Add authorization filter.

mo-esmp · mo-esmp · commit fbf3b1ab0b80 · 2020-04-10T23:13:55.000+04:30
diff --git a/src/SampleWebApplication/Startup.cs b/src/SampleWebApplication/Startup.cs
@@ -31,8 +31,10 @@ public void ConfigureServices(IServiceCollection services)
         {
             var mvcBuilder = services.AddControllersWithViews();
 
-            services.AddSerilogUi(mvcBuilder, options =>
-                options.UseSqlServer("Server=.;Database=SerilogWebUi;Integrated Security=True;", "Logs"));
+            services.AddSerilogUi(mvcBuilder, options => options
+                    .EnableAuthorization(authOptions => authOptions.Usernames = new[] { "Test" })
+                    .UseSqlServer("Server=.;Database=SerilogWebUi;Integrated Security=True;", "Logs")
+                );
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
diff --git a/src/Serilog.Ui.Core/OptionsBuilder/DataProviderOptionsBuilder.cs b/src/Serilog.Ui.Core/OptionsBuilder/DataProviderOptionsBuilder.cs
diff --git a/src/Serilog.Ui.Core/OptionsBuilder/ISerilogUiOptionsBuilder.cs b/src/Serilog.Ui.Core/OptionsBuilder/ISerilogUiOptionsBuilder.cs
@@ -2,7 +2,7 @@
 
 namespace Serilog.Ui.Core
 {
-    public interface IDataProviderOptionsBuilder
+    public interface ISerilogUiOptionsBuilder
     {
         IServiceCollection Services { get; }
     }
diff --git a/src/Serilog.Ui.Core/OptionsBuilder/SerilogUiOptionsBuilder.cs b/src/Serilog.Ui.Core/OptionsBuilder/SerilogUiOptionsBuilder.cs
@@ -0,0 +1,16 @@
+﻿using Microsoft.Extensions.DependencyInjection;
+
+namespace Serilog.Ui.Core
+{
+    public class SerilogUiOptionsBuilder : ISerilogUiOptionsBuilder
+    {
+        private readonly IServiceCollection _services;
+
+        public SerilogUiOptionsBuilder(IServiceCollection services)
+        {
+            _services = services;
+        }
+
+        IServiceCollection ISerilogUiOptionsBuilder.Services => _services;
+    }
+}
diff --git a/src/Serilog.Ui.MsSqlServerProvider/Extensions/SerilogUiOptionBuilderExtensions.cs b/src/Serilog.Ui.MsSqlServerProvider/Extensions/SerilogUiOptionBuilderExtensions.cs
@@ -7,7 +7,7 @@ namespace Serilog.Ui.MsSqlServerProvider
     public static class DataProviderOptionBuilderExtensions
     {
         public static void UseSqlServer(
-            this DataProviderOptionsBuilder optionsBuilder,
+            this SerilogUiOptionsBuilder optionsBuilder,
             string connectionString,
             string tableName,
             string schemaName = "dbo"
@@ -26,8 +26,8 @@ public static void UseSqlServer(
                 Schema = schemaName
             };
 
-            ((IDataProviderOptionsBuilder)optionsBuilder).Services.AddSingleton(relationProvider);
-            ((IDataProviderOptionsBuilder)optionsBuilder).Services.AddScoped<IDataProvider, SqlServerDataProvider>();
+            ((ISerilogUiOptionsBuilder)optionsBuilder).Services.AddSingleton(relationProvider);
+            ((ISerilogUiOptionsBuilder)optionsBuilder).Services.AddScoped<IDataProvider, SqlServerDataProvider>();
         }
     }
 }
diff --git a/src/Serilog.Ui.Web/Controllers/LogsController.cs b/src/Serilog.Ui.Web/Controllers/LogsController.cs
@@ -1,6 +1,7 @@
 ﻿using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Rendering;
 using Serilog.Ui.Core;
+using Serilog.Ui.Web.Filters;
 using Serilog.Ui.Web.ViewModel;
 using System.Collections.Generic;
 using System.IO;
@@ -10,6 +11,7 @@
 
