update policy factory

Altinn · Aug 12, 2024 · cf0d941 · cf0d941
1 parent cfbab23
commit cf0d941
Show file tree

Hide file tree

Showing 38 changed files with 468 additions and 731 deletions.
diff --git a/src/Altinn.AccessManagement.Core/Enums/PolicyAccountType.cs b/src/Altinn.AccessManagement.Core/Enums/PolicyAccountType.cs
@@ -0,0 +1,14 @@
+namespace Altinn.AccessManagement.Core.Enums
+{
+    /// <summary>
+    /// Storage Account
+    /// </summary>
+    public enum PolicyAccountType
+    {
+        ResourceRegister,
+
+        Delegations,
+
+        Metadata,
+    }
+}
diff --git a/src/Altinn.AccessManagement.Core/Repositories/Interfaces/IPolicyFactory.cs b/src/Altinn.AccessManagement.Core/Repositories/Interfaces/IPolicyFactory.cs
@@ -0,0 +1,24 @@
+using Altinn.AccessManagement.Core.Enums;
+
+namespace Altinn.AccessManagement.Core.Repositories.Interfaces;
+
+/// <summary>
+/// Create clients for interacting with files 
+/// </summary>
+public interface IPolicyFactory
+{
+    /// <summary>
+    /// Creates a client for interacting with storage
+    /// </summary>
+    /// <param name="account">which storage account to write blob</param>
+    /// <param name="filepath">path of the file</param>
+    /// <returns></returns>
+    IPolicyRepository Create(PolicyAccountType account, string filepath);
+
+    /// <summary>
+    /// Creates a client for interacting with storage. assuming storage accoutn based on filename.
+    /// </summary>
+    /// <param name="filepath">path of the file</param>
+    /// <returns></returns>
+    IPolicyRepository Create(string filepath);
+}
diff --git a/src/Altinn.AccessManagement.Core/Repositories/Interfaces/IPolicyRepository.cs b/src/Altinn.AccessManagement.Core/Repositories/Interfaces/IPolicyRepository.cs
@@ -1,72 +1,71 @@
 using Azure;
 using Azure.Storage.Blobs.Models;
 
