Merge pull request #14 from openimis/v1.0.0

V1.0.0

OpenImis.Modules/InsureeManagementModule/Logic/FamilyLogic.cs

@@ -104,7 +104,7 @@ public async Task<GetFamiliesResponse> GetFamilies(int page = 1, int resultsPerP
 			return getFamiliesResponse;
 		}
 
-		public async Task<FamilyModel> AddFamily(FamilyModel family)
+		public async Task<FamilyModel> AddFamilyAsync(FamilyModel family)
 		{
 			// Authorize user
 

OpenImis.Modules/InsureeManagementModule/Logic/IFamilyLogic.cs

@@ -16,7 +16,7 @@ public interface IFamilyLogic
 
 		Task<GetFamiliesResponse> GetFamilies(int page = 1, int resultsPerPage = 20);
 
-		Task<FamilyModel> AddFamily(FamilyModel family);
+		Task<FamilyModel> AddFamilyAsync(FamilyModel family);
 
 		Task<FamilyModel> UpdateFamilyAsync(int familyId, FamilyModel family);
 

OpenImis.Modules/InsureeManagementModule/Logic/IInsureeLogic.cs

@@ -20,5 +20,6 @@ public interface IInsureeLogic
 		/// <returns>InsureeModel</returns>
 		Task<InsureeModel> GetInsureeByInsureeIdAsync(string insureeId);
 
+
 	}
 }

OpenImis.Modules/InsureeManagementModule/Logic/InsureeLogic.cs

@@ -1,6 +1,8 @@
 using System.Threading.Tasks;
 using OpenImis.Modules.InsureeManagementModule.Repositories;
 using OpenImis.Modules.InsureeManagementModule.Models;
+using OpenImis.Modules.InsureeManagementModule.Validators;
+using System.ComponentModel.DataAnnotations;
 
 namespace OpenImis.Modules.InsureeManagementModule.Logic
 {
@@ -12,10 +14,12 @@ public class InsureeLogic: IInsureeLogic
 
 		protected readonly IInsureeRepository insureeRepository;
 		protected readonly IImisModules imisModules;
+		protected IValidator insureeNumberValidator;
 
-        public InsureeLogic(IImisModules imisModules)
+		public InsureeLogic(IImisModules imisModules)
         {
 			insureeRepository = new InsureeRepository();
+			this.insureeNumberValidator = new InsureeNumberValidator(null);
 			this.imisModules = imisModules;
         }
 
@@ -40,5 +44,22 @@ public async Task<InsureeModel> GetInsureeByInsureeIdAsync(string insureeId)
 			return insuree;
 		}
 
+		public async Task<bool> IsUniqueInsureeAsync(string insureeId)
+		{
+			bool validInsuree = false;
+
+			UniqueInsureeNumberValidator uniqueInsureeNumberValidator = new UniqueInsureeNumberValidator(this, insureeNumberValidator);
+
+			try
+			{
+				await uniqueInsureeNumberValidator.ValidateAsync(insureeId);
+			}
+			catch (ValidationException e)
+			{
+				return false;
+			}
+			return validInsuree;
+		}
+
 	}
 }

OpenImis.RestApi.IntegrationTests/OpenImis.RestApi.IntegrationTests.csproj

@@ -13,11 +13,16 @@
   </ItemGroup>
 
   <ItemGroup>
+    <None Remove="appsettings.json" />
     <None Remove="appsettings.Test.json" />
     <None Remove="appsettings.Test.json.dist" />
   </ItemGroup>
 
   <ItemGroup>
+    <Content Include="appsettings.json">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+      <CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>
+    </Content>
     <Content Include="appsettings.Test.json.dist">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
       <CopyToPublishDirectory>PreserveNewest</CopyToPublishDirectory>

OpenImis.RestApi.IntegrationTests/appsettings.json

@@ -0,0 +1,18 @@
+{
+	"JwtIssuer": "http://openimis.org",
+	"JwtAudience": "http://openimis.org",
+	"JwtExpireDays": 5,
+	"Logging": {
+		"IncludeScopes": false,
+		"Debug": {
+			"LogLevel": {
+				"Default": "Warning"
+			}
+		},
+		"Console": {
+			"LogLevel": {
+				"Default": "Warning"
+			}
+		}
+	}
+}

