5.0.1-preview003

Author: JonPSmith

AuthPermissions.AspNetCore/CreateNuGetDebug.nuspec

@@ -2,14 +2,15 @@
 <package xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>AuthPermissions.AspNetCore</id>
-    <version>5.0.0-preview022debug</version>
+    <version>5.0.1-preview003</version>
     <authors>Jon P Smith</authors>
     <product>AuthPermissions.AspNetCore</product>
     <copyright>Copyright (c) 2021 Jon P Smith</copyright>
     <description>Provides extra authorization and multi-tenant features to a ASP.NET Core application.</description>
     <releaseNotes>
-		- BREAKING CHANGE(small): If you are using sharding with your multi-tenant app, then read the UpdateToVersion5.md file.
-		- New feature: You can use any database provider supported by EF Core, not just SQLServer and Postgres - see documentation for more details
+		- Minor improvements AccessDatabaseInformationJsonFile
+		- Minor improvements to SignInAndCreateTenant (better handling of errors)
+		- Minor improvements to IndividualUserAddUserManager (check password)
 	</releaseNotes>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/JonPSmith/AuthPermissions.AspNetCore</projectUrl>

AuthPermissions.AspNetCore/MultiProjPack.xml

@@ -4,17 +4,16 @@
   <!-- See documentation for all the possible values -->
   <metadata>
     <id>AuthPermissions.AspNetCore</id>
-    <version>5.0.0</version>
+    <version>5.0.1-preview003</version>
     <authors>Jon P Smith</authors>
     <product>AuthPermissions.AspNetCore</product>
     <copyright>Copyright (c) 2021 Jon P Smith</copyright>
     <description>Provides extra authorization and multi-tenant features to a ASP.NET Core application.</description>
     <releaseNotes>
-		- BREAKING CHANGE(medium): If you are using sharding with your multi-tenant app, then read the UpdateToVersion5.md file.
-		- New feature: You can now use a custom database provider with the AuthP library - see documentation for more details.
-		- New feature: It easier to setup sharding / hybrid multi-tenant application via extension method called SetupMultiTenantSharding
-		- New feature: Ability to replace parts of the sharding services, e.g. store sharding data in a database instead of a json file.
-    </releaseNotes>
+		- Minor improvements AccessDatabaseInformationJsonFile
+		- Minor improvements to SignInAndCreateTenant (better handling of errors)
+		- Minor improvements to IndividualUserAddUserManager (check password)
+	</releaseNotes>
     <license type="expression">MIT</license>
     <projectUrl>https://github.com/JonPSmith/AuthPermissions.AspNetCore</projectUrl>
     <icon>images\AuthPermissionsAspNetCoreNuGetIcon.png</icon>

AuthPermissions.AspNetCore/ShardingServices/IGetDatabaseForNewTenant.cs

@@ -26,8 +26,10 @@ public interface IGetDatabaseForNewTenant
     Task<IStatusGeneric<Tenant>> FindOrCreateDatabaseAsync(Tenant tenant, bool hasOwnDb, string region, string version = null);
 
     /// <summary>
-    /// If called it will undo what the <see cref="FindOrCreateDatabaseAsync"/> did.
+    /// If called it will undo what the <see cref="FindOrCreateDatabaseAsync"/> did,
+    /// i.e. deleting the database (or at least use tenantChangeService to delete the data) and remove the sharding data.  
     /// This is called if there was a problem with the new user such that the new tenant would be deleted.
+    /// NOTE: This method may be called even if the <see cref="FindOrCreateDatabaseAsync"/> hasn't been called.
     /// </summary>
     /// <returns>Status</returns>
     Task<IStatusGeneric> RemoveLastDatabaseSetupAsync();

AuthPermissions.AspNetCore/ShardingServices/ShardingConnectionsJsonFile.cs

@@ -23,15 +23,11 @@ public class ConnectionStringsOption : Dictionary<string, string> {}
 public class ShardingConnectionsJsonFile : IShardingConnections
 {
     private readonly ConnectionStringsOption _connectionDict;
+    private readonly IOptionsMonitor<ShardingSettingsOption> _shardingSettingsAccessor;
     private readonly AuthPermissionsDbContext _context;
     private readonly IDefaultLocalizer _localizeDefault;
     private readonly AuthPermissionsOptions _options;
 
-    /// <summary>
-    /// This contains the most up to date data in the shardingsettings json file
-    /// </summary>
-    private List<DatabaseInformation> _databaseInformation;
-
     /// <summary>
     /// This contains the methods with are specific to a database provider
     /// </summary>
@@ -59,10 +55,9 @@ public ShardingConnectionsJsonFile(IOptionsSnapshot<ConnectionStringsOption> con
     {
         //thanks to https://stackoverflow.com/questions/37287427/get-multiple-connection-strings-in-appsettings-json-without-ef
         _connectionDict = connectionsAccessor.Value;
+        _shardingSettingsAccessor = shardingSettingsAccessor;
         _context = context;
         _options = options;
-        SetDatabaseInformation(shardingSettingsAccessor.CurrentValue);
-        shardingSettingsAccessor.OnChange(SetDatabaseInformation);
 
