Merge pull request #4224 from aspnetboilerplate/multi-tenancy-config

Add IgnoreFeatureCheckForHostUsers option for multitenancy
aspnetboilerplate · Jan 24, 2019 · 0f097af · 0f097af
2 parents 58482d9 + 00eeeae
commit 0f097af
Show file tree

Hide file tree

Showing 5 changed files with 67 additions and 14 deletions.
diff --git a/src/Abp/Authorization/AuthorizationHelper.cs b/src/Abp/Authorization/AuthorizationHelper.cs
@@ -20,11 +20,13 @@ public class AuthorizationHelper : IAuthorizationHelper, ITransientDependency
 
         private readonly IFeatureChecker _featureChecker;
         private readonly IAuthorizationConfiguration _authConfiguration;
+        private readonly IMultiTenancyConfig _multiTenancyConfig;
 
-        public AuthorizationHelper(IFeatureChecker featureChecker, IAuthorizationConfiguration authConfiguration)
+        public AuthorizationHelper(IFeatureChecker featureChecker, IAuthorizationConfiguration authConfiguration, IMultiTenancyConfig multiTenancyConfig)
         {
             _featureChecker = featureChecker;
             _authConfiguration = authConfiguration;
+            _multiTenancyConfig = multiTenancyConfig;
             AbpSession = NullAbpSession.Instance;
             PermissionChecker = NullPermissionChecker.Instance;
             LocalizationManager = NullLocalizationManager.Instance;
@@ -65,6 +67,14 @@ protected virtual async Task CheckFeatures(MethodInfo methodInfo, Type type)
                 return;
             }
 
+            if (AbpSession.TenantId == null)
+            {
+                if (_multiTenancyConfig.IgnoreFeatureCheckForHostUsers)
+                {
+                    return;
+                }
+            }
+
             foreach (var featureAttribute in featureAttributes)
             {
                 await _featureChecker.CheckEnabledAsync(featureAttribute.RequiresAll, featureAttribute.Features);

diff --git a/src/Abp/Configuration/Startup/IMultiTenancyConfig.cs b/src/Abp/Configuration/Startup/IMultiTenancyConfig.cs
@@ -15,6 +15,12 @@ public interface IMultiTenancyConfig
         /// </summary>
         bool IsEnabled { get; set; }
 
+        /// <summary>
+        /// Ignore feature check for host users
+        /// Default value: false.
+        /// </summary>
+        bool IgnoreFeatureCheckForHostUsers { get; set; }
+
         /// <summary>
         /// A list of contributors for tenant resolve process.
         /// </summary>

diff --git a/src/Abp/Configuration/Startup/MultiTenancyConfig.cs b/src/Abp/Configuration/Startup/MultiTenancyConfig.cs
@@ -14,6 +14,12 @@ internal class MultiTenancyConfig : IMultiTenancyConfig
         /// </summary>
         public bool IsEnabled { get; set; }
 
+        /// <summary>
+        /// Ignore feature check for host users
+        /// Default value: false.
+        /// </summary>
+        public bool IgnoreFeatureCheckForHostUsers { get; set; }
+
         public ITypeList<ITenantResolveContributor> Resolvers { get; }
 
         public MultiTenancyConfig()

diff --git a/test/Abp.Tests/Authorization/AuthorizationHelper_Tests.cs b/test/Abp.Tests/Authorization/AuthorizationHelper_Tests.cs
@@ -14,19 +14,7 @@ public class AuthorizationHelper_Tests
 
         public AuthorizationHelper_Tests()
         {
-            var featureChecker = Substitute.For<IFeatureChecker>();
-            featureChecker.GetValueAsync(Arg.Any<string>()).Returns("false");
-
-            var permissionChecker = Substitute.For<IPermissionChecker>();
-            permissionChecker.IsGrantedAsync(Arg.Any<string>()).Returns(false);
-
-            var configuration = Substitute.For<IAuthorizationConfiguration>();
-            configuration.IsEnabled.Returns(true);
-
-            _authorizeHelper = new AuthorizationHelper(featureChecker, configuration)
-            {
-                PermissionChecker = permissionChecker
-            };
+            _authorizeHelper = GetAuthorizationHelper(false, false, true);
         }
 
         [Fact]
@@ -63,6 +51,17 @@ public async Task AuthorizedMethodsCanNotBeCalledAnonymously()
             });
         }
 
+        [Fact]
+        public async Task NotAuthorizedFeatureDependentMethodsCanBeCalledAnonymously()
+        {
+            var authorizeHelper = GetAuthorizationHelper(false, false, true);
+
+            await authorizeHelper.AuthorizeAsync(
+                typeof(MyNonAuthorizedClass).GetTypeInfo().GetMethod(nameof(MyNonAuthorizedClass.Test_FeatureDependent)),
+                typeof(MyNonAuthorizedClass)
+            );
+        }
+
         public class MyNonAuthorizedClass
         {
             public void Test_NotAuthorized()
@@ -75,6 +74,12 @@ public void Test_Authorized()
             {
 
             }
+
+            [RequiresFeature("Test")]
+            public void Test_FeatureDependent()
+            {
+
+            }
         }
 
         [AbpAuthorize]
@@ -91,5 +96,30 @@ public void Test_Authorized()
 
             }
         }
+
+        private static AuthorizationHelper GetAuthorizationHelper(
+            bool featureCheckerValue,
+            bool isGranted,
+            bool ignoreFeatureCheckForHostUsers)
+        {
+            var featureChecker = Substitute.For<IFeatureChecker>();
+            featureChecker.GetValueAsync(Arg.Any<string>()).Returns(featureCheckerValue.ToString().ToLower());
+
+            var permissionChecker = Substitute.For<IPermissionChecker>();
+            permissionChecker.IsGrantedAsync(Arg.Any<string>()).Returns(isGranted);
+
+            var configuration = Substitute.For<IAuthorizationConfiguration>();
+            configuration.IsEnabled.Returns(true);
+
+            var multiTenancyConfig = Substitute.For<IMultiTenancyConfig>();
+            multiTenancyConfig.IgnoreFeatureCheckForHostUsers.Returns(ignoreFeatureCheckForHostUsers);
+
+            var authorizeHelper = new AuthorizationHelper(featureChecker, configuration, multiTenancyConfig)
+            {
+                PermissionChecker = permissionChecker
+            };
+
+            return authorizeHelper;
+        }
     }
 }
diff --git a/test/Abp.Tests/Authorization/AuthorizationInterceptor_Tests.cs b/test/Abp.Tests/Authorization/AuthorizationInterceptor_Tests.cs
@@ -24,6 +24,7 @@ public AuthorizationInterceptor_Tests()
                 );
 
             LocalIocManager.Register<IAuthorizationConfiguration, AuthorizationConfiguration>();
+            LocalIocManager.Register<IMultiTenancyConfig, MultiTenancyConfig>();
             LocalIocManager.Register<AuthorizationInterceptor>(DependencyLifeStyle.Transient);
             LocalIocManager.Register<IAuthorizationHelper, AuthorizationHelper>(DependencyLifeStyle.Transient);
             LocalIocManager.IocContainer.Register(