Gateway to restrict total number of apps. (#760)

* Gateway to restrict total number of apps. * Fixes. * Fix permission check.
4 years ago · 5f73c046a7
14 changed files with 304 additions and 8 deletions
--- a/backend/i18n/source/backend_en.json
+++ b/backend/i18n/source/backend_en.json
@ -16,6 +16,7 @@
  "apps.languages.masterLanguageNoFallbacks": "Master language cannot have fallback languages.",
  "apps.languages.masterLanguageNotOptional": "Master language cannot be made optional.",
  "apps.languages.masterLanguageNotRemovable": "Master language cannot be removed.",
  "apps.maximumTotalReached": "You cannot create more apps. Please contact the support to remove this restriction from your account.",
  "apps.nameAlreadyExists": "An app with the same name already exists.",
  "apps.notImage": "File is not an image",
  "apps.plans.notFound": "A plan with this id does not exist.",
--- a/backend/src/Squidex.Domain.Apps.Entities/Apps/Plans/RestrictAppsCommandMiddleware.cs
+++ b/backend/src/Squidex.Domain.Apps.Entities/Apps/Plans/RestrictAppsCommandMiddleware.cs
@ -0,0 +1,62 @@
 // ==========================================================================
 //  Squidex Headless CMS
 // ==========================================================================
 //  Copyright (c) Squidex UG (haftungsbeschraenkt)
 //  All rights reserved. Licensed under the MIT license.
 // ==========================================================================
 using System.Threading.Tasks;
 using Microsoft.Extensions.Options;
 using Squidex.Domain.Apps.Entities.Apps.Commands;
 using Squidex.Infrastructure.Commands;
 using Squidex.Infrastructure.Translations;
 using Squidex.Infrastructure.Validation;
 using Squidex.Shared.Identity;
 using Squidex.Shared.Users;
 namespace Squidex.Domain.Apps.Entities.Apps.Plans
 {
    public sealed class RestrictAppsCommandMiddleware : ICommandMiddleware
    {
        private readonly RestrictAppsOptions usageOptions;
        private readonly IUserResolver userResolver;
        public RestrictAppsCommandMiddleware(IOptions<RestrictAppsOptions> usageOptions, IUserResolver userResolver)
        {
            this.usageOptions = usageOptions.Value;
            this.userResolver = userResolver;
        }
        public async Task HandleAsync(CommandContext context, NextDelegate next)
        {
            if (usageOptions.MaximumNumberOfApps <= 0 || context.Command is not CreateApp createApp || createApp.Actor.IsClient)
            {
                await next(context);
                return;
            }
            var totalApps = 0;
            var user = await userResolver.FindByIdAsync(createApp.Actor.Identifier);
            if (user != null)
            {
                totalApps = user.Claims.GetTotalApps();
                if (totalApps >= usageOptions.MaximumNumberOfApps)
                {
                    throw new ValidationException(T.Get("apps.maximumTotalReached"));
                }
            }
            await next(context);
            if (context.IsCompleted && user != null)
            {
                var newApps = totalApps + 1;
                await userResolver.SetClaimAsync(user.Id, SquidexClaimTypes.TotalApps, newApps.ToString(), true);
            }
        }
    }
 }
--- a/backend/src/Squidex.Domain.Apps.Entities/Apps/Plans/RestrictAppsOptions.cs
+++ b/backend/src/Squidex.Domain.Apps.Entities/Apps/Plans/RestrictAppsOptions.cs
@ -0,0 +1,14 @@
 // ==========================================================================
 //  Squidex Headless CMS
 // ==========================================================================
 //  Copyright (c) Squidex UG (haftungsbeschraenkt)
 //  All rights reserved. Licensed under the MIT license.
