Completed EFCore Authorization Store

Author: mckaragoz

UltimateAuth.slnx

@@ -14,6 +14,7 @@
   </Folder>
   <Project Path="src/authentication/CodeBeam.UltimateAuth.Authentication.InMemory/CodeBeam.UltimateAuth.Authentication.InMemory.csproj" Id="bd87e254-0565-4fc5-950d-ee5bbb416079" />
   <Project Path="src/authorization/CodeBeam.UltimateAuth.Authorization.Contracts/CodeBeam.UltimateAuth.Authorization.Contracts.csproj" Id="40a23002-f885-42a8-bdd9-fd962ab28742" />
+  <Project Path="src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore.csproj" Id="8572d1e8-db32-42a1-b61c-e8805e59c019" />
   <Project Path="src/authorization/CodeBeam.UltimateAuth.Authorization.InMemory/CodeBeam.UltimateAuth.Authorization.InMemory.csproj" Id="a1e6d007-bdc0-4574-b549-ec863757edd3" />
   <Project Path="src/authorization/CodeBeam.UltimateAuth.Authorization.Reference/CodeBeam.UltimateAuth.Authorization.Reference.csproj" Id="84b784d0-bb48-406a-a0d1-c600da667597" />
   <Project Path="src/authorization/CodeBeam.UltimateAuth.Authorization/CodeBeam.UltimateAuth.Authorization.csproj" Id="28b1d647-fb0b-4cc3-8503-2680c4a9b28f" />

src/authorization/CodeBeam.UltimateAuth.Authorization.Contracts/Domain/Permission.cs

@@ -16,4 +16,6 @@ public static Permission From(string value)
     public bool IsPrefix => Value.EndsWith(".*");
 
     public override string ToString() => Value;
+
+    public static implicit operator string(Permission p) => p.Value;
 }

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/AssemblyVisibility.cs

@@ -0,0 +1,3 @@
+using System.Runtime.CompilerServices;
+
+[assembly: InternalsVisibleTo("CodeBeam.UltimateAuth.Tests.Unit")]

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore.csproj

@@ -0,0 +1,18 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+	<PropertyGroup>
+		<TargetFrameworks>net8.0;net9.0;net10.0</TargetFrameworks>
+		<ImplicitUsings>enable</ImplicitUsings>
+		<Nullable>enable</Nullable>
+		<GenerateDocumentationFile>true</GenerateDocumentationFile>
+		<NoWarn>$(NoWarn);1591</NoWarn>
+	</PropertyGroup>
+
+	<ItemGroup>
+	  <ProjectReference Include="..\..\CodeBeam.UltimateAuth.Core\CodeBeam.UltimateAuth.Core.csproj" />
+	  <ProjectReference Include="..\..\persistence\CodeBeam.UltimateAuth.EntityFrameworkCore.Abstractions\CodeBeam.UltimateAuth.EntityFrameworkCore.Abstractions.csproj" />
+	  <ProjectReference Include="..\CodeBeam.UltimateAuth.Authorization.Contracts\CodeBeam.UltimateAuth.Authorization.Contracts.csproj" />
+	  <ProjectReference Include="..\CodeBeam.UltimateAuth.Authorization.InMemory\CodeBeam.UltimateAuth.Authorization.InMemory.csproj" />
+	</ItemGroup>
+
+</Project>

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/Data/UAuthAuthorizationDbContext.cs

