Skip to content

Commit

Permalink
Modify validation engine to use new security utility IsAuthorized method
Browse files Browse the repository at this point in the history
  • Loading branch information
@bbarber
bbarber committed Jan 3, 2025
1 parent c5e239a commit 8387348
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 19 deletions.
35 changes: 16 additions & 19 deletions src/API/WesternStatesWater.WestDaat.Engines/ValidationEngine.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,30 +25,36 @@ ISecurityUtility securityUtility
public async Task<ErrorBase> Validate(RequestBase request)
{
var context = _contextUtility.GetContext();
var permissions = await _securityUtility.GetPermissions(context);
var isAuthorized = await _securityUtility.IsAuthorized(context, request);
if (!isAuthorized)
{
return CreateForbiddenError(request, context);
}

return request switch
{
ApplicationStoreRequestBase req => ValidateApplicationStoreRequest(req, context, permissions),
ApplicationStoreRequestBase req => ValidateApplicationStoreRequest(req, context),

_ => throw new NotImplementedException(
$"Validation for request type '{request.GetType().Name}' is not implemented."
)
};
}

private ErrorBase ValidateApplicationStoreRequest(ApplicationStoreRequestBase request, ContextBase context,
object permissions)
private ErrorBase ValidateApplicationStoreRequest(ApplicationStoreRequestBase request, ContextBase context)
{
// If context cannot make a request of this type.
if (permissions is 1)
// If there is additional business logic validation that the request doesn't pass.
if (request is null)
{
return CreateForbiddenError(request, context);
return new ValidationError(new Dictionary<string, string[]>
{
{ "Notes", ["You must cross the T's and dot the lowercase J's."] }
});
}

// If the resources required to fulfill the request are not accessible to the user, or they
// do not exist.
if (permissions is 2)
// If the resources required to fulfill the request
// are not accessible to the user, or they do not exist.
if (request.ToString() is null)
{
return CreateNotFoundError(
context,
Expand All @@ -57,15 +63,6 @@ private ErrorBase ValidateApplicationStoreRequest(ApplicationStoreRequestBase re
);
}

// If there is additional business logic validation that the request doesn't pass.
if (permissions is 3)
{
return new ValidationError(new Dictionary<string, string[]>
{
{ "Notes", ["You must cross the T's and dot the lowercase J's."] }
});
}

return null;
}

Expand Down
4 changes: 4 additions & 0 deletions src/API/WesternStatesWater.WestDaat.Utilities/ISecurityUtility.cs
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
using WesternStatesWater.Shared.DataContracts;
using WesternStatesWater.WestDaat.Common.Context;

namespace WesternStatesWater.WestDaat.Utilities;

public interface ISecurityUtility
{
// TODO - Needed?
Task<object> GetPermissions(ContextBase context);

Task<bool> IsAuthorized(ContextBase context, RequestBase request);
}
15 changes: 15 additions & 0 deletions src/API/WesternStatesWater.WestDaat.Utilities/SecurityUtility.cs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
using WesternStatesWater.Shared.DataContracts;
using WesternStatesWater.WestDaat.Common.Context;
using WesternStatesWater.WestDaat.Contracts.Client.Requests.Admin;
using WesternStatesWater.WestDaat.Contracts.Client.Requests.Conservation;

namespace WesternStatesWater.WestDaat.Utilities;

Expand All @@ -8,4 +11,16 @@ public Task<object> GetPermissions(ContextBase context)
{
return Task.FromResult((object)42);
}

public Task<bool> IsAuthorized(ContextBase context, RequestBase request)
{
return request switch
{
ApplicationStoreRequestBase => Task.FromResult(true),
UserLoadRequestBase => Task.FromResult(true),
_ => throw new NotImplementedException(
$"Authorization for request type '{request.GetType().Name}' is not implemented."
)
};
}
}

0 comments on commit 8387348

Please sign in to comment.