Add basic authorization attributes

ministryofjustice · Jun 3, 2024 · faee01a · faee01a
1 parent 02c0e5b
commit faee01a
Show file tree

Hide file tree

Showing 21 changed files with 50 additions and 11 deletions.
diff --git a/src/Application/Features/Assessments/PostAssessmentCommand/PostAssessmentCommand.cs b/src/Application/Features/Assessments/PostAssessmentCommand/PostAssessmentCommand.cs
@@ -1,5 +1,7 @@
-using Cfo.Cats.Application.Features.Assessments.DTOs;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Assessments.DTOs;
 
 namespace Cfo.Cats.Application.Features.Assessments.PostAssessmentCommand;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public record PostAssessmentCommand(AssessmentDto assessment) : IRequest<bool>;
diff --git a/src/Application/Features/Assessments/Queries/GetAssessment/GetAssessmentQuery.cs b/src/Application/Features/Assessments/Queries/GetAssessment/GetAssessmentQuery.cs
@@ -1,9 +1,10 @@
-using Cfo.Cats.Application.Features.Assessments.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Assessments.Caching;
 using Cfo.Cats.Application.Features.Assessments.DTOs;
 
 namespace Cfo.Cats.Application.Features.Assessments.Queries.GetAssessment;
 
-
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class GetAssessmentQuery : ICacheableRequest<Result<AssessmentDto>>
 {
     public string CacheKey 

diff --git a/...pplication/Features/AuditTrails/Queries/PaginationQuery/AuditTrailsWithPaginationQuery.cs b/...pplication/Features/AuditTrails/Queries/PaginationQuery/AuditTrailsWithPaginationQuery.cs
@@ -1,10 +1,12 @@
-using Cfo.Cats.Application.Features.AuditTrails.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.AuditTrails.Caching;
 using Cfo.Cats.Application.Features.AuditTrails.DTOs;
 using Cfo.Cats.Application.Features.AuditTrails.Specifications;
 using DocumentFormat.OpenXml.Wordprocessing;
 
 namespace Cfo.Cats.Application.Features.AuditTrails.Queries.PaginationQuery;
 
+[RequestAuthorize(Roles = "Admin")]
 public class AuditTrailsWithPaginationQuery
     : AuditTrailAdvancedFilter,
         ICacheableRequest<PaginatedData<AuditTrailDto>>

diff --git a/src/Application/Features/Candidates/Queries/Search/CandidateSearchQuery.cs b/src/Application/Features/Candidates/Queries/Search/CandidateSearchQuery.cs
@@ -4,6 +4,7 @@
 
 namespace Cfo.Cats.Application.Features.Candidates.Queries.Search;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class CandidateSearchQuery : ICacheableRequest<IEnumerable<CandidateDto>>
 {
     public required string ExternalIdentifier { get; set; }

diff --git a/src/Application/Features/Documents/Commands/Upload/UploadDocumentCommand.cs b/src/Application/Features/Documents/Commands/Upload/UploadDocumentCommand.cs
@@ -1,7 +1,9 @@
-using Cfo.Cats.Application.Features.Documents.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Documents.Caching;
 
 namespace Cfo.Cats.Application.Features.Documents.Commands.Upload;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class UploadDocumentCommand : ICacheInvalidatorRequest<Result<Guid>>
 {
     public string CacheKey { get; } = string.Empty;

diff --git a/src/Application/Features/KeyValues/Commands/AddEdit/AddEditKeyValueCommand.cs b/src/Application/Features/KeyValues/Commands/AddEdit/AddEditKeyValueCommand.cs
@@ -1,8 +1,10 @@
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.KeyValues.Caching;
 using Cfo.Cats.Application.Features.KeyValues.DTOs;
 
 namespace Cfo.Cats.Application.Features.KeyValues.Commands.AddEdit;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class AddEditKeyValueCommand : ICacheInvalidatorRequest<Result<int>>
 {
     [Description("Id")] public int Id { get; set; }

diff --git a/src/Application/Features/KeyValues/Commands/Delete/DeleteKeyValueCommand.cs b/src/Application/Features/KeyValues/Commands/Delete/DeleteKeyValueCommand.cs
@@ -1,7 +1,9 @@
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.KeyValues.Caching;
 
 namespace Cfo.Cats.Application.Features.KeyValues.Commands.Delete;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class DeleteKeyValueCommand : ICacheInvalidatorRequest<Result<int>>
 {
     public DeleteKeyValueCommand(int[] id)