-namespace Altinn.AccessManagement.Core.Repositories.Interfaces
+namespace Altinn.AccessManagement.Core.Repositories.Interfaces;
+
+/// <summary>
+/// Interface for operations on policy files.
+/// </summary>
+public interface IPolicyRepository
 {
     /// <summary>
-    /// Interface for operations on policy files.
+    /// Gets file stream for the policy file from blob storage, if it exists at the specified path.
     /// </summary>
-    public interface IPolicyRepository
-    {
-        /// <summary>
-        /// Gets file stream for the policy file from blob storage, if it exists at the specified path.
-        /// </summary>
-        /// <param name="filepath">The file path.</param>
-        /// <returns>File stream of the policy file</returns>
-        Task<Stream> GetPolicyAsync(string filepath);
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns>File stream of the policy file</returns>
+    Task<Stream> GetPolicyAsync(CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Gets file stream for the specified version of a policy file from blob storage, if it exists at the specified path.
-        /// </summary>
-        /// <param name="filepath">The file path.</param>
-        /// <param name="version">The blob storage version</param>
-        /// <returns>File stream of the policy file</returns>
-        Task<Stream> GetPolicyVersionAsync(string filepath, string version);
+    /// <summary>
+    /// Gets file stream for the specified version of a policy file from blob storage, if it exists at the specified path.
+    /// </summary>
+    /// <param name="version">The blob storage version</param>
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns>File stream of the policy file</returns>
+    Task<Stream> GetPolicyVersionAsync(string version, CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Writes a file stream to blobstorage to the specified path.
-        /// </summary>
-        /// <param name="filepath">The file path.</param> 
-        /// <param name="fileStream">File stream of the policy file to be written</param>
-        /// <returns>Azure response BlobContentInfo</returns>
-        Task<Response<BlobContentInfo>> WritePolicyAsync(string filepath, Stream fileStream);
+    /// <summary>
+    /// Writes a file stream to blobstorage to the specified path.
+    /// </summary>
+    /// <param name="fileStream">File stream of the policy file to be written</param>
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns>Azure response BlobContentInfo</returns>
+    Task<Response<BlobContentInfo>> WritePolicyAsync(Stream fileStream = null, CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Writes a file stream to blobstorage to the specified path, including the conditional check that the provided blob lease id is valid.
-        /// </summary>
-        /// <param name="filepath">The file path.</param> 
-        /// <param name="fileStream">File stream of the policy file to be written</param>
-        /// <param name="blobLeaseId">The blob lease id, required to be able to write after a lock</param>
-        /// <returns>Azure response BlobContentInfo</returns>
-        Task<Response<BlobContentInfo>> WritePolicyConditionallyAsync(string filepath, Stream fileStream, string blobLeaseId);
+    /// <summary>
+    /// Writes a file stream to blobstorage to the specified path, including the conditional check that the provided blob lease id is valid.
+    /// </summary>
+    /// <param name="fileStream">File stream of the policy file to be written</param>
+    /// <param name="blobLeaseId">The blob lease id, required to be able to write after a lock</param>
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns>Azure response BlobContentInfo</returns>
+    Task<Response<BlobContentInfo>> WritePolicyConditionallyAsync(Stream fileStream, string blobLeaseId, CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Deletes a specific version of a blob storage file if it exits on the specified path.
-        /// </summary>
-        /// <param name="filepath">The file path.</param>
-        /// <param name="version">The blob storage version</param>
-        /// <returns></returns>
-        Task<Response> DeletePolicyVersionAsync(string filepath, string version);
+    /// <summary>
+    /// Deletes a specific version of a blob storage file if it exits on the specified path.
+    /// </summary>
+    /// <param name="version">The blob storage version</param>
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns></returns>
+    Task<Response> DeletePolicyVersionAsync(string version, CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Tries to acquire a blob lease on the base blob for the provided filepath.
-        /// </summary>
-        /// <param name="filepath">The file path of the base blob to aquire a blob lease on</param>
-        /// <returns>The LeaseId if a release was possible, otherwise null</returns>
-        Task<string> TryAcquireBlobLease(string filepath);
+    /// <summary>
+    /// Tries to acquire a blob lease on the base blob for the provided filepath.
+    /// </summary>
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns>The LeaseId if a release was possible, otherwise null</returns>
+    Task<string> TryAcquireBlobLease(CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Releases a blob lease on the base blob for the provided filepath using the provided leaseId.
-        /// </summary>
-        /// <param name="filepath">The file path of the base blob to release</param>
-        /// <param name="leaseId">The lease id from to release</param>
-        void ReleaseBlobLease(string filepath, string leaseId);
+    /// <summary>
+    /// Releases a blob lease on the base blob for the provided filepath using the provided leaseId.
+    /// </summary>
+    /// <param name="leaseId">The lease id from to release</param>
+    /// <param name="cancellationToken">cancellation token</param>
+    void ReleaseBlobLease(string leaseId, CancellationToken cancellationToken = default);
 
