Class AuthorizationResourceProviderService

Namespace

FoundationaLLM.Authorization.ResourceProviders

Assembly

FoundationaLLM.Authorization.dll

Implements the FoundationaLLM.Authorization resource provider.

public class AuthorizationResourceProviderService : ResourceProviderServiceBase<ResourceReference>, IResourceProviderService, IManagementProviderService

Inheritance

object

ResourceProviderServiceBase<ResourceReference>

AuthorizationResourceProviderService

Implements

IResourceProviderService

IManagementProviderService

Inherited Members

ResourceProviderServiceBase<ResourceReference>._resourceReferenceStore

ResourceProviderServiceBase<ResourceReference>._serviceProvider

ResourceProviderServiceBase<ResourceReference>._authorizationServiceClient

ResourceProviderServiceBase<ResourceReference>._storageService

ResourceProviderServiceBase<ResourceReference>._eventService

ResourceProviderServiceBase<ResourceReference>._resourceValidatorFactory

ResourceProviderServiceBase<ResourceReference>._logger

ResourceProviderServiceBase<ResourceReference>._instanceSettings

ResourceProviderServiceBase<ResourceReference>._storageContainerName

ResourceProviderServiceBase<ResourceReference>._serializerSettings

ResourceProviderServiceBase<ResourceReference>.Name

ResourceProviderServiceBase<ResourceReference>.IsInitialized

ResourceProviderServiceBase<ResourceReference>.AllowedResourceTypes

ResourceProviderServiceBase<ResourceReference>.StorageAccountName

ResourceProviderServiceBase<ResourceReference>.StorageContainerName

ResourceProviderServiceBase<ResourceReference>.Initialize()

ResourceProviderServiceBase<ResourceReference>.WaitForInitialization()

ResourceProviderServiceBase<ResourceReference>.HandleGetAsync(string, UnifiedUserIdentity, ResourceProviderGetOptions)

ResourceProviderServiceBase<ResourceReference>.HandlePostAsync(string, string, ResourceProviderFormFile, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.HandleDeleteAsync(string, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.GetResourcesAsync<T>(string, UnifiedUserIdentity, ResourceProviderGetOptions)

ResourceProviderServiceBase<ResourceReference>.GetResourceAsync<T>(string, UnifiedUserIdentity, ResourceProviderGetOptions)

ResourceProviderServiceBase<ResourceReference>.GetResourceAsync<T>(string, string, UnifiedUserIdentity, ResourceProviderGetOptions)

ResourceProviderServiceBase<ResourceReference>.UpsertResourceAsync<T, TResult>(string, T, UnifiedUserIdentity, ResourceProviderUpsertOptions)

ResourceProviderServiceBase<ResourceReference>.UpdateResourcePropertiesAsync<T, TResult>(string, string, Dictionary<string, object>, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.ExecuteResourceActionAsync<T, TAction, TResult>(string, string, string, TAction, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.ResourceExistsAsync<T>(string, string, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.DeleteResourceAsync<T>(string, string, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.GetResourceAsyncInternal<T>(ResourcePath, ResourcePathAuthorizationResult, UnifiedUserIdentity, ResourceProviderGetOptions)

ResourceProviderServiceBase<ResourceReference>.UpsertResourceAsyncInternal<T, TResult>(ResourcePath, ResourcePathAuthorizationResult, T, UnifiedUserIdentity, ResourceProviderUpsertOptions)

ResourceProviderServiceBase<ResourceReference>.UpdateResourcePropertiesAsyncInternal<T, TResult>(ResourcePath, ResourcePathAuthorizationResult, Dictionary<string, object>, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.ResourceExistsAsyncInternal<T>(ResourcePath, ResourcePathAuthorizationResult, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.ExecuteResourceActionAsyncInternal<T, TAction, TResult>(ResourcePath, ResourcePathAuthorizationResult, TAction, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.DeleteResourceAsyncInternal<T>(ResourcePath, ResourcePathAuthorizationResult, UnifiedUserIdentity)

ResourceProviderServiceBase<ResourceReference>.SendResourceProviderEvent(string, object)

ResourceProviderServiceBase<ResourceReference>.HandleCacheResetCommand()

ResourceProviderServiceBase<ResourceReference>.HandleEventsInternal(EventTypeEventArgs)

ResourceProviderServiceBase<ResourceReference>.LoadResources<T>(ResourceTypeInstance, ResourcePathAuthorizationResult, ResourceProviderGetOptions, Func<ResourceReference, bool, Task<T>>)

ResourceProviderServiceBase<ResourceReference>.LoadResource<T>(ResourceReference)

ResourceProviderServiceBase<ResourceReference>.LoadResource<T>(string)

ResourceProviderServiceBase<ResourceReference>.CreateResource<T>(ResourceReference, T)

ResourceProviderServiceBase<ResourceReference>.CreateResource(ResourceReference, Stream, string)