diff --git a/src/Application/Features/KeyValues/Commands/Import/CreateKeyValueTemplateCommand.cs b/src/Application/Features/KeyValues/Commands/Import/CreateKeyValueTemplateCommand.cs
@@ -1,5 +1,8 @@
+using Cfo.Cats.Application.Common.Security;
+
 namespace Cfo.Cats.Application.Features.KeyValues.Commands.Import;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public record CreateKeyValueTemplateCommand : IRequest<byte[]>
 {
 }
diff --git a/src/Application/Features/KeyValues/Commands/Import/ImportKeyValuesCommand.cs b/src/Application/Features/KeyValues/Commands/Import/ImportKeyValuesCommand.cs
@@ -1,7 +1,9 @@
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.KeyValues.Caching;
 
 namespace Cfo.Cats.Application.Features.KeyValues.Commands.Import;
 
+[RequestAuthorize(Roles = "Admin")]
 public class ImportKeyValuesCommand : ICacheInvalidatorRequest<Result>
 {
     public ImportKeyValuesCommand(string fileName, byte[] data)

diff --git a/src/Application/Features/KeyValues/Queries/ByName/KeyValuesQueryByName.cs b/src/Application/Features/KeyValues/Queries/ByName/KeyValuesQueryByName.cs
@@ -1,8 +1,10 @@
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.KeyValues.Caching;
 using Cfo.Cats.Application.Features.KeyValues.DTOs;
 
 namespace Cfo.Cats.Application.Features.KeyValues.Queries.ByName;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class KeyValuesQueryByName : ICacheableRequest<IEnumerable<KeyValueDto>>
 {
     public KeyValuesQueryByName(Picklist name)

diff --git a/src/Application/Features/KeyValues/Queries/Export/ExportKeyValuesQuery.cs b/src/Application/Features/KeyValues/Queries/Export/ExportKeyValuesQuery.cs
@@ -1,5 +1,8 @@
+using Cfo.Cats.Application.Common.Security;
+
 namespace Cfo.Cats.Application.Features.KeyValues.Queries.Export;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class ExportKeyValuesQuery : IRequest<byte[]>
 {
     public string? Keyword { get; set; }

diff --git a/src/Application/Features/KeyValues/Queries/GetAll/GetAllKeyValuesQuery.cs b/src/Application/Features/KeyValues/Queries/GetAll/GetAllKeyValuesQuery.cs
@@ -1,8 +1,10 @@
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.KeyValues.Caching;
 using Cfo.Cats.Application.Features.KeyValues.DTOs;
 
 namespace Cfo.Cats.Application.Features.KeyValues.Queries.GetAll;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class GetAllKeyValuesQuery : ICacheableRequest<IEnumerable<KeyValueDto>>
 {
     public string CacheKey => KeyValueCacheKey.GetAllCacheKey;

diff --git a/src/Application/Features/KeyValues/Queries/PaginationQuery/KeyValuesWithPaginationQuery.cs b/src/Application/Features/KeyValues/Queries/PaginationQuery/KeyValuesWithPaginationQuery.cs
@@ -1,11 +1,13 @@
 
 
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.KeyValues.Caching;
 using Cfo.Cats.Application.Features.KeyValues.DTOs;
 using Cfo.Cats.Application.Features.KeyValues.Specifications;
 
 namespace Cfo.Cats.Application.Features.KeyValues.Queries.PaginationQuery;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class KeyValuesWithPaginationQuery : KeyValueAdvancedFilter, ICacheableRequest<PaginatedData<KeyValueDto>>
 {
     public KeyValueAdvancedSpecification Specification => new(this);

diff --git a/src/Application/Features/Locations/Queries/GetAll/GetAllLocationsQuery.cs b/src/Application/Features/Locations/Queries/GetAll/GetAllLocationsQuery.cs
@@ -5,6 +5,7 @@
 
 namespace Cfo.Cats.Application.Features.Locations.Queries.GetAll;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class GetAllLocationsQuery : ICacheableRequest<Result<LocationDto[]>>
 {
     public required UserProfile UserProfile { get; set; }

diff --git a/src/Application/Features/Participants/Commands/Enrol/EnrolParticipantCommand.cs b/src/Application/Features/Participants/Commands/Enrol/EnrolParticipantCommand.cs
@@ -5,6 +5,7 @@
 
 namespace Cfo.Cats.Application.Features.Participants.Commands.Enrol;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class EnrolParticipantCommand : ICacheInvalidatorRequest<Result<string>>
 {
     /// <summary>

diff --git a/src/Application/Features/Tenants/Commands/AddEdit/AddEditTenantCommand.cs b/src/Application/Features/Tenants/Commands/AddEdit/AddEditTenantCommand.cs
@@ -1,9 +1,11 @@
-using Cfo.Cats.Application.Features.Tenants.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Tenants.Caching;
 using Cfo.Cats.Application.Features.Tenants.DTOs;
 using Cfo.Cats.Domain.Entities.Administration;
 
 namespace Cfo.Cats.Application.Features.Tenants.Commands.AddEdit;
 
