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
Expand All @@ -21,6 +22,7 @@ public void Configure(IWebHostBuilder builder)
var emailConfirmation = context.Configuration.GetValue<bool>("EnableEmailConfirmation");
services.AddDefaultIdentity<ApplicationUser>(options =>
options.SignIn.RequireConfirmedAccount = emailConfirmation)
.AddRoles<IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>();

SeedData.EnsureSeedData(context.Configuration.GetConnectionString("ApplicationDbContextConnection"));
Expand Down
36 changes: 36 additions & 0 deletions backend/src/StamAcasa.IdentityServer/SeedData.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ public static void EnsureSeedData(string connectionString)
context.Database.Migrate();

var userMgr = scope.ServiceProvider.GetRequiredService<UserManager<ApplicationUser>>();
var roleManager = scope.ServiceProvider.GetRequiredService<RoleManager<IdentityRole>>();

var adminRole = CreateRole("Admin", roleManager);

var alice = userMgr.FindByNameAsync("[email protected]").Result;
if (alice == null)
{
Expand Down Expand Up @@ -64,6 +68,14 @@ public static void EnsureSeedData(string connectionString)
{
throw new Exception(result.Errors.First().Description);
}

result = userMgr.AddToRoleAsync(alice, adminRole.Name).Result;
if (!result.Succeeded)
{
throw new Exception(result.Errors.First().Description);
}


Log.Debug("alice created");
}
else
Expand Down Expand Up @@ -99,6 +111,12 @@ public static void EnsureSeedData(string connectionString)
{
throw new Exception(result.Errors.First().Description);
}

result = userMgr.AddToRoleAsync(bob, adminRole.Name).Result;
if (!result.Succeeded)
{
throw new Exception(result.Errors.First().Description);
}
Log.Debug("bob created");
}
else
Expand All @@ -108,5 +126,23 @@ public static void EnsureSeedData(string connectionString)
}
}
}

private static IdentityRole CreateRole(string roleName, RoleManager<IdentityRole> roleManager)
{
var role = roleManager.FindByNameAsync(roleName).Result;
if (role == null)
{
var identityRole = new IdentityRole(roleName);
var result = roleManager.CreateAsync(identityRole).Result;
if (!result.Succeeded)
{
throw new Exception(result.Errors.First().Description);
}