 // ==========================================================================
 namespace Squidex.Domain.Apps.Entities.Apps.Plans
 {
    public sealed class RestrictAppsOptions
    {
        public int MaximumNumberOfApps { get; set; } = 0;
    }
 }
--- a/backend/src/Squidex.Domain.Apps.Entities/Contents/DomainObject/Guards/SecurityExtensions.cs
+++ b/backend/src/Squidex.Domain.Apps.Entities/Contents/DomainObject/Guards/SecurityExtensions.cs
@ -6,7 +6,9 @@
 // ==========================================================================
 using Squidex.Infrastructure;
 using Squidex.Infrastructure.Security;
 using Squidex.Infrastructure.Translations;
 using Squidex.Shared;
 using Squidex.Shared.Identity;
 namespace Squidex.Domain.Apps.Entities.Contents.DomainObject.Guards
@ -22,7 +24,16 @@ namespace Squidex.Domain.Apps.Entities.Contents.DomainObject.Guards
                return;
            }
-            if (!context.User.Allows(permissionId, content.AppId.Name, content.SchemaId.Name))
+            var permissions = context.User?.Claims.Permissions();
            if (permissions == null)
            {
                throw new DomainForbiddenException(T.Get("common.errorNoPermission"));
            }
            var permission = Permissions.ForApp(permissionId, context.App.Name, context.Schema.SchemaDef.Name);
            if (permissions.Allows(permission) != true)
            {
                throw new DomainForbiddenException(T.Get("common.errorNoPermission"));
            }
--- a/backend/src/Squidex.Shared/Identity/SquidexClaimTypes.cs
+++ b/backend/src/Squidex.Shared/Identity/SquidexClaimTypes.cs
@ -30,5 +30,7 @@ namespace Squidex.Shared.Identity
        public const string PictureUrl = "urn:squidex:picture";
        public const string PictureUrlStore = "store";
        public const string TotalApps = "urn:squidex:internal:totalApps";
    }
 }
--- a/backend/src/Squidex.Shared/Identity/SquidexClaimsExtensions.cs
+++ b/backend/src/Squidex.Shared/Identity/SquidexClaimsExtensions.cs
@ -7,6 +7,7 @@
 using System;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Linq;
 using System.Security.Claims;
 using Squidex.Infrastructure.Security;
@ -19,12 +20,9 @@ namespace Squidex.Shared.Identity
        public static PermissionSet Permissions(this IEnumerable<Claim> user)
        {
-            return new PermissionSet(user.GetClaims(SquidexClaimTypes.Permissions).Select(x => new Permission(x.Value)));
+            var permissions = user.GetClaims(SquidexClaimTypes.Permissions).Select(x => x.Value);
        }
-        public static bool Allows(this ClaimsPrincipal user, string id, string app = Permission.Any, string schema = Permission.Any)
+            return new PermissionSet(permissions);
        {
            return user.Claims.Permissions().Allows(id, app, schema);
        }
        public static bool IsHidden(this IEnumerable<Claim> user)
@ -72,6 +70,15 @@ namespace Squidex.Shared.Identity
            return user.GetClaimValue(SquidexClaimTypes.DisplayName);
        }
        public static int GetTotalApps(this IEnumerable<Claim> user)
        {
            var value = user.GetClaimValue(SquidexClaimTypes.TotalApps);
            int.TryParse(value, NumberStyles.Integer, CultureInfo.InvariantCulture, out var result);
            return result;
        }
        public static bool HasClaim(this IEnumerable<Claim> user, string type)
        {
            return user.GetClaims(type).Any();
--- a/backend/src/Squidex.Shared/Texts.it.resx
+++ b/backend/src/Squidex.Shared/Texts.it.resx
@ -133,6 +133,9 @@
  <data name="apps.languages.masterLanguageNotRemovable" xml:space="preserve">
    <value>La lingua master non può essere rimossa.</value>
  </data>
  <data name="apps.maximumTotalReached" xml:space="preserve">
    <value>You cannot create more apps. Please contact the support to remove this restriction from your account.</value>
  </data>
  <data name="apps.nameAlreadyExists" xml:space="preserve">
    <value>Esiste già un'app con lo stesso nome.</value>
  </data>
--- a/backend/src/Squidex.Shared/Texts.nl.resx
