< Summary

Information

Class:	LGDXRobotCloud.API.Authorisation.ValidateLgdxUserAccessHandler
Assembly:	LGDXRobotCloud.API
File(s):	/builds/yukaitung/lgdxrobot2-cloud/LGDXRobotCloud.API/Authorisation/ValidateLgdxUserAccessHandler.cs

Line coverage

Covered lines:	0
Uncovered lines:	71
Coverable lines:	71
Total lines:	106
Line coverage:	0%

Branch coverage

Covered branches:	0
Total branches:	46
Branch coverage:	0%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.ctor(...)	0%	6	2	0%
IsValidApplication(...)	100%	2	1	0%
HasAccess(...)	0%	110	10	0%
HasAreaAccess(...)	0%	20	4	0%
HasControllerAccess(...)	0%	20	4	0%
HandleRequirementAsync(...)	0%	702	26	0%

File(s)

/builds/yukaitung/lgdxrobot2-cloud/LGDXRobotCloud.API/Authorisation/ValidateLgdxUserAccessHandler.cs

#	Line	Line coverage
	`1`	`using System.Security.Claims;`
	`2`	`using Microsoft.AspNetCore.Authorization;`
	`3`
	`4`	`namespace LGDXRobotCloud.API.Authorisation;`
	`5`
0	`6`	`public class ValidateLgdxUserAccessHandler(`
0	`7`	`IHttpContextAccessor httpContextAccessor`
0	`8`	`) : AuthorizationHandler<ValidateLgdxUserAccessRequirement>`
	`9`	`{`
0	`10`	`private readonly HttpContext _httpContext = httpContextAccessor.HttpContext ?? throw new ArgumentException(nameof(http`
	`11`
	`12`	`private static bool IsValidApplication(string str)`
0	`13`	`{`
0	`14`	`return string.Equals(str, "LGDXRobotCloud.API", StringComparison.CurrentCultureIgnoreCase);`
0	`15`	`}`
	`16`
	`17`	`private bool HasAccess(string str)`
0	`18`	`{`
0	`19`	`string method = _httpContext.Request.Method;`
0	`20`	`if (string.Equals(str, "FullAccess", StringComparison.CurrentCultureIgnoreCase))`
0	`21`	`{`
	`22`	`// Has full access`
0	`23`	`return true;`
	`24`	`}`
0	`25`	`if (string.Equals(str, "Read", StringComparison.CurrentCultureIgnoreCase))`
0	`26`	`{`
	`27`	`// Has read access`
0	`28`	`return string.Equals(method, "GET", StringComparison.CurrentCultureIgnoreCase);`
	`29`	`}`
0	`30`	`else if (string.Equals(str, "Write", StringComparison.CurrentCultureIgnoreCase))`
0	`31`	`{`
	`32`	`// Has write access`
0	`33`	`return string.Equals(method, "POST", StringComparison.CurrentCultureIgnoreCase) \|\|`
0	`34`	`string.Equals(method, "PUT", StringComparison.CurrentCultureIgnoreCase);`
	`35`	`}`
0	`36`	`else if (string.Equals(str, "Delete", StringComparison.CurrentCultureIgnoreCase))`
0	`37`	`{`
	`38`	`// Has delete access`
0	`39`	`return string.Equals(method, "DELETE", StringComparison.CurrentCultureIgnoreCase);`
	`40`	`}`
0	`41`	`return false;`
0	`42`	`}`
	`43`
	`44`	`private bool HasAreaAccess(string str)`
0	`45`	`{`
0	`46`	`string? area = _httpContext.Request.RouteValues["area"]?.ToString();`
0	`47`	`if (string.IsNullOrEmpty(area))`
0	`48`	`{`
0	`49`	`return false;`
	`50`	`}`
0	`51`	`return string.Equals(area, str, StringComparison.CurrentCultureIgnoreCase);`
0	`52`	`}`
	`53`
	`54`	`private bool HasControllerAccess(string str)`
0	`55`	`{`
0	`56`	`string? controller = _httpContext.Request.RouteValues["controller"]?.ToString();`
0	`57`	`if (string.IsNullOrEmpty(controller))`
0	`58`	`{`
0	`59`	`return false;`
	`60`	`}`
0	`61`	`return string.Equals(controller, str, StringComparison.CurrentCultureIgnoreCase);`
0	`62`	`}`
	`63`
	`64`	`protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ValidateLgdxUserAccessRequirement`
0	`65`	`{`
0	`66`	`List<Claim> scopes = context.User.FindAll(c => c.Type == "scope").ToList();`
	`67`	`// Extract scope`
	`68`	`// format: LGDXRobotCloud.API/Area/Controller/<Access>`
0	`69`	`foreach (Claim scope in scopes)`
0	`70`	`{`
0	`71`	`var scopeSplit = scope.Value.Split("/");`
0	`72`	`if (scopeSplit.Length == 2)`
0	`73`	`{`
	`74`	`// format: LGDXRobotCloud.API/<Access>`
0	`75`	`if (IsValidApplication(scopeSplit[0]) && HasAccess(scopeSplit[1]))`
0	`76`	`{`
0	`77`	`context.Succeed(requirement);`
0	`78`	`return Task.CompletedTask;`
	`79`	`}`
0	`80`	`}`
0	`81`	`else if (scopeSplit.Length == 3)`
0	`82`	`{`
	`83`	`// format: LGDXRobotCloud.API/Area/<Access>`
0	`84`	`if (IsValidApplication(scopeSplit[0]) && HasAreaAccess(scopeSplit[1]) && HasAccess(scopeSplit[2]))`
0	`85`	`{`
0	`86`	`context.Succeed(requirement);`
0	`87`	`return Task.CompletedTask;`
	`88`	`}`
0	`89`	`}`
0	`90`	`else if (scopeSplit.Length == 4)`
0	`91`	`{`
	`92`	`// format: LGDXRobotCloud.API/Area/Controller/<Access>`
0	`93`	`if (IsValidApplication(scopeSplit[0]) &&`
0	`94`	`HasAreaAccess(scopeSplit[1]) &&`
0	`95`	`HasControllerAccess(scopeSplit[2]) &&`
0	`96`	`HasAccess(scopeSplit[3]))`
0	`97`	`{`
0	`98`	`context.Succeed(requirement);`
0	`99`	`return Task.CompletedTask;`
	`100`	`}`
0	`101`	`}`
0	`102`	`}`
0	`103`	`context.Fail();`
0	`104`	`return Task.CompletedTask;`
0	`105`	`}`
	`106`	`}`

< Summary

Metrics

File(s)

/builds/yukaitung/lgdxrobot2-cloud/LGDXRobotCloud.API/Authorisation/ValidateLgdxUserAccessHandler.cs

Methods/Properties