OpenImis.RestApi/Controllers/FamilyControllerV1.cs

@@ -14,7 +14,6 @@
 namespace OpenImis.RestApi.Controllers
 {
     [ApiVersion("1")]
-    [Authorize(Roles = "IMISAdmin, EnrollmentOfficer")]
     [Route("api/family")]
 	[ApiController]
 	[EnableCors("AllowSpecificOrigin")]
@@ -44,6 +43,7 @@ public FamilyControllerV1(IImisModules imisModules)
 		/// <response code="200">Returns the list of families</response>
 		/// <response code="400">If the request is incomplete</response>      
 		/// <response code="401">If the token is missing, is wrong or expired</response>      
+		[Authorize("EnrollmentOfficer")]
 		[HttpGet]
 		[ProducesResponseType(typeof(GetFamiliesResponse), 200)]
 		[ProducesResponseType(typeof(void), StatusCodes.Status400BadRequest)]
@@ -57,6 +57,7 @@ public async Task<IActionResult> GetFamilies([FromQuery]int page = 1, [FromQuery
         }
 
 		// GET api/ws/family/00001
+		[Authorize("IMISAdmin")]
 		[HttpGet("insuree/{insureeId}", Name = "GetFamilyByInsureeId")]
         public async Task<IActionResult> GetFamilyByInsureeId(string insureeId)
         {
@@ -110,7 +111,7 @@ public async Task<IActionResult> AddNewFamily([FromBody]FamilyModel family)
 			FamilyModel newFamily;
 			try
 			{
-				newFamily = await _imisModules.GetInsureeManagementModule().GetFamilyLogic().AddFamily(family);
+				newFamily = await _imisModules.GetInsureeManagementModule().GetFamilyLogic().AddFamilyAsync(family);
 			}
 			catch (ValidationException e)
 			{

OpenImis.RestApi/Controllers/LoginControllerV1.cs

@@ -77,14 +77,17 @@ public async Task<IActionResult> Login([FromBody]LoginRequestModel request)
                     new Claim(ClaimTypes.Name, request.Username)
                 };
 
-                var roles = user.GetRolesStringArray();
+                /*var roles = user.GetRolesStringArray();
 
                 foreach (var role in roles)
                 {
                     claims = claims.Append(new Claim(ClaimTypes.Role, role));
-                }
+                }*/
 
-                var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(user.PrivateKey));
+				//claims = claims.Append(new Claim("scope", "read:messages"));
+
+
+				var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(user.PrivateKey));
                 var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
 
                 var token = new JwtSecurityToken(

OpenImis.RestApi/Controllers/ValuesControllerV1.cs

@@ -23,8 +23,10 @@ public async Task<IActionResult> Get()
 			return Ok(result);
         }
 
-        // GET api/values/5
-        [HttpGet("{id}")]
+		// GET api/values/5
+		//[Authorize("read:messages")]
+		[Authorize("MedicalOfficer")]
+		[HttpGet("{id}")]
         public async Task<IActionResult> Get(int id)
         {
             return Ok(id);

OpenImis.RestApi/Docs/SwaggerHelper.cs

@@ -91,7 +91,7 @@ public static void ConfigureSwaggerUI(SwaggerUIOptions swaggerUIOptions)
             var apiVersions = GetApiVersions(webApiAssembly);
             foreach (var apiVersion in apiVersions)
             {
-                swaggerUIOptions.SwaggerEndpoint($"/RestApi/api-docs/v{apiVersion}/swagger.json", $"V{apiVersion} Docs");
+                swaggerUIOptions.SwaggerEndpoint($"/api-docs/v{apiVersion}/swagger.json", $"V{apiVersion} Docs");
             }
             swaggerUIOptions.RoutePrefix = "api-docs";
             swaggerUIOptions.InjectStylesheet("theme-feeling-blue-v2.css");

OpenImis.RestApi/OpenImis.RestApi.csproj

@@ -84,6 +84,9 @@
     <Content Update="appsettings.Production.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </Content>
+    <Content Update="appsettings.Test.json">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
   </ItemGroup>
 
