-
Notifications
You must be signed in to change notification settings - Fork 50
/
Copy pathDurandalAuthDbContextProvider.cs
162 lines (132 loc) · 6.17 KB
/
DurandalAuthDbContextProvider.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Breeze.WebApi;
using Breeze.WebApi.EF;
using DurandalAuth.Domain.Model;
using System.Web.Security;
using WebMatrix.WebData;
namespace DurandalAuth.Data
{
/// <summary>
/// Define here your business rules
/// </summary>
public class DurandalAuthDbContextProvider : EFContextProvider<DurandalAuthDbContext>
{
public DurandalAuthDbContextProvider() : base() { }
/// <summary>
/// Actions to perform before save any entity
/// </summary>
/// <param name="entityInfo">The entity info</param>
/// <returns>true/false</returns>
protected override bool BeforeSaveEntity(EntityInfo entityInfo) {
// Add custom logic here in order to save entities
// Return false if don´t want to save the entity
// - Before saving articles we have to create the custom UrlCodeReference in order to access them from a url route
// - Before saving articles we have to fill the Audit info
if (entityInfo.Entity.GetType() == typeof(Article))
{
Article article = entityInfo.Entity as Article;
if (entityInfo.EntityState == EntityState.Added)
{
article.SetUrlReference();
article.CreatedBy = WebSecurity.CurrentUserName;
article.CreatedDate = DateTime.UtcNow;
article.UpdatedBy = WebSecurity.CurrentUserName;
article.UpdatedDate = DateTime.UtcNow;
}
if (entityInfo.EntityState == EntityState.Modified)
{
article.UpdatedBy = WebSecurity.CurrentUserName;
article.UpdatedDate = DateTime.UtcNow;
}
}
// - Before saving categories we have to create the custom UrlCodeReference in order to access them from a url route
if (entityInfo.Entity.GetType() == typeof(Category))
{
Category category = entityInfo.Entity as Category;
if (entityInfo.EntityState == EntityState.Added)
{
category.SetUrlReference();
}
}
return true;
}
protected override Dictionary<Type, List<EntityInfo>> BeforeSaveEntities(Dictionary<Type, List<EntityInfo>> saveMap) {
// Add custom logic here in order to save entities
List<EntityInfo> userprofiles;
// - In order to save and manage accounts you need to use the AccountController and not Breeze
if (saveMap.TryGetValue(typeof(UserProfile), out userprofiles))
{
var errors = userprofiles.Select(oi =>
{
return new EFEntityError(oi, "Save Failed", "Cannot save Users using the Breeze api", "UserProfileId");
});
throw new EntityErrorsException(errors);
}
List<EntityInfo> articles;
// - Only registered users can save articles
// - Only article owner can save the article
if (saveMap.TryGetValue(typeof(Article), out articles))
{
if (articles.Any())
{
// Mandatory => Registered users saving articles
if (!Roles.IsUserInRole("User") || !WebSecurity.IsAuthenticated)
{
var errors = articles.Select(oi =>
{
return new EFEntityError(oi, "Save Failed", "Only registered and authenticated users can save articles", "ArticleId");
});
throw new EntityErrorsException(errors);
}
// Mandatory => Only article owner can save the article
articles.ForEach(a => {
Article article = a.Entity as Article;
if (
(a.EntityState == EntityState.Modified || a.EntityState == EntityState.Added || a.EntityState == EntityState.Deleted) &&
article.CreatedBy != WebSecurity.CurrentUserName
)
{
throw new EntityErrorsException(new List<EFEntityError>() {
new EFEntityError(a, "Save Failed", "You don´t have permissions for save this article", "ArticleId")
});
}
});
}
}
List<EntityInfo> categories;
// - Only administrators can save categories
if (saveMap.TryGetValue(typeof(Category), out categories))
{
if (categories.Any() && !Roles.IsUserInRole("Administrator"))
{
var errors = categories.Select(oi =>
{
return new EFEntityError(oi, "Save Failed", "Only administrators can save categories", "CategoryId");
});
throw new EntityErrorsException(errors);
}
}
List<EntityInfo> tags;
// - Only authenticated user can save tags
if (saveMap.TryGetValue(typeof(Tag), out tags))
{
if (tags.Any())
{
if (!Roles.IsUserInRole("User") || !WebSecurity.IsAuthenticated)
{
var errors = userprofiles.Select(oi =>
{
return new EFEntityError(oi, "Save Failed", "Only registered users can save tags", "TagId");
});
throw new EntityErrorsException(errors);
}
}
}
return saveMap;
}
}
}