         DatabaseProviderMethods = databaseProviderMethods.ToDictionary(x => x.AuthPDatabaseType);
         ShardingDatabaseProviders = DatabaseProviderMethods.Values.ToDictionary(x => x.DatabaseProviderShortName);
@@ -78,7 +73,7 @@ public ShardingConnectionsJsonFile(IOptionsSnapshot<ConnectionStringsOption> con
     /// <returns>A list of <see cref="DatabaseInformation"/> from the sharding settings file</returns>
     public List<DatabaseInformation> GetAllPossibleShardingData()
     {
-        return _databaseInformation;
+        return GetDatabaseInformation();
     }
 
     /// <summary>
@@ -109,7 +104,7 @@ public IEnumerable<string> GetConnectionStringNames()
 
         var result = new List<(string databaseInfoName, bool? hasOwnDb, List<string>)>();
         //Add sharding database names that have no tenants in them so that you can see all the connection string  names
-        foreach (var databaseInfoName in _databaseInformation.Select(x => x.Name))
+        foreach (var databaseInfoName in GetDatabaseInformation().Select(x => x.Name))
         {
             result.Add(grouped.ContainsKey(databaseInfoName)
                 ? (databaseInfoName,
@@ -135,14 +130,14 @@ public string FormConnectionString(string databaseInfoName)
         if (databaseInfoName == null)
             throw new AuthPermissionsException("The name of the database date can't be null");
 
-        var databaseData = _databaseInformation.SingleOrDefault(x => x.Name == databaseInfoName);
+        var databaseData = GetDatabaseInformation().SingleOrDefault(x => x.Name == databaseInfoName);
         if (databaseData == null)
             throw new AuthPermissionsException(
                 $"The database information with the name of '{databaseInfoName}' wasn't founds.");
 
         if (!_connectionDict.TryGetValue(databaseData.ConnectionName, out var connectionString))
             throw new AuthPermissionsException(
-                $"Could not find the connection name '{connectionString}' that the sharding database data '{databaseInfoName}' requires.");
+                $"Could not find the connection name '{databaseData.ConnectionName}' that the sharding database data '{databaseInfoName}' requires.");
 
         if (!ShardingDatabaseProviders.TryGetValue(databaseData.DatabaseType,
                 out IDatabaseSpecificMethods databaseSpecificMethods))
@@ -191,13 +186,12 @@ public IStatusGeneric TestFormingConnectionString(DatabaseInformation databaseIn
     //private methods
 
     /// <summary>
-    /// This takes to information from the OptionsMonitor and sets the _databaseInformation parameter
+    /// This gets the most up to date data in the shardingsettings json file
     /// </summary>
-    /// <returns></returns>
-    private void SetDatabaseInformation(ShardingSettingsOption fromMonitor )
+    private List<DatabaseInformation> GetDatabaseInformation()
     {
-        _databaseInformation = (fromMonitor.ShardingDatabases == null || !fromMonitor.ShardingDatabases.Any())
+        return _shardingSettingsAccessor.CurrentValue == null || !_shardingSettingsAccessor.CurrentValue.ShardingDatabases.Any()
             ? new List<DatabaseInformation> { DatabaseInformation.FormDefaultDatabaseInfo(_options, _context) }
-            : fromMonitor.ShardingDatabases;
+            : _shardingSettingsAccessor.CurrentValue.ShardingDatabases;
     }
 }

AuthPermissions.BaseCode/AuthPermissionsOptions.cs

@@ -22,7 +22,7 @@ public class AuthPermissionsOptions
         public TenantTypes TenantType { get; set; }
 
         /// <summary>
-        /// If sharding is turned on, then you can define the sharding database data to use if not 
+        /// If sharding is turned on, then this parameter defines the name of the connection string for the main database.
         /// This defaults to "Default Database", which should be set up to link to the database that also contains the AuthP data
         /// </summary>
         public string ShardingDefaultDatabaseInfoName { get; set; } = "Default Database";

AuthPermissions.SupportCode/AddUsersServices/Authentication/IndividualUserAddUserManager.cs

@@ -57,7 +57,7 @@ public IndividualUserAddUserManager(IAuthUsersAdminService authUsersAdmin, IAuth
     public AddNewUserDto UserLoginData { get; private set; }
 