   <ItemGroup>

OpenImis.RestApi/Security/AuthorizationPolicyProvider.cs

@@ -0,0 +1,40 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Options;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace OpenImis.RestApi.Security
+{
+	public class AuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
+	{
+		private readonly AuthorizationOptions _options;
+		private readonly IConfiguration _configuration;
+
+		public AuthorizationPolicyProvider(IOptions<AuthorizationOptions> options, IConfiguration configuration) : base(options)
+		{
+			_options = options.Value;
+			_configuration = configuration;
+		}
+
+		public override async Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
+		{
+			// Check static policies first
+			var policy = await base.GetPolicyAsync(policyName);
+
+			if (policy == null)
+			{
+				policy = new AuthorizationPolicyBuilder()
+					.AddRequirements(new HasAuthorityRequirement(policyName, _configuration["JwtIssuer"]))
+					.Build();
+
+				// Add policy to the AuthorizationOptions, so we don't have to re-create it each time
+				_options.AddPolicy(policyName, policy);
+			}
+
+			return policy;
+		}
+	}
+}

OpenImis.RestApi/Security/HasAuthorityHandler.cs

@@ -0,0 +1,38 @@
+using Microsoft.AspNetCore.Authorization;
+using OpenImis.Modules;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+
+namespace OpenImis.RestApi.Security
+{
+	public class HasAuthorityHandler : AuthorizationHandler<HasAuthorityRequirement>
+	{
+		IImisModules _imisModules;
+
+		public HasAuthorityHandler(IImisModules imisModules)
+		{
+			_imisModules = imisModules;
+		}
+
+		protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasAuthorityRequirement requirement)
+		{
+			// If user does not have the scope claim, get out of here
+			if (!context.User.HasClaim(c => c.Type == ClaimTypes.Name && c.Issuer == requirement.Issuer))
+				return Task.CompletedTask;
+
+			// Split the scopes string into an array
+			//var scopes = context.User.FindFirst(c => c.Type == ClaimTypes.Name && c.Issuer == requirement.Issuer).Value.Split(' ');
+			var username = context.User.FindFirst(claim => claim.Type == ClaimTypes.Name).Value;
+			var scopes = _imisModules.GetUserModule().GetUserController().GetByUsername(username).GetRolesStringArray();
+
+			// Succeed if the scope array contains the required scope
+			if (scopes.Any(s => s == requirement.Authority))
+				context.Succeed(requirement);
+
+			return Task.CompletedTask;
+		}
+	}
+}

OpenImis.RestApi/Security/HasAuthorityRequirement.cs

@@ -0,0 +1,20 @@
+using Microsoft.AspNetCore.Authorization;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+
+namespace OpenImis.RestApi.Security
+{
+	public class HasAuthorityRequirement : IAuthorizationRequirement
+	{
+		public string Issuer { get; }
+		public string Authority { get; }
+
+		public HasAuthorityRequirement(string authority, string issuer)
+		{
+			Authority = authority ?? throw new ArgumentNullException(nameof(authority));
+			Issuer = issuer ?? throw new ArgumentNullException(nameof(issuer));
+		}
+	}
+}

OpenImis.RestApi/Startup.cs

@@ -17,6 +17,7 @@
 using OpenImis.RestApi.Docs;
 using Microsoft.AspNetCore.Mvc.Versioning;
 using Microsoft.Extensions.Logging;
+using Microsoft.AspNetCore.Authorization;
 
 namespace OpenImis.RestApi
 {
@@ -54,7 +55,18 @@ public void ConfigureServices(IServiceCollection services)
                     options.SecurityTokenValidators.Add(new IMISJwtSecurityTokenHandler(services.BuildServiceProvider().GetService<IImisModules>()));
                 });
 
-            services.AddMvc()
+			services.AddAuthorization();
+			//(options =>
+			//{
+			//	options.AddPolicy("MedicalOfficer", policy => policy.Requirements.Add(new HasAuthorityRequirement("MedicalOfficer", Configuration["JwtIssuer"])));
+			//	options.AddPolicy("EnrollmentOfficer", policy => policy.Requirements.Add(new HasAuthorityRequirement("EnrollmentOfficer", Configuration["JwtIssuer"])));
+			//});
+
+			// register the scope authorization handler
+			services.AddSingleton<IAuthorizationPolicyProvider, AuthorizationPolicyProvider>();
+			services.AddSingleton<IAuthorizationHandler, HasAuthorityHandler>();
+
+			services.AddMvc()
 				.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
 
 			services.AddApiVersioning(o => {
@@ -89,7 +101,7 @@ public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerF
                 app.UseSwaggerUI(SwaggerHelper.ConfigureSwaggerUI);
             }
 
-            app.UseAuthentication();
+            app.UseAuthentication(); 
             app.UseMvc();
 
 			app.UseCors("AllowSpecificOrigin");