Implement client finder and resource permission management providers

1 month ago · 499f12742f
11 changed files with 199 additions and 3 deletions
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientFinderResult.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/ClientFinderResult.cs
@ -0,0 +1,10 @@
+using System;
+
+namespace Volo.Abp.IdentityServer.Clients;
+
+public class ClientFinderResult
+{
+    public Guid Id { get; set; }
+
+    public string ClientId { get; set; }
+}
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/IClientFinder.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain.Shared/Volo/Abp/IdentityServer/Clients/IClientFinder.cs
@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+
+namespace Volo.Abp.IdentityServer.Clients;
+
+public interface IClientFinder
+{
+    Task<List<ClientFinderResult>> SearchAsync(string filter, int page = 1);
+
+    Task<List<ClientFinderResult>> SearchByIdsAsync(Guid[] ids);
+}
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientFinder.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientFinder.cs
@ -0,0 +1,45 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.Domain.Repositories;
+
+namespace Volo.Abp.IdentityServer.Clients;
+
+public class ClientFinder: IClientFinder, ITransientDependency
+{
+    protected IClientRepository ClientRepository { get; }
+
+    public ClientFinder(IClientRepository clientRepository)
+    {
+        ClientRepository = clientRepository;
+    }
+
+    public virtual async Task<List<ClientFinderResult>> SearchAsync(string filter, int page = 1)
+    {
+        using (ClientRepository.DisableTracking())
+        {
+            page = page < 1 ? 1 : page;
+            var clients = await ClientRepository.GetListAsync(nameof(Client.ClientName), filter: filter, skipCount: (page - 1) * 10, maxResultCount: 10);
+            return clients.Select(x => new ClientFinderResult
+            {
+                Id = x.Id,
+                ClientId = x.ClientId
+            }).ToList();
+        }
+    }
+
+    public virtual async Task<List<ClientFinderResult>> SearchByIdsAsync(Guid[] ids)
+    {
+        using (ClientRepository.DisableTracking())
+        {
+            var clients = await ClientRepository.GetListByIdsAsync(ids);
+            return clients.Select(x => new ClientFinderResult
+            {
+                Id = x.Id,
+                ClientId = x.ClientId
+            }).ToList();
+        }
+    }
+}
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/IClientRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/IClientRepository.cs
@ -36,4 +36,6 @@ public interface IClientRepository : IBasicRepository<Client, Guid>
        Guid? expectedId = null,
        CancellationToken cancellationToken = default
    );
+
+    Task<List<Client>> GetListByIdsAsync(Guid[] ids, CancellationToken cancellationToken = default);
 }
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs
@ -61,6 +61,13 @@ public class ClientRepository : EfCoreRepository<IIdentityServerDbContext, Clien
        return await (await GetDbSetAsync()).AnyAsync(c => c.Id != expectedId && c.ClientId == clientId, GetCancellationToken(cancellationToken));
    }

+    public virtual async Task<List<Client>> GetListByIdsAsync(Guid[] ids, CancellationToken cancellationToken = default)
+    {
+        return await (await GetDbSetAsync())
+            .Where(c => ids.Contains(c.Id))
+            .ToListAsync(GetCancellationToken(cancellationToken));
+    }
+
    public async override Task DeleteAsync(Guid id, bool autoSave = false, CancellationToken cancellationToken = default)
    {
        var dbContext = await GetDbContextAsync();
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs
@ -69,4 +69,11 @@ public class MongoClientRepository : MongoDbRepository<IAbpIdentityServerMongoDb
        return await (await GetQueryableAsync(cancellationToken))
            .AnyAsync(c => c.Id != expectedId && c.ClientId == clientId, GetCancellationToken(cancellationToken));
    }
+
+    public virtual async Task<List<Client>> GetListByIdsAsync(Guid[] ids, CancellationToken cancellationToken = default)
+    {
+        return await (await GetQueryableAsync(cancellationToken))
+            .Where(c => ids.Contains(c.Id))
+            .ToListAsync(GetCancellationToken(cancellationToken));
+    }
 }
--- a/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientPermissionManagementProvider.cs
+++ b/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientPermissionManagementProvider.cs
@ -18,7 +18,6 @@ public class ClientPermissionManagementProvider : PermissionManagementProvider
            guidGenerator,
            currentTenant)
    {
-
    }

    public override Task<PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)
@ -29,6 +28,14 @@ public class ClientPermissionManagementProvider : PermissionManagementProvider
        }
    }