 namespace Serilog.Ui.Web.Controllers
 {
+    [ServiceFilter(typeof(AuthorizationFilter))]
     public class LogsController : Controller
     {
         private static readonly string Scripts;
diff --git a/src/Serilog.Ui.Web/Extensions/AuthorizationOptions.cs b/src/Serilog.Ui.Web/Extensions/AuthorizationOptions.cs
@@ -0,0 +1,13 @@
+﻿using System.Collections.Generic;
+
+namespace Serilog.Ui.Web
+{
+    public class AuthorizationOptions
+    {
+        public IEnumerable<string> Usernames { get; set; }
+
+        public IEnumerable<string> Roles { get; set; }
+
+        internal bool Enabled { get; set; } = false;
+    }
+}
diff --git a/src/Serilog.Ui.Web/Extensions/SerilogUiOptionBuilderExtensions.cs b/src/Serilog.Ui.Web/Extensions/SerilogUiOptionBuilderExtensions.cs
@@ -0,0 +1,25 @@
+﻿using Microsoft.Extensions.DependencyInjection;
+using Serilog.Ui.Core;
+using System;
+
+namespace Serilog.Ui.Web
+{
+    public static class SerilogUiOptionBuilderExtensions
+    {
+        public static SerilogUiOptionsBuilder EnableAuthorization(this SerilogUiOptionsBuilder optionsBuilder, Action<AuthorizationOptions> options)
+        {
+            if (optionsBuilder == null)
+                throw new ArgumentNullException(nameof(optionsBuilder));
+
+            if (options == null)
+                throw new ArgumentNullException(nameof(options));
+
+            var authorizationOptions = new AuthorizationOptions { Enabled = true };
+            options.Invoke(authorizationOptions);
+
+            ((ISerilogUiOptionsBuilder)optionsBuilder).Services.AddSingleton<AuthorizationOptions>(authorizationOptions);
+
+            return optionsBuilder;
+        }
+    }
+}
diff --git a/src/Serilog.Ui.Web/Extensions/ServiceCollectionExtensions.cs b/src/Serilog.Ui.Web/Extensions/ServiceCollectionExtensions.cs
@@ -1,6 +1,7 @@
 ﻿using Microsoft.AspNetCore.Mvc.ApplicationParts;
 using Microsoft.Extensions.DependencyInjection;
 using Serilog.Ui.Core;
+using Serilog.Ui.Web.Filters;
 using System;
 using System.Linq;
 
@@ -11,22 +12,18 @@ public static class ServiceCollectionExtensions
         public static IServiceCollection AddSerilogUi(
             this IServiceCollection services,
             IMvcBuilder mvcBuilder,
-            Action<DataProviderOptionsBuilder> optionsBuilder)
+            Action<SerilogUiOptionsBuilder> optionsBuilder
+            )
         {
             if (services == null)
                 throw new ArgumentNullException(nameof(services));
 
             if (optionsBuilder == null)
                 throw new ArgumentNullException(nameof(optionsBuilder));
 
-            var builder = new DataProviderOptionsBuilder(services);
+            var builder = new SerilogUiOptionsBuilder(services);
             optionsBuilder.Invoke(builder);
 
-            //var assembly = typeof(ServiceCollectionExtensions).Assembly;
-            // var location = assembly.Location;
-            //var embeddedFileProvider = new EmbeddedFileProvider(assembly);
-            //mvcBuilder.AddRazorRuntimeCompilation(options => options.FileProviders.Add(embeddedFileProvider));
-
             var assemblies = AppDomain.CurrentDomain.GetAssemblies().Where(a => a.FullName.StartsWith("Serilog.Ui.Web")).ToList();
             foreach (var assembly in assemblies)
             {
@@ -39,12 +36,13 @@ public static IServiceCollection AddSerilogUi(
                 }
             }
 
-            return services;
-        }
+            var isAuthorizationFilterExist = services.Any(s => s.ServiceType.FullName == typeof(AuthorizationOptions).FullName);
+            if (!isAuthorizationFilterExist)
+                services.AddScoped<AuthorizationOptions>();
 