+[RequestAuthorize(Roles = "Admin")]
 public class AddEditTenantCommand : ICacheInvalidatorRequest<Result<string>>
 {
     [Description("Tenant Id")]

diff --git a/src/Application/Features/Tenants/Commands/Delete/DeleteTenantCommand.cs b/src/Application/Features/Tenants/Commands/Delete/DeleteTenantCommand.cs
@@ -1,7 +1,9 @@
-using Cfo.Cats.Application.Features.Tenants.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Tenants.Caching;
 
 namespace Cfo.Cats.Application.Features.Tenants.Commands.Delete;
 
+[RequestAuthorize(Roles = "Admin")]
 public class DeleteTenantCommand : ICacheInvalidatorRequest<Result<int>>
 {
     public DeleteTenantCommand(string[] id)

diff --git a/src/Application/Features/Tenants/Queries/Export/ExportTenantsQuery.cs b/src/Application/Features/Tenants/Queries/Export/ExportTenantsQuery.cs
@@ -1,7 +1,9 @@
+using Cfo.Cats.Application.Common.Security;
 using Cfo.Cats.Application.Features.Tenants.Specifications;
 
 namespace Cfo.Cats.Application.Features.Tenants.Queries.Export;
 
+[RequestAuthorize(Roles = "Admin")]
 public class ExportTenantsQuery : TenantAdvancedFilter, IRequest<Result<byte[]>>
 {
     public TenantAdvancedSpecification Specification => new(this);

diff --git a/src/Application/Features/Tenants/Queries/GetAll/GetAllTenantsQuery.cs b/src/Application/Features/Tenants/Queries/GetAll/GetAllTenantsQuery.cs
@@ -1,8 +1,10 @@
-using Cfo.Cats.Application.Features.Tenants.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Tenants.Caching;
 using Cfo.Cats.Application.Features.Tenants.DTOs;
 
 namespace Cfo.Cats.Application.Features.Tenants.Queries.GetAll;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class GetAllTenantsQuery : ICacheableRequest<IEnumerable<TenantDto>>
 {
     public string CacheKey => TenantCacheKey.GetAllCacheKey;

diff --git a/src/Application/Features/Tenants/Queries/Pagination/TenantsWithPaginationQuery.cs b/src/Application/Features/Tenants/Queries/Pagination/TenantsWithPaginationQuery.cs
@@ -1,9 +1,11 @@
-using Cfo.Cats.Application.Features.Tenants.Caching;
+using Cfo.Cats.Application.Common.Security;
+using Cfo.Cats.Application.Features.Tenants.Caching;
 using Cfo.Cats.Application.Features.Tenants.DTOs;
 using DocumentFormat.OpenXml.Wordprocessing;
 
 namespace Cfo.Cats.Application.Features.Tenants.Queries.Pagination;
 
+[RequestAuthorize(Roles = "Admin, Basic")]
 public class TenantsWithPaginationQuery
     : PaginationFilter,
         ICacheableRequest<PaginatedData<TenantDto>>

diff --git a/test/ArchitectureTests/ApplicationTests/RequestTests.cs b/test/ArchitectureTests/ApplicationTests/RequestTests.cs
@@ -22,13 +22,15 @@ public void Commands_Should_HaveAuthorizeAttribute()
     {
         var result = Types.InAssembly(ApplicationAssembly)
             .That()
+            .AreNotInterfaces()
+            .And()
             .ImplementInterface(typeof(IRequest<>))
             .Or()
             .ImplementInterface(typeof(ICacheableRequest<>))
             .Or()
             .ImplementInterface(typeof(ICacheInvalidatorRequest<>))
             .Should()
-            .HaveCustomAttribute(typeof(AuthorAttribute))
+            .HaveCustomAttribute(typeof(RequestAuthorizeAttribute))
             .Or()
             .HaveCustomAttribute(typeof(AllowAnonymousAttribute))
             .GetResult();
@@ -43,5 +45,4 @@ public void Commands_Should_HaveAuthorizeAttribute()
 
     }
 
-
 }