+    public override Task<MultiplePermissionValueProviderGrantInfo> CheckAsync(string[] names, string providerName, string providerKey)
+    {
+        using (CurrentTenant.Change(null))
+        {
+            return base.CheckAsync(names, providerName, providerKey);
+        }
+    }
+
    protected override Task GrantAsync(string name, string providerKey)
    {
        using (CurrentTenant.Change(null))
--- a/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientResourcePermissionManagementProvider.cs
+++ b/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientResourcePermissionManagementProvider.cs
@ -0,0 +1,62 @@
+using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.Guids;
+using Volo.Abp.MultiTenancy;
+
+namespace Volo.Abp.PermissionManagement.IdentityServer;
+
+public class ClientResourcePermissionManagementProvider : ResourcePermissionManagementProvider
+{
+    public override string Name => ClientResourcePermissionValueProvider.ProviderName;
+
+    public ClientResourcePermissionManagementProvider(
+        IResourcePermissionGrantRepository permissionGrantRepository,
+        IGuidGenerator guidGenerator,
+        ICurrentTenant currentTenant)
+        : base(
+            permissionGrantRepository,
+            guidGenerator,
+            currentTenant)
+    {
+    }
+
+    public override Task<ResourcePermissionValueProviderGrantInfo> CheckAsync(string name, string resourceName,string resourceKey, string providerName, string providerKey)
+    {
+        using (CurrentTenant.Change(null))
+        {
+            return base.CheckAsync(name, resourceName, resourceKey, providerName, providerKey);
+        }
+    }
+
+    public override Task<MultipleResourcePermissionValueProviderGrantInfo> CheckAsync(string[] names, string resourceName, string resourceKey, string providerName, string providerKey)
+    {
+        using (CurrentTenant.Change(null))
+        {
+            return base.CheckAsync(names, resourceName, resourceKey, providerName, providerKey);
+        }
+    }
+
+    public override Task SetAsync(string name,  string resourceName,string resourceKey, string providerKey, bool isGranted)
+    {
+        using (CurrentTenant.Change(null))
+        {
+            return base.SetAsync(name, resourceName, resourceKey, providerKey, isGranted);
+        }
+    }
+
+    protected override async Task GrantAsync(string name, string resourceName, string resourceKey, string providerKey)
+    {
+        using (CurrentTenant.Change(null))
+        {
+            await base.GrantAsync(name, resourceName, resourceKey, providerKey);
+        }
+    }
+
+    protected override Task RevokeAsync(string name, string resourceName,string resourceKey, string providerKey)
+    {
+        using (CurrentTenant.Change(null))
+        {
+            return base.RevokeAsync(name, resourceName, resourceKey, providerKey);
+        }
+    }
+}
--- a/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientResourcePermissionProviderKeyLookupService.cs
+++ b/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/ClientResourcePermissionProviderKeyLookupService.cs
@ -0,0 +1,45 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using Volo.Abp.Authorization.Permissions.Resources;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.IdentityServer.Clients;
+using Volo.Abp.IdentityServer.Localization;
+using Volo.Abp.Localization;
+
+namespace Volo.Abp.PermissionManagement.IdentityServer;
+
+public class ClientResourcePermissionProviderKeyLookupService : IResourcePermissionProviderKeyLookupService, ITransientDependency
+{
+    public string Name => ClientResourcePermissionValueProvider.ProviderName;
+
+    public ILocalizableString DisplayName { get; }
+
+    protected IClientFinder ClientFinder { get; }
+
+    public ClientResourcePermissionProviderKeyLookupService(IClientFinder clientFinder)
+    {
+        ClientFinder = clientFinder;
+        DisplayName = LocalizableString.Create<AbpIdentityServerResource>(nameof(ClientResourcePermissionProviderKeyLookupService));
+    }
+
+    public virtual async Task<List<ResourcePermissionProviderKeyInfo>> SearchAsync(string filter = null, int page = 1, CancellationToken cancellationToken = default)
+    {
+        var users = await ClientFinder.SearchAsync(filter, page);
+        return users.Select(u => new ResourcePermissionProviderKeyInfo(u.Id.ToString(), u.ClientId)).ToList();
+    }
+
+    public virtual async Task<List<ResourcePermissionProviderKeyInfo>> SearchAsync(string[] keys, CancellationToken cancellationToken = default)
+    {
+        var ids = keys
+            .Select(key => Guid.TryParse(key, out var id) ? (Guid?)id : null)
+            .Where(id => id.HasValue)
+            .Select(id => id.Value)
+            .Distinct()
+            .ToArray();
+        var users = await ClientFinder.SearchByIdsAsync(ids.ToArray());
+        return users.Select(u => new ResourcePermissionProviderKeyInfo(u.Id.ToString(), u.ClientId)).ToList();
+    }
+}
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Applications/AbpApplicationFinder.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Applications/AbpApplicationFinder.cs
@ -22,7 +22,7 @@ public class AbpApplicationFinder : IApplicationFinder, ITransientDependency
        using (ApplicationRepository.DisableTracking())
        {
            page = page < 1 ? 1 : page;
-            var applications = await ApplicationRepository.GetListAsync(nameof(OpenIddictApplication.ClientId), filter: filter, skipCount: (page - 1) * 10, maxResultCount: 10);
+            var applications = await ApplicationRepository.GetListAsync(nameof(OpenIddictApplication.CreationTime), filter: filter, skipCount: (page - 1) * 10, maxResultCount: 10);
            return applications.Select(x => new ApplicationFinderResult
            {
                Id = x.Id,
--- a/modules/openiddict/src/Volo.Abp.PermissionManagement.Domain.OpenIddict/Volo/Abp/PermissionManagement/OpenIddict/ApplicationPermissionManagementProvider.cs
+++ b/modules/openiddict/src/Volo.Abp.PermissionManagement.Domain.OpenIddict/Volo/Abp/PermissionManagement/OpenIddict/ApplicationPermissionManagementProvider.cs
@ -18,7 +18,6 @@ public class ApplicationPermissionManagementProvider : PermissionManagementProvi
            guidGenerator,
            currentTenant)
    {
-
    }

    public override Task<PermissionValueProviderGrantInfo> CheckAsync(string name, string providerName, string providerKey)