     /// <summary>
-    /// This makes a quick check that the user isn't already has an AuthUser 
+    /// This makes a quick check that the user isn't already has an AuthUser and the password is valid
     /// </summary>
     /// <param name="newUser"></param>
     /// <returns>status, with error if there an user already</returns>
@@ -68,6 +68,20 @@ public async Task<IStatusGeneric> CheckNoExistingAuthUserAsync(AddNewUserDto new
             return status.AddErrorString("ExistingUser".ClassLocalizeKey(this, true), //common message
             "There is already an AuthUser with your email, so you can't add another.",
             nameof(AddNewUserDto.Email));
+
+        //Check the password matches the 
+        var passwordValidator = new PasswordValidator<TIdentity>();
+        var checkPassword = await passwordValidator.ValidateAsync(_userManager, null, newUser.Password);
+        if (!checkPassword.Succeeded)
+        {
+            foreach (var passwordError in checkPassword.Errors)
+            {
+                status.AddErrorString("BadPasswordFormat".ClassLocalizeKey(this, true),
+                    passwordError.Description, nameof(AddNewUserDto.Password));
+            }
+        }
+
+
         return status;
     }
 

AuthPermissions.SupportCode/AddUsersServices/SignInAndCreateTenant.cs

@@ -163,9 +163,10 @@ public async Task<IStatusGeneric<AddNewUserDto>> SignUpNewTenantWithVersionAsync
 
             if (newTenant != null)
             {
-                await _tenantAdmin.DeleteTenantAsync(newTenant.TenantId);
                 if (newTenant.DatabaseInfoName != null)
                     await _getShardingDb.RemoveLastDatabaseSetupAsync();
+
+                await _tenantAdmin.DeleteTenantAsync(newTenant.TenantId);
             }
 
             return status;

Test/StubClasses/StubIGetDatabaseForNewTenant.cs

@@ -19,6 +19,7 @@ public StubIGetDatabaseForNewTenant(AuthPermissionsDbContext context, bool retur
         _context = context;
         _returnError = returnError;
     }
+    private Tenant _tenant;
 
     public bool RemoveLastDatabaseCalled { get; private set; }
 
@@ -36,6 +37,7 @@ public StubIGetDatabaseForNewTenant(AuthPermissionsDbContext context, bool retur
     public Task<IStatusGeneric<Tenant>> FindOrCreateDatabaseAsync(Tenant tenant, bool hasOwnDb, string region,
         string version)
     {
+        _tenant = tenant;
         var status = new StatusGenericHandler<Tenant>();
         if (_returnError)
             return Task.FromResult(status.AddError("An Error"));
@@ -54,6 +56,7 @@ public Task<IStatusGeneric<Tenant>> FindOrCreateDatabaseAsync(Tenant tenant, boo
     public Task<IStatusGeneric> RemoveLastDatabaseSetupAsync()
     {
         RemoveLastDatabaseCalled = true;
+        _context.Tenants.Remove(_tenant);
         return Task.FromResult<IStatusGeneric>(new StatusGenericHandler());
     }
 }

Test/UnitTests/TestSupportCode/TestIndividualUserAddUserManager.cs

@@ -99,7 +99,7 @@ public async Task TestCheckNoExistingAuthUserAsync_Email(string email, bool isVa
         context.AddMultipleUsersWithRolesInDb();
 
         var service = _serviceProvider.GetRequiredService<IAddNewUserManager>();
-        var userData = new AddNewUserDto { Email = email };
+        var userData = new AddNewUserDto { Email = email, Password = "[email protected]" };
 
         context.ChangeTracker.Clear();
 
@@ -110,6 +110,29 @@ public async Task TestCheckNoExistingAuthUserAsync_Email(string email, bool isVa
         status.IsValid.ShouldEqual(isValid);
     }
 
+    [Theory]
+    [InlineData("123", false)]
+    [InlineData("[email protected]", true)]
+    public async Task TestCheckNoExistingAuthUserAsync_Password(string password, bool isValid)
+    {
+        //SETUP
+        var context = _serviceProvider.GetRequiredService<AuthPermissionsDbContext>();
+        context.Database.EnsureClean();
+        context.AddMultipleUsersWithRolesInDb();
+
+        var service = _serviceProvider.GetRequiredService<IAddNewUserManager>();
+        var userData = new AddNewUserDto { Email = "AnotherEmail", Password = password };
+
+        context.ChangeTracker.Clear();
+
+        //ATTEMPT
+        var status = await service.CheckNoExistingAuthUserAsync(userData);
+
+        //VERIFY
+        status.IsValid.ShouldEqual(isValid);
+        _output.WriteLine(status.GetAllErrors());
+    }
+
     [Fact]
     public async Task TestSetUserInfoAsyncOk()
     {

Test/UnitTests/TestSupportCode/TestSignInAndCreateTenant.cs

@@ -206,7 +206,7 @@ public async Task TestAddUserAndNewTenantAsync_Sharding_UndoTenant()
         var rolesSetup = new BulkLoadRolesService(context, authSettings);
         await rolesSetup.AddRolesToDatabaseAsync(Example3AppAuthSetupData.RolesDefinition);
 
-        var userData = new AddNewUserDto { Email = "me[email protected]" };
+        var userData = new AddNewUserDto { Email = "Me[email protected]"};
         var tenantData = new AddNewTenantDto
         {
             TenantName = "New Tenant",