-        /// <summary>
-        /// Checks whether there exists a blob at the specified path
-        /// </summary>
-        /// <param name="filepath">The file path to check if a blob exists</param>
-        /// <returns>Bool whether the blob exists or not</returns>
-        Task<bool> PolicyExistsAsync(string filepath);
-    }
-}
+    /// <summary>
+    /// Checks whether there exists a blob at the specified path
+    /// </summary>
+    /// <param name="cancellationToken">cancellation token</param>
+    /// <returns>Bool whether the blob exists or not</returns>
+    Task<bool> PolicyExistsAsync(CancellationToken cancellationToken = default);
+}
diff --git a/src/Altinn.AccessManagement.Core/Services/Interfaces/IMaskinportenSchemaService.cs b/src/Altinn.AccessManagement.Core/Services/Interfaces/IMaskinportenSchemaService.cs
@@ -13,47 +13,53 @@ public interface IMaskinportenSchemaService
         /// <param name="authenticatedUserId">The user id of the authenticated user performing the delegation</param>
         /// <param name="authenticatedUserAuthlevel">The authentication level of the authenticated user performing the delegation</param>
         /// <param name="request">The model describing the right delegation check to perform</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>The result of the delegation status check</returns>
-        public Task<DelegationCheckResponse> DelegationCheck(int authenticatedUserId, int authenticatedUserAuthlevel, RightsDelegationCheckRequest request);
+        public Task<DelegationCheckResponse> DelegationCheck(int authenticatedUserId, int authenticatedUserAuthlevel, RightsDelegationCheckRequest request, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Gets all offered maskinporten schema delegations for a reportee
         /// </summary>
         /// <param name="party">reportee that delegated resources</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>list of delgations</returns>
-        public Task<List<Delegation>> GetOfferedMaskinportenSchemaDelegations(AttributeMatch party);
+        public Task<List<Delegation>> GetOfferedMaskinportenSchemaDelegations(AttributeMatch party, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Gets all received maskinporten schema delegations for a reportee
         /// </summary>
         /// <param name="party">reportee that delegated resources</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>list of delgations</returns>
-        public Task<List<Delegation>> GetReceivedMaskinportenSchemaDelegations(AttributeMatch party);
+        public Task<List<Delegation>> GetReceivedMaskinportenSchemaDelegations(AttributeMatch party, CancellationToken cancellationToken = default);
 