+++ b/backend/src/Squidex.Shared/Texts.nl.resx
@ -133,6 +133,9 @@
  <data name="apps.languages.masterLanguageNotRemovable" xml:space="preserve">
    <value>Hoofdtaal kan niet worden verwijderd.</value>
  </data>
  <data name="apps.maximumTotalReached" xml:space="preserve">
    <value>You cannot create more apps. Please contact the support to remove this restriction from your account.</value>
  </data>
  <data name="apps.nameAlreadyExists" xml:space="preserve">
    <value>Er bestaat al een app met dezelfde naam.</value>
  </data>
--- a/backend/src/Squidex.Shared/Texts.resx
+++ b/backend/src/Squidex.Shared/Texts.resx
@ -133,6 +133,9 @@
  <data name="apps.languages.masterLanguageNotRemovable" xml:space="preserve">
    <value>Master language cannot be removed.</value>
  </data>
  <data name="apps.maximumTotalReached" xml:space="preserve">
    <value>You cannot create more apps. Please contact the support to remove this restriction from your account.</value>
  </data>
  <data name="apps.nameAlreadyExists" xml:space="preserve">
    <value>An app with the same name already exists.</value>
  </data>
--- a/backend/src/Squidex.Shared/Texts.zh.resx
+++ b/backend/src/Squidex.Shared/Texts.zh.resx
@ -133,6 +133,9 @@
  <data name="apps.languages.masterLanguageNotRemovable" xml:space="preserve">
    <value>无法删除主语言。</value>
  </data>
  <data name="apps.maximumTotalReached" xml:space="preserve">
    <value>You cannot create more apps. Please contact the support to remove this restriction from your account.</value>
  </data>
  <data name="apps.nameAlreadyExists" xml:space="preserve">
    <value>同名应用已经存在。</value>
  </data>
--- a/backend/src/Squidex/Areas/OrleansDashboard/Middlewares/OrleansDashboardAuthenticationMiddleware.cs
+++ b/backend/src/Squidex/Areas/OrleansDashboard/Middlewares/OrleansDashboardAuthenticationMiddleware.cs
@ -30,7 +30,9 @@ namespace Squidex.Areas.OrleansDashboard.Middlewares
            if (authentication.Succeeded)
            {
-                if (authentication.Principal?.Allows(Permissions.AdminOrleans) == true)
+                var permissions = authentication.Principal?.Claims.Permissions();
                if (permissions?.Allows(Permissions.AdminOrleans) == true)
                {
                    await next(context);
                }
--- a/backend/src/Squidex/Config/Domain/CommandsServices.cs
+++ b/backend/src/Squidex/Config/Domain/CommandsServices.cs
@ -10,6 +10,7 @@ using Microsoft.Extensions.DependencyInjection;
 using Squidex.Domain.Apps.Entities.Apps.DomainObject;
 using Squidex.Domain.Apps.Entities.Apps.Indexes;
 using Squidex.Domain.Apps.Entities.Apps.Invitation;
 using Squidex.Domain.Apps.Entities.Apps.Plans;
 using Squidex.Domain.Apps.Entities.Apps.Templates;
 using Squidex.Domain.Apps.Entities.Assets.Commands;
 using Squidex.Domain.Apps.Entities.Assets.DomainObject;
@ -34,6 +35,9 @@ namespace Squidex.Config.Domain
            services.Configure<ReadonlyOptions>(config,
                "mode");
            services.Configure<RestrictAppsOptions>(config,
                "usage");
            services.AddSingletonAs<InMemoryCommandBus>()
                .As<ICommandBus>();
@ -61,6 +65,9 @@ namespace Squidex.Config.Domain
            services.AddSingletonAs<CustomCommandMiddlewareRunner>()
                .As<ICommandMiddleware>();
            services.AddSingletonAs<RestrictAppsCommandMiddleware>()
                .As<ICommandMiddleware>();
            services.AddSingletonAs<InviteUserCommandMiddleware>()
                .As<ICommandMiddleware>();
--- a/backend/tests/Squidex.Domain.Apps.Entities.Tests/Apps/Plans/RestrictAppsCommandMiddlewareTests.cs
+++ b/backend/tests/Squidex.Domain.Apps.Entities.Tests/Apps/Plans/RestrictAppsCommandMiddlewareTests.cs
@ -0,0 +1,178 @@
 // ==========================================================================
 //  Squidex Headless CMS
 // ==========================================================================
 //  Copyright (c) Squidex UG (haftungsbeschraenkt)
 //  All rights reserved. Licensed under the MIT license.