ResourceProviderServiceBase<ResourceReference>.CreateResources<T1, T2>(ResourceReference, T1, ResourceReference, T2)

ResourceProviderServiceBase<ResourceReference>.SaveResource<T>(ResourceReference, T)

ResourceProviderServiceBase<ResourceReference>.DeleteResource<T>(ResourcePath)

ResourceProviderServiceBase<ResourceReference>.PurgeResource<T>(ResourcePath)

ResourceProviderServiceBase<ResourceReference>.SetDefaultResource<T>(ResourcePath)

ResourceProviderServiceBase<ResourceReference>.CheckResourceName<T>(ResourceName)

ResourceProviderServiceBase<ResourceReference>.FilterResources<T>(ResourcePath, ResourceFilter, ResourcePathAuthorizationResult, ResourceProviderGetOptions, Func<ResourceReference, bool, Task<T>>, Func<T, bool>)

ResourceProviderServiceBase<ResourceReference>.GetResourceProviderServiceByName(string)

ResourceProviderServiceBase<ResourceReference>.UpdateBaseProperties(ResourceBase, UnifiedUserIdentity, bool)

ResourceProviderServiceBase<ResourceReference>.GetResourcePath(string, Type, string, string)

ResourceProviderServiceBase<ResourceReference>.GetParsedResourcePath(string, bool)

ResourceProviderServiceBase<ResourceReference>.EnsureAndValidatePolicyDefinitions(ResourcePath, ResourcePathAuthorizationResult)

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Extension Methods

ObjectExtensions.GetPropertyValues(object, List<string>)

Constructors

AuthorizationResourceProviderService(IOptions<InstanceSettings>, IOptions<ResourceProviderCacheSettings>, IAuthorizationServiceClient, IResourceValidatorFactory, IServiceProvider, ILoggerFactory)

Implements the FoundationaLLM.Authorization resource provider.

public AuthorizationResourceProviderService(IOptions<InstanceSettings> instanceOptions, IOptions<ResourceProviderCacheSettings> cacheOptions, IAuthorizationServiceClient authorizationServiceClient, IResourceValidatorFactory resourceValidatorFactory, IServiceProvider serviceProvider, ILoggerFactory loggerFactory)

Parameters

instanceOptions IOptions<InstanceSettings>

The options providing the InstanceSettings with instance settings.

cacheOptions IOptions<ResourceProviderCacheSettings>

The options providing the ResourceProviderCacheSettings with settings for the resource provider cache.

authorizationServiceClient IAuthorizationServiceClient

The IAuthorizationServiceClient providing authorization services.

resourceValidatorFactory IResourceValidatorFactory

The IResourceValidatorFactory providing the factory to create resource validators.

serviceProvider IServiceProvider

The IServiceProvider of the main dependency injection container.

loggerFactory ILoggerFactory

The ILoggerFactory used to provide loggers for logging.

Properties

_name

The name of the resource provider. Must be overridden in derived classes.

protected override string _name { get; }

Property Value

string

Methods

DeleteResourceAsync(ResourcePath, UnifiedUserIdentity)

The internal implementation of DeleteResourceAsync. Must be overridden in derived classes.

protected override Task DeleteResourceAsync(ResourcePath resourcePath, UnifiedUserIdentity userIdentity)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

Returns

Task

ExecuteActionAsync(ResourcePath, ResourcePathAuthorizationResult, string, UnifiedUserIdentity)

The internal implementation of ExecuteActionAsync. Must be overriden in derived classes.

protected override Task<object> ExecuteActionAsync(ResourcePath resourcePath, ResourcePathAuthorizationResult authorizationResult, string serializedAction, UnifiedUserIdentity userIdentity)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

authorizationResult ResourcePathAuthorizationResult

The ResourcePathAuthorizationResult containing the result of the resource path authorization request.

serializedAction string

The serialized details of the action being executed.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

Returns

Task<object>

Remarks

In the special case of the filter action, the override must handle the authorization result and return the appropriate response as follows:

1. The read action is authorized for the resource path itself. In this case, all matching resources must be returned according to the PBAC policies specified by the authorization result (if any).
2. The read action is denied for the resource path itself. In this case, only the matching resources specified in the subordinate authorized resource paths list of the authorization result should be returned (if any).

GetResourceTypes()

Gets the details about the resource types managed by the resource provider.

protected override Dictionary<string, ResourceTypeDescriptor> GetResourceTypes()

Returns

Dictionary<string, ResourceTypeDescriptor>

A dictionary of ResourceTypeDescriptor objects with details about the resource types.

GetResourcesAsync(ResourcePath, ResourcePathAuthorizationResult, UnifiedUserIdentity, ResourceProviderGetOptions?)

The internal implementation of GetResourcesAsync. Must be overridden in derived classes.

protected override Task<object> GetResourcesAsync(ResourcePath resourcePath, ResourcePathAuthorizationResult authorizationResult, UnifiedUserIdