azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-04-22 22:06:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

separate Uploader role

Browse Source
This commit is contained in:
Alex Bezdieniezhnykh
2024-11-25 14:43:52 +02:00
parent f5e466108a
commit 08187495af
3 changed files with 28 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Azaion.Api/Program.cs
+18 -4
View File
@@ -35,8 +35,22 @@ builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
}; };
}); });
var apiAdminPolicy = new AuthorizationPolicyBuilder().RequireRole(RoleEnum.ApiAdmin.ToString()).Build(); #region Policies
builder.Services.AddAuthorization(o => o.AddPolicy("apiAdminPolicy", apiAdminPolicy));
var apiAdminPolicy = new AuthorizationPolicyBuilder()
.RequireRole(RoleEnum.ApiAdmin.ToString()).Build();
var apiUploaderPolicy = new AuthorizationPolicyBuilder()
.RequireRole(RoleEnum.ResourceUploader.ToString(), RoleEnum.ApiAdmin.ToString()).Build();
builder.Services.AddAuthorization(o =>
{
o.AddPolicy(nameof(apiAdminPolicy), apiAdminPolicy);
o.AddPolicy(nameof(apiUploaderPolicy), apiUploaderPolicy);
});
#endregion Policies
builder.Services.AddHttpContextAccessor(); builder.Services.AddHttpContextAccessor();
@@ -101,7 +115,7 @@ app.MapPost("/login",
app.MapPost("/users", app.MapPost("/users",
async (RegisterUserRequest registerUserRequest, IUserService userService, CancellationToken cancellationToken) async (RegisterUserRequest registerUserRequest, IUserService userService, CancellationToken cancellationToken)
=> await userService.RegisterUser(registerUserRequest, cancellationToken)) => await userService.RegisterUser(registerUserRequest, cancellationToken))
//.RequireAuthorization(apiAdminPolicy) .RequireAuthorization(apiAdminPolicy)
.WithOpenApi(op => new(op){ Summary = "Creates a new user"}); .WithOpenApi(op => new(op){ Summary = "Creates a new user"});
app.MapGet("/users", app.MapGet("/users",
@@ -114,7 +128,7 @@ app.MapPost("/resources",
async (IFormFile data, IResourcesService resourceService, CancellationToken cancellationToken) async (IFormFile data, IResourcesService resourceService, CancellationToken cancellationToken)
=> await resourceService.SaveResource(data, cancellationToken)) => await resourceService.SaveResource(data, cancellationToken))
.Accepts<IFormFile>("multipart/form-data") .Accepts<IFormFile>("multipart/form-data")
.RequireAuthorization(apiAdminPolicy) .RequireAuthorization(apiUploaderPolicy)
.DisableAntiforgery(); .DisableAntiforgery();
app.MapPost("/resources/get", //Need to have POST method for secure password app.MapPost("/resources/get", //Need to have POST method for secure password
Azaion.Common/Entities/RoleEnum.cs
+1
View File
@@ -7,5 +7,6 @@ public enum RoleEnum
Validator = 20, Validator = 20,
CompanionPC = 30, CompanionPC = 30,
Admin = 40, Admin = 40,
ResourceUploader = 50,
ApiAdmin = 1000 ApiAdmin = 1000
} }
env/02 db-scripts/02_structure.sql
Vendored
+9 -2
View File
@@ -12,11 +12,18 @@ create table users
grant select, insert, update, delete on public.users to azaion_admin; grant select, insert, update, delete on public.users to azaion_admin;
grant select on table public.users to azaion_reader; grant select on table public.users to azaion_reader;
INSERT INTO public.users INSERT INTO public.users (id, email, password_hash, hardware, hardware_hash, role)
(id, email, password_hash, hardware, hardware_hash, role)
VALUES ('d90a36ca-e237-4fbd-9c7c-127040ac8556', VALUES ('d90a36ca-e237-4fbd-9c7c-127040ac8556',
'admin@azaion.com', 'admin@azaion.com',
'282wqVHZU0liTxphiGkKIaJtUA1W6rILdvfEOx8Ez350x0XLbgNtrSUYCK1r/ajq', '282wqVHZU0liTxphiGkKIaJtUA1W6rILdvfEOx8Ez350x0XLbgNtrSUYCK1r/ajq',
null, null,
null, null,
'ApiAdmin'); 'ApiAdmin');
INSERT INTO public.users (id, email, password_hash, hardware, hardware_hash, role)
VALUES ('48adb269-ecd5-4197-a9d1-cd36254cf104',
'uploader@azaion.com',
'2zHX1eSnbdCirc+KRNepcr5g4ZFQhhrII0FggYyMezQzxD+gBxwISCZ48fe1wxAk',
null,
null,
'ResourceUploader');