@@ -0,0 +1,134 @@
+using CodeBeam.UltimateAuth.Authorization.Contracts;
+using CodeBeam.UltimateAuth.Core.Domain;
+using CodeBeam.UltimateAuth.Core.MultiTenancy;
+using Microsoft.EntityFrameworkCore;
+
+namespace CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore;
+
+internal sealed class UAuthAuthorizationDbContext : DbContext
+{
+    public DbSet<RoleProjection> Roles => Set<RoleProjection>();
+    public DbSet<RolePermissionProjection> RolePermissions => Set<RolePermissionProjection>();
+    public DbSet<UserRoleProjection> UserRoles => Set<UserRoleProjection>();
+
+    private readonly TenantContext _tenant;
+
+    public UAuthAuthorizationDbContext(DbContextOptions<UAuthAuthorizationDbContext> options, TenantContext tenant)
+        : base(options)
+    {
+        _tenant = tenant;
+    }
+
+    protected override void OnModelCreating(ModelBuilder b)
+    {
+        ConfigureRole(b);
+        ConfigureRolePermission(b);
+        ConfigureUserRole(b);
+    }
+
+    private void ConfigureRole(ModelBuilder b)
+    {
+        b.Entity<RoleProjection>(e =>
+        {
+            e.HasKey(x => x.Id);
+
+            e.Property(x => x.Version)
+                .IsConcurrencyToken();
+
+            e.Property(x => x.Tenant)
+                .HasConversion(
+                    v => v.Value,
+                    v => TenantKey.FromInternal(v))
+                .HasMaxLength(128)
+                .IsRequired();
+
+            e.Property(x => x.Id)
+                .HasConversion(
+                    v => v.Value,
+                    v => RoleId.From(v))
+                .IsRequired();
+
+            e.Property(x => x.Name)
+                .HasMaxLength(128)
+                .IsRequired();
+
+            e.Property(x => x.NormalizedName)
+                .HasMaxLength(128)
+                .IsRequired();
+
+            e.Property(x => x.CreatedAt)
+                .IsRequired();
+
+            e.HasIndex(x => new { x.Tenant, x.Id }).IsUnique();
+            e.HasIndex(x => new { x.Tenant, x.NormalizedName }).IsUnique();
+
+            e.HasQueryFilter(x => _tenant.IsGlobal || x.Tenant == _tenant.Tenant);
+        });
+    }
+
+    private void ConfigureRolePermission(ModelBuilder b)
+    {
+        b.Entity<RolePermissionProjection>(e =>
+        {
+            e.HasKey(x => new { x.Tenant, x.RoleId, x.Permission });
+
+            e.Property(x => x.Tenant)
+                .HasConversion(
+                    v => v.Value,
+                    v => TenantKey.FromInternal(v))
+                .HasMaxLength(128)
+                .IsRequired();
+
+            e.Property(x => x.RoleId)
+                .HasConversion(
+                    v => v.Value,
+                    v => RoleId.From(v))
+                .IsRequired();
+
+            e.Property(x => x.Permission)
+                .HasMaxLength(256)
+                .IsRequired();
+
+            e.HasIndex(x => new { x.Tenant, x.RoleId });
+            e.HasIndex(x => new { x.Tenant, x.Permission });
+
+            e.HasQueryFilter(x => _tenant.IsGlobal || x.Tenant == _tenant.Tenant);
+        });
+    }
+
+    private void ConfigureUserRole(ModelBuilder b)
+    {
+        b.Entity<UserRoleProjection>(e =>
+        {
+            e.HasKey(x => new { x.Tenant, x.UserKey, x.RoleId });
+
+            e.Property(x => x.Tenant)
+                .HasConversion(
+                    v => v.Value,
+                    v => TenantKey.FromInternal(v))
+                .HasMaxLength(128)
+                .IsRequired();
+
+            e.Property(x => x.UserKey)
+                .HasConversion(
+                    v => v.Value,
+                    v => UserKey.FromString(v))
+                .HasMaxLength(128)
+                .IsRequired();
+
+            e.Property(x => x.RoleId)
+                .HasConversion(
+                    v => v.Value,
+                    v => RoleId.From(v))
+                .IsRequired();
+
+            e.Property(x => x.AssignedAt)
+                .IsRequired();
+
+            e.HasIndex(x => new { x.Tenant, x.UserKey });
+            e.HasIndex(x => new { x.Tenant, x.RoleId });
+
+            e.HasQueryFilter(x => _tenant.IsGlobal || x.Tenant == _tenant.Tenant);
+        });
+    }
+}

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/Extensions/ServiceCollectionExtensions.cs