         /// <summary> 
         /// Gets all the delegations for an admin or owner
         /// </summary>
         /// <param name="supplierOrg">the organisation number of the supplier org</param>
         /// <param name="consumerOrg">the organisation number of the consumer of the resource</param>
         /// <param name="scope">the scope of the resource</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>list of delgations</returns>
-        public Task<List<Delegation>> GetMaskinportenDelegations(string supplierOrg, string consumerOrg, string scope);
+        public Task<List<Delegation>> GetMaskinportenDelegations(string supplierOrg, string consumerOrg, string scope, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Performs the delegation on behalf of the from party
         /// </summary>
         /// <param name="authenticatedUserId">The user id of the authenticated user performing the delegation</param>
         /// <param name="authenticatedUserAuthlevel">The authentication level of the authenticated user performing the delegation</param>
         /// <param name="delegation">The delegation</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>The result of the delegation</returns>
-        public Task<DelegationActionResult> DelegateMaskinportenSchema(int authenticatedUserId, int authenticatedUserAuthlevel, DelegationLookup delegation);
+        public Task<DelegationActionResult> DelegateMaskinportenSchema(int authenticatedUserId, int authenticatedUserAuthlevel, DelegationLookup delegation, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Operation to revoke a maskinporten schema delegation
         /// </summary>
         /// <param name="authenticatedUserId">The user id of the authenticated user deleting the delegation</param>
         /// <param name="delegation">The delegation lookup model</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>The result of the deletion</returns>
-        public Task<DelegationActionResult> RevokeMaskinportenSchemaDelegation(int authenticatedUserId, DelegationLookup delegation);
+        public Task<DelegationActionResult> RevokeMaskinportenSchemaDelegation(int authenticatedUserId, DelegationLookup delegation, CancellationToken cancellationToken = default);
     }
 }
diff --git a/src/Altinn.AccessManagement.Core/Services/Interfaces/IPolicyAdministrationPoint.cs b/src/Altinn.AccessManagement.Core/Services/Interfaces/IPolicyAdministrationPoint.cs
@@ -13,28 +13,32 @@ public interface IPolicyAdministrationPoint
         /// <param name="org">Unique identifier of the organisation responsible for the app.</param>
         /// <param name="app">Application identifier which is unique within an organisation.</param>
         /// <param name="fileStream">A stream containing the content of the policy file</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns></returns>
-        Task<bool> WritePolicyAsync(string org, string app, Stream fileStream);
+        Task<bool> WritePolicyAsync(string org, string app, Stream fileStream, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Trys to sort and store the set of rules as delegation policy files in blob storage.
         /// </summary>
         /// <param name="rules">The set of rules to be delegated</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>The list of rules with created Id and result status</returns>
-        Task<List<Rule>> TryWriteDelegationPolicyRules(List<Rule> rules);
+        Task<List<Rule>> TryWriteDelegationPolicyRules(List<Rule> rules, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Trys to sort and delete the set of rules matching the list of ruleMatches to delete from delegation policy files in blob storage.
         /// </summary>
         /// <param name="rulesToDelete">Entity to define which rules to be deleted</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>The list of rules with created Id and result status</returns>
-        Task<List<Rule>> TryDeleteDelegationPolicyRules(List<RequestToDelete> rulesToDelete);
+        Task<List<Rule>> TryDeleteDelegationPolicyRules(List<RequestToDelete> rulesToDelete, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Deletes a List of policies based on input list of matches to remove
         /// </summary>
         /// <param name="policiesToDelete">entity containing match for all the policies to delete</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>A list containing all the policies that is deleted</returns>
-        Task<List<Rule>> TryDeleteDelegationPolicies(List<RequestToDelete> policiesToDelete);
+        Task<List<Rule>> TryDeleteDelegationPolicies(List<RequestToDelete> policiesToDelete, CancellationToken cancellationToken = default);
     }
 }
diff --git a/src/Altinn.AccessManagement.Core/Services/Interfaces/IPolicyInformationPoint.cs b/src/Altinn.AccessManagement.Core/Services/Interfaces/IPolicyInformationPoint.cs
@@ -14,8 +14,9 @@ public interface IPolicyInformationPoint
         /// <param name="offeredByPartyIds">the list of offeredby party ids</param>
         /// <param name="coveredByPartyIds">the list of coveredby party ids</param>
         /// <param name="coveredByUserIds">the list of coveredby user ids</param>
+        /// <param name="cancellationToken">CancellationToken</param>
         /// <returns>a list of rules that match the lists of org/apps, offeredby ids, and coveredby ids</returns>
-        Task<List<Rule>> GetRulesAsync(List<string> resourceIds, List<int> offeredByPartyIds, List<int> coveredByPartyIds, List<int> coveredByUserIds);
+        Task<List<Rule>> GetRulesAsync(List<string> resourceIds, List<int> offeredByPartyIds, List<int> coveredByPartyIds, List<int> coveredByUserIds, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Gets the all rights a user have for a given reportee and resource
@@ -41,14 +42,14 @@ public interface IPolicyInformationPoint
         /// <param name="partyId">Party id of a user or organization</param>
         /// <param name="cancellationToken">The <see cref="CancellationToken"/></param>
         /// <returns></returns>
-        Task<IEnumerable<DelegationChange>> GetReceivedDelegationFromRepository(int partyId, CancellationToken cancellationToken);
+        Task<IEnumerable<DelegationChange>> GetReceivedDelegationFromRepository(int partyId, CancellationToken cancellationToken = default);
 
         /// <summary>
         /// Finds all active offered delegations (not including maskinporten schema) from db, both directly delegated from the party or from it's main unit if the party is a subunit
         /// </summary>
         /// <param name="partyId">Party id of a user or organization</param>
         /// <param name="cancellationToken">The <see cref="CancellationToken"/></param>
         /// <returns></returns>
-        Task<IEnumerable<DelegationChange>> GetOfferedDelegationsFromRepository(int partyId, CancellationToken cancellationToken);
+        Task<IEnumerable<DelegationChange>> GetOfferedDelegationsFromRepository(int partyId, CancellationToken cancellationToken = default);
     }
 }