 // ==========================================================================
 using System;
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using FakeItEasy;
 using Microsoft.Extensions.Options;
 using Squidex.Domain.Apps.Entities.Apps.Commands;
 using Squidex.Infrastructure;
 using Squidex.Infrastructure.Commands;
 using Squidex.Infrastructure.Validation;
 using Squidex.Shared.Identity;
 using Squidex.Shared.Users;
 using Xunit;
 namespace Squidex.Domain.Apps.Entities.Apps.Plans
 {
    public sealed class RestrictAppsCommandMiddlewareTests
    {
        private readonly IUserResolver userResolver = A.Fake<IUserResolver>();
        private readonly ICommandBus commandBus = A.Fake<ICommandBus>();
        private readonly RestrictAppsOptions options = new RestrictAppsOptions();
        private readonly RestrictAppsCommandMiddleware sut;
        public RestrictAppsCommandMiddlewareTests()
        {
            sut = new RestrictAppsCommandMiddleware(Options.Create(options), userResolver);
        }
        [Fact]
        public async Task Should_throw_exception_if_number_of_apps_reached()
        {
            var userId = Guid.NewGuid().ToString();
            var command = new CreateApp
            {
                Actor = RefToken.User(userId)
            };
            var commandContext = new CommandContext(command, commandBus);
            options.MaximumNumberOfApps = 3;
            var user = A.Fake<IUser>();
            A.CallTo(() => user.Id)
                .Returns(userId);
            A.CallTo(() => user.Claims)
                .Returns(Enumerable.Repeat(new Claim(SquidexClaimTypes.TotalApps, "5"), 1).ToList());
            A.CallTo(() => userResolver.FindByIdAsync(userId))
                .Returns(user);
            var isNextCalled = false;
            await Assert.ThrowsAsync<ValidationException>(() => sut.HandleAsync(commandContext, x =>
            {
                isNextCalled = true;
                return Task.CompletedTask;
            }));
            Assert.False(isNextCalled);
        }
        [Fact]
        public async Task Should_increment_total_apps_if_maximum_not_reached_and_completed()
        {
            var userId = Guid.NewGuid().ToString();
            var command = new CreateApp
            {
                Actor = RefToken.User(userId)
            };
            var commandContext = new CommandContext(command, commandBus);
            options.MaximumNumberOfApps = 10;
            var user = A.Fake<IUser>();
            A.CallTo(() => user.Id)
                .Returns(userId);
            A.CallTo(() => user.Claims)
                .Returns(Enumerable.Repeat(new Claim(SquidexClaimTypes.TotalApps, "5"), 1).ToList());
            A.CallTo(() => userResolver.FindByIdAsync(userId))
                .Returns(user);
            await sut.HandleAsync(commandContext, x =>
            {
                x.Complete(true);
                return Task.CompletedTask;
            });
            A.CallTo(() => userResolver.SetClaimAsync(userId, SquidexClaimTypes.TotalApps, "6", true))
                .MustHaveHappened();
        }
        [Fact]
        public async Task Should_not_check_usage_if_app_is_created_by_client()
        {
            var command = new CreateApp
            {
                Actor = RefToken.Client(Guid.NewGuid().ToString())
            };
            var commandContext = new CommandContext(command, commandBus);
            options.MaximumNumberOfApps = 10;
            await sut.HandleAsync(commandContext, x =>
            {
                x.Complete(true);
                return Task.CompletedTask;
            });
            A.CallTo(() => userResolver.FindByIdAsync(A<string>._))
                .MustNotHaveHappened();
        }
        [Fact]
        public async Task Should_not_check_usage_if_no_maximum_configured()
        {
            var command = new CreateApp
            {
                Actor = RefToken.User(Guid.NewGuid().ToString())
            };
            var commandContext = new CommandContext(command, commandBus);
            options.MaximumNumberOfApps = 0;
            await sut.HandleAsync(commandContext, x =>
            {
                x.Complete(true);
                return Task.CompletedTask;
            });
            A.CallTo(() => userResolver.FindByIdAsync(A<string>._))
                .MustNotHaveHappened();
        }
        [Fact]
        public async Task Should_not_check_usage_for_other_commands()
        {
            var command = new UpdateApp
            {
                Actor = RefToken.User(Guid.NewGuid().ToString())
            };
            var commandContext = new CommandContext(command, commandBus);
            options.MaximumNumberOfApps = 10;
            await sut.HandleAsync(commandContext, x =>
            {
                x.Complete(true);
                return Task.CompletedTask;
            });
            A.CallTo(() => userResolver.FindByIdAsync(A<string>._))
                .MustNotHaveHappened();
        }
    }
 }
--- a/backend/tests/Squidex.Domain.Apps.Entities.Tests/Contents/DomainObject/Guards/GuardContentTests.cs
+++ b/backend/tests/Squidex.Domain.Apps.Entities.Tests/Contents/DomainObject/Guards/GuardContentTests.cs
@ -339,7 +339,7 @@ namespace Squidex.Domain.Apps.Entities.Contents.DomainObject.Guards
        {
            var context = CreateContext(CreateContent(Status.Draft), normalSchema);
-            ((ContentEntity)(ContentEntity)context.Content).CreatedBy = RefToken.User("456");
+            ((ContentEntity)context.Content).CreatedBy = RefToken.User("456");
            Assert.Throws<DomainForbiddenException>(() => context.MustHavePermission(Permissions.AppContentsDelete));
        }