@@ -0,0 +1,15 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore.Extensions;
+
+public static class ServiceCollectionExtensions
+{
+    public static IServiceCollection AddUltimateAuthEntityFrameworkCoreAuthorization(this IServiceCollection services, Action<DbContextOptionsBuilder> configureDb)
+    {
+        services.AddDbContextPool<UAuthAuthorizationDbContext>(configureDb);
+        services.AddScoped<IRoleStore, EfCoreRoleStore>();
+        services.AddScoped<IUserRoleStore, EfCoreUserRoleStore>();
+        return services;
+    }
+}

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/Mappers/RoleMapper.cs

@@ -0,0 +1,42 @@
+using CodeBeam.UltimateAuth.Authorization;
+using CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore;
+
+internal static class RoleMapper
+{
+    public static Role ToDomain(RoleProjection projection, IEnumerable<RolePermissionProjection> permissionEntities)
+    {
+        var permissions = permissionEntities.Select(RolePermissionMapper.ToDomain);
+
+        return Role.FromProjection(
+            projection.Id,
+            projection.Tenant,
+            projection.Name,
+            permissions,
+            projection.CreatedAt,
+            projection.UpdatedAt,
+            projection.DeletedAt,
+            projection.Version);
+    }
+
+    public static RoleProjection ToProjection(Role role)
+    {
+        return new RoleProjection
+        {
+            Id = role.Id,
+            Tenant = role.Tenant,
+            Name = role.Name,
+            NormalizedName = role.NormalizedName,
+            CreatedAt = role.CreatedAt,
+            UpdatedAt = role.UpdatedAt,
+            DeletedAt = role.DeletedAt,
+            Version = role.Version
+        };
+    }
+
+    public static void UpdateProjection(Role role, RoleProjection entity)
+    {
+        entity.Name = role.Name;
+        entity.NormalizedName = role.NormalizedName;
+        entity.UpdatedAt = role.UpdatedAt;
+    }
+}

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/Mappers/RolePermissionMapper.cs

@@ -0,0 +1,23 @@
+using CodeBeam.UltimateAuth.Authorization.Contracts;
+using CodeBeam.UltimateAuth.Authorization.Domain;
+using CodeBeam.UltimateAuth.Core.MultiTenancy;
+
+namespace CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore;
+
+internal static class RolePermissionMapper
+{
+    public static RolePermissionProjection ToProjection(TenantKey tenant, RoleId roleId, Permission permission)
+    {
+        return new RolePermissionProjection
+        {
+            Tenant = tenant,
+            RoleId = roleId,
+            Permission = permission.Value
+        };
+    }
+
+    public static Permission ToDomain(RolePermissionProjection projection)
+    {
+        return Permission.From(projection.Permission);
+    }
+}

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/Mappers/UserRoleMapper.cs

@@ -0,0 +1,26 @@
+namespace CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore;
+
+internal static class UserRoleMapper
+{
+    public static UserRole ToDomain(UserRoleProjection projection)
+    {
+        return new UserRole
+        {
+            Tenant = projection.Tenant,
+            UserKey = projection.UserKey,
+            RoleId = projection.RoleId,
+            AssignedAt = projection.AssignedAt
+        };
+    }
+
+    public static UserRoleProjection ToProjection(UserRole role)
+    {
+        return new UserRoleProjection
+        {
+            Tenant = role.Tenant,
+            UserKey = role.UserKey,
+            RoleId = role.RoleId,
+            AssignedAt = role.AssignedAt
+        };
+    }
+}

src/authorization/CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore/Projections/RolePermissionProjection.cs

@@ -0,0 +1,13 @@
+using CodeBeam.UltimateAuth.Authorization.Contracts;
+using CodeBeam.UltimateAuth.Core.MultiTenancy;
+
+namespace CodeBeam.UltimateAuth.Authorization.EntityFrameworkCore;
+
+internal sealed class RolePermissionProjection
+{
+    public TenantKey Tenant { get; set; }
+
+    public RoleId RoleId { get; set; }
+
+    public string Permission { get; set; } = default!;
+}