PT-8715: Get organization maintainer role name from app settings (#26)

* Get organization maintainer role name from app settings * Getting role method * Use IOptions for getting role name * Update index.md
VirtoCommerce · Aug 31, 2022 · b133373 · b133373
1 parent 63ab977
commit b133373
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 6 deletions.
diff --git a/docs/index.md b/docs/index.md
@@ -490,8 +490,20 @@ mutation requestRegistration (command: InputRequestRegistrationType!) {
 }
 ```
 
-> The mutation registers a company when all argumets have been provided, and registers a customer only when the company value is null. If a company is created, the customer becomes its member and owner.
+> The mutation registers a company when all argumets have been provided, and registers a customer only when the company value is null. If a company is created, the customer becomes its member and owner. In this case customer gets the **Organization maintainer** role whose name or ID must be provided in **appsettings.json**.
 >
 > The user that creates a company and/or customer is always displayed as *frontend*.
 >
 > The company status is determined by the *Company default status* store setting, while contact and account statuses come from the *Contact default status* setting. Both settings must be provided in advance.
+>
+> Example of the role name settings provided below.
+
+```
+{
+...
+    "FrontendSecurity": {
+            "OrganizationMaintainerRole": "Organization maintainer"
+        },
+...
+}
+```
diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Data/Commands/RegisterRequestCommandHandler.cs b/src/VirtoCommerce.ProfileExperienceApiModule.Data/Commands/RegisterRequestCommandHandler.cs
@@ -26,6 +26,9 @@
 using VirtoCommerce.NotificationsModule.Core.Model;
 using VirtoCommerce.Platform.Security;
 using VirtoCommerce.ProfileExperienceApiModule.Data.Models.RegisterOrganization;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Options;
+using VirtoCommerce.ProfileExperienceApiModule.Data.Configuration;
 
 namespace VirtoCommerce.ProfileExperienceApiModule.Data.Commands
 {
@@ -41,10 +44,10 @@ public class RegisterRequestCommandHandler : IRequestHandler<RegisterRequestComm
         private readonly NewContactValidator _contactValidator;
         private readonly AccountValidator _accountValidator;
         private readonly OrganizationValidator _organizationValidator;
+        private readonly IOptions<FrontendSecurityOptions> _securityOptions;
 
         private const string Creator = "frontend";
         private const string UserType = "Manager";
-        private const string MaintainerRoleId = "org-maintainer";
 #pragma warning disable S107
         public RegisterRequestCommandHandler(IMapper mapper,
             IDynamicPropertyUpdaterService dynamicPropertyUpdater,
@@ -55,7 +58,8 @@ public RegisterRequestCommandHandler(IMapper mapper,
             IAccountService accountService,
             NewContactValidator contactValidator,
             AccountValidator accountValidator,
-            OrganizationValidator organizationValidator)
+            OrganizationValidator organizationValidator,
+            IOptions<FrontendSecurityOptions> securityOptions)
 #pragma warning restore S107
         {
             _mapper = mapper;
@@ -68,6 +72,7 @@ public RegisterRequestCommandHandler(IMapper mapper,
             _contactValidator = contactValidator;
             _accountValidator = accountValidator;
             _organizationValidator = organizationValidator;
+            _securityOptions = securityOptions;
         }
 
         public virtual async Task<RegisterOrganizationResult> Handle(RegisterRequestCommand request, CancellationToken cancellationToken)
@@ -128,10 +133,9 @@ private async Task<RegisterOrganizationResult> ProcessRequestAsync(RegisterReque
 
             if (organization != null)
             {
-                var maintainerRole = await _accountService.FindRoleById(MaintainerRoleId);
+                var maintainerRole = await GetMaintainerRole(result, tokenSource);
                 if (maintainerRole == null)
                 {
-                    SetErrorResult(result, "Role not found",$"Organization maintainer role with id {MaintainerRoleId} not found", tokenSource);
                     return result;
                 }
 
@@ -181,6 +185,24 @@ private async Task<RegisterOrganizationResult> ProcessRequestAsync(RegisterReque
             return result;
         }
 
+        private async Task<Role> GetMaintainerRole(RegisterOrganizationResult result, CancellationTokenSource tokenSource)
+        {
+            var maintainerRoleId = _securityOptions.Value.OrganizationMaintainerRole;
+            if (maintainerRoleId == null)
+            {
+                SetErrorResult(result, "Role not configured", "Organization maintainer role configuration is not found in the app settings", tokenSource);
+                return null;
+            }
+
+            var role = await _accountService.FindRoleByName(maintainerRoleId) ?? await _accountService.FindRoleById(maintainerRoleId);
+            if (role == null)
+            {
+                SetErrorResult(result, "Role not found", $"Organization maintainer role {maintainerRoleId} not found", tokenSource);
+            }
+
+            return role;
+        }
+
         private static AccountCreationResult GetAccountCreationResult(IdentityResult identityResult, ApplicationUser account)
         {
             return new AccountCreationResult

diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Data/Configuration/FrontendSecurityOptions.cs b/src/VirtoCommerce.ProfileExperienceApiModule.Data/Configuration/FrontendSecurityOptions.cs
@@ -0,0 +1,7 @@
+namespace VirtoCommerce.ProfileExperienceApiModule.Data.Configuration
+{
+    public class FrontendSecurityOptions
+    {
+        public string OrganizationMaintainerRole { get; set; }
+    }
+}
diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Data/Services/AccountsService.cs b/src/VirtoCommerce.ProfileExperienceApiModule.Data/Services/AccountsService.cs
@@ -59,5 +59,11 @@ public async Task<Role> FindRoleById(string roleId)
             using var roleManager = _roleManagerFactory();
             return await roleManager.FindByIdAsync(roleId);
         }
+
+        public async Task<Role> FindRoleByName(string roleName)
+        {
+            using var roleManager = _roleManagerFactory();
+            return await roleManager.FindByNameAsync(roleName);
+        }
     }
 }
diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Data/Services/IAccountService.cs b/src/VirtoCommerce.ProfileExperienceApiModule.Data/Services/IAccountService.cs
@@ -9,5 +9,6 @@ public interface IAccountService
         public Task<IdentityResult> CreateAccountAsync(ApplicationUser account);
         public Task<ApplicationUser> GetAccountAsync(string userName);
         public Task<Role> FindRoleById(string roleId);
+        public Task<Role> FindRoleByName(string roleName);
     }
 }
diff --git a/src/VirtoCommerce.ProfileExperienceApiModule.Web/Module.cs b/src/VirtoCommerce.ProfileExperienceApiModule.Web/Module.cs
@@ -3,6 +3,7 @@
 using MediatR;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using VirtoCommerce.ExperienceApiModule.Core.Extensions;
 using VirtoCommerce.ExperienceApiModule.Core.Infrastructure;
@@ -15,6 +16,7 @@
 using VirtoCommerce.ProfileExperienceApiModule.Data.Aggregates.Contact;
 using VirtoCommerce.ProfileExperienceApiModule.Data.Aggregates.Organization;
 using VirtoCommerce.ProfileExperienceApiModule.Data.Authorization;
+using VirtoCommerce.ProfileExperienceApiModule.Data.Configuration;
 using VirtoCommerce.ProfileExperienceApiModule.Data.Middlewares;
 using VirtoCommerce.ProfileExperienceApiModule.Data.Schemas;
 using VirtoCommerce.ProfileExperienceApiModule.Data.Services;
@@ -23,9 +25,10 @@
 
 namespace VirtoCommerce.CusomersExperienceApi.Web
 {
-    public class Module : IModule
+    public class Module : IModule, IHasConfiguration
     {
         public ManifestModuleInfo ModuleInfo { get; set; }
+        public IConfiguration Configuration { get; set; }
 
         public void Initialize(IServiceCollection serviceCollection)
         {
@@ -44,6 +47,7 @@ public void Initialize(IServiceCollection serviceCollection)
             serviceCollection.AddTransient<IContactAggregateRepository, ContactAggregateRepository>();
             serviceCollection.AddTransient<IAccountService, AccountsService>();
             serviceCollection.AddSingleton<IAuthorizationHandler, ProfileAuthorizationHandler>();
+            serviceCollection.AddOptions<FrontendSecurityOptions>().Bind(Configuration.GetSection("FrontendSecurity")).ValidateDataAnnotations();
 
             serviceCollection.AddAutoMapper(typeof(XProfileAnchor));