return identityRole;
}

return role;
}
}
}
208 changes: 104 additions & 104 deletions backend/src/StamAcasa.IdentityServer/appsettings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,110 +1,110 @@
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*",
"ConnectionStrings": {
"ApplicationDbContextConnection": "Server=postgres;Port=5432;Database=IdentityServer;User Id=docker;Password=docker;"
},
"ApiConfiguration": [
{
"Name": "answersApi",
"ClaimList": [ "openid" ],
"Secret": "svpqYnJSR8xzn8Rl"
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
{
"Name": "usersApi",
"Secret": "st4k!b7s$af201cv",
"ClaimList": [ "openid", "email" ]
}
],
"ClientApplications": [
{
"ClientId": "js",
"ClientName": "JavaScript Client",
"AllowedGrantTypes": [ "implicit" ],
"RequirePkce": false,
"RequireClientSecret": false,
"RequireConsent": false,
"RedirectUris": [
"http://localhost:3000/signin-oidc",
"http://localhost:3000/silent-refresh"
],
"PostLogoutRedirectUris": [ "http://localhost:3000/post-logout" ],
"AllowedCorsOrigins": [ "http://localhost:3000" ],
"AllowedScopes": [
"openid",
"email",
"answersApi",
"usersApi"
],
"AllowAccessTokensViaBrowser": true,
"AccessTokenType": 1
"AllowedHosts": "*",
"ConnectionStrings": {
"ApplicationDbContextConnection": "Server=postgres;Port=5432;Database=IdentityServer;User Id=docker;Password=docker;"
},
"ApiConfiguration": [
{
"Name": "answersApi",
"ClaimList": [ "openid", "role" ],
"Secret": "svpqYnJSR8xzn8Rl"
},
{
"Name": "usersApi",
"Secret": "st4k!b7s$af201cv",
"ClaimList": [ "openid", "email", "role" ]
}
],
"ClientApplications": [
{
"ClientId": "js",
"ClientName": "JavaScript Client",
"AllowedGrantTypes": [ "implicit" ],
"RequirePkce": false,
"RequireClientSecret": false,
"RequireConsent": false,
"RedirectUris": [
"http://localhost:3000/signin-oidc",
"http://localhost:3000/silent-refresh"
],
"PostLogoutRedirectUris": [ "http://localhost:3000/post-logout" ],
"AllowedCorsOrigins": [ "http://localhost:3000" ],
"AllowedScopes": [
"openid",
"email",
"answersApi",
"usersApi"
],
"AllowAccessTokensViaBrowser": true,
"AccessTokenType": 1
},
{
"ClientId": "jsdocker",
"ClientName": "JavaScript Client",
"AllowedGrantTypes": [ "implicit" ],
"RequirePkce": false,
"RequireClientSecret": false,
"RequireConsent": false,
"RedirectUris": [
"http://localhost:5002/signin-oidc",
"http://localhost:5002/silent-refresh"
],
"PostLogoutRedirectUris": [ "http://localhost:5002/post-logout" ],
"AllowedCorsOrigins": [ "http://localhost:5002" ],
"AllowedScopes": [
"openid",
"email",
"answersApi",
"usersApi"
],
"AllowAccessTokensViaBrowser": true,
"AccessTokenType": 1
},
{
"ClientId": "swaggerClientLocalhost",
"ClientName": "Swagger UI Client",
"AllowedGrantTypes": [ "implicit" ],
"RequirePkce": false,
"RequireClientSecret": false,
"RequireConsent": false,
"RedirectUris": [ "http://localhost:5008/swagger/oauth2-redirect.html" ],
"AllowedCorsOrigins": [ "http://localhost:5008" ],
"PostLogoutRedirectUris": [],
"AllowedScopes": [
"openid",
"email",
"answersApi",
"usersApi"
],
"AllowAccessTokensViaBrowser": true,
"AccessTokenType": 1
}
],
"EnableEmailConfirmation": true,
"EMailingSystem": "SendGrid",
"AdminFromName": "Admin",
"AdminFromEmail": "[email protected]",
"Smtp": {
"Host": "",
"Port": 0,
"User": "",
"Password": ""
},
{
"ClientId": "jsdocker",
"ClientName": "JavaScript Client",
"AllowedGrantTypes": [ "implicit" ],
"RequirePkce": false,
"RequireClientSecret": false,
"RequireConsent": false,
"RedirectUris": [
"http://localhost:5002/signin-oidc",
"http://localhost:5002/silent-refresh"
],
"PostLogoutRedirectUris": [ "http://localhost:5002/post-logout" ],
"AllowedCorsOrigins": [ "http://localhost:5002" ],
"AllowedScopes": [
"openid",
"email",
"answersApi",
"usersApi"
],
"AllowAccessTokensViaBrowser": true,
"AccessTokenType": 1
"SendGrid": {
"ApiKey": "",
"ClickTracking": false
},
{
"ClientId": "swaggerClientLocalhost",
"ClientName": "Swagger UI Client",
"AllowedGrantTypes": [ "implicit" ],
"RequirePkce": false,
"RequireClientSecret": false,
"RequireConsent": false,
"RedirectUris": [ "http://localhost:5008/swagger/oauth2-redirect.html" ],
"AllowedCorsOrigins": [ "http://localhost:5008" ],
"PostLogoutRedirectUris": [],
"AllowedScopes": [
"openid",
"email",
"answersApi",
"usersApi"
],
"AllowAccessTokensViaBrowser": true,
"AccessTokenType": 1
"RabbitMQ": {
"HostName": "localhost",
"Port": 5672,
"User": "user",
"Password": "password"
}
],
"EnableEmailConfirmation": true,
"EMailingSystem": "SendGrid",
"AdminFromName": "Admin",
"AdminFromEmail": "[email protected]",
"Smtp": {
"Host": "",
"Port": 0,
"User": "",
"Password": ""
},
"SendGrid": {
"ApiKey": "",
"ClickTracking": false
},
"RabbitMQ": {
"HostName": "localhost",
"Port": 5672,
"User": "user",
"Password": "password"
}
}