-        private static void ConfigureApplicationParts(ApplicationPartManager apm)
-        {
-            apm.ApplicationParts.Add(new AssemblyPart(typeof(ServiceCollectionExtensions).Assembly));
+            services.AddScoped<AuthorizationFilter>();
+
+            return services;
         }
     }
 }
diff --git a/src/Serilog.Ui.Web/Filters/AuthorizationFilter.cs b/src/Serilog.Ui.Web/Filters/AuthorizationFilter.cs
@@ -0,0 +1,40 @@
+﻿using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System.Linq;
+
+namespace Serilog.Ui.Web.Filters
+{
+    internal class AuthorizationFilter : IAuthorizationFilter
+    {
+        private readonly AuthorizationOptions _authorizationOptions;
+
+        public AuthorizationFilter(AuthorizationOptions authorizationOptions)
+        {
+            _authorizationOptions = authorizationOptions;
+        }
+
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            if (!_authorizationOptions.Enabled)
+                return;
+
+            if (!context.HttpContext.User.Identity.IsAuthenticated)
+            {
+                context.Result = new UnauthorizedResult();
+                return;
+            }
+
+            var userName = context.HttpContext.User.Identity.Name.ToLower();
+
+            if (_authorizationOptions.Usernames != null &&
+                _authorizationOptions.Usernames.Any(u => u.ToLower() == userName))
+                return;
+
+            if (_authorizationOptions.Roles != null &&
+                _authorizationOptions.Roles.Any(role => context.HttpContext.User.IsInRole(role)))
+                return;
+
+            context.Result = new ForbidResult();
+        }
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,10 @@ public void ConfigureServices(IServiceCollection services)`
`31`	`31`	`{`
`32`	`32`	`var mvcBuilder = services.AddControllersWithViews();`
`33`	`33`
`34`		`- services.AddSerilogUi(mvcBuilder, options =>`
`35`		`- options.UseSqlServer("Server=.;Database=SerilogWebUi;Integrated Security=True;", "Logs"));`
	`34`	`+ services.AddSerilogUi(mvcBuilder, options => options`
	`35`	`+ .EnableAuthorization(authOptions => authOptions.Usernames = new[] { "Test" })`
	`36`	`+ .UseSqlServer("Server=.;Database=SerilogWebUi;Integrated Security=True;", "Logs")`
	`37`	`+ );`
`36`	`38`	`}`
`37`	`39`
`38`	`40`	`// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.`
Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@`
`2`	`2`
`3`	`3`	`namespace Serilog.Ui.Core`
`4`	`4`	`{`
`5`		`- public interface IDataProviderOptionsBuilder`
	`5`	`+ public interface ISerilogUiOptionsBuilder`
`6`	`6`	`{`
`7`	`7`	`IServiceCollection Services { get; }`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@ namespace Serilog.Ui.MsSqlServerProvider`
`7`	`7`	`public static class DataProviderOptionBuilderExtensions`
`8`	`8`	`{`
`9`	`9`	`public static void UseSqlServer(`
`10`		`- this DataProviderOptionsBuilder optionsBuilder,`
	`10`	`+ this SerilogUiOptionsBuilder optionsBuilder,`
`11`	`11`	`string connectionString,`
`12`	`12`	`string tableName,`
`13`	`13`	`string schemaName = "dbo"`
`@@ -26,8 +26,8 @@ public static void UseSqlServer(`
`26`	`26`	`Schema = schemaName`
`27`	`27`	`};`
`28`	`28`
`29`		`- ((IDataProviderOptionsBuilder)optionsBuilder).Services.AddSingleton(relationProvider);`
`30`		`- ((IDataProviderOptionsBuilder)optionsBuilder).Services.AddScoped<IDataProvider, SqlServerDataProvider>();`
	`29`	`+ ((ISerilogUiOptionsBuilder)optionsBuilder).Services.AddSingleton(relationProvider);`
	`30`	`+ ((ISerilogUiOptionsBuilder)optionsBuilder).Services.AddScoped<IDataProvider, SqlServerDataProvider>();`
`31`	`31`	`}`
`32`	`32`	`}`
`33`	`33`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`using Microsoft.AspNetCore.Mvc;`
`2`	`2`	`using Microsoft.AspNetCore.Mvc.Rendering;`
`3`	`3`	`using Serilog.Ui.Core;`
	`4`	`+using Serilog.Ui.Web.Filters;`
`4`	`5`	`using Serilog.Ui.Web.ViewModel;`
`5`	`6`	`using System.Collections.Generic;`
`6`	`7`	`using System.IO;`
`@@ -10,6 +11,7 @@`
`10`	`11`
`11`	`12`	`namespace Serilog.Ui.Web.Controllers`
`12`	`13`	`{`
	`14`	`+ [ServiceFilter(typeof(AuthorizationFilter))]`
`13`	`15`	`public class LogsController : Controller`
`14`	`16`	`{`
`15`	`17`	`private static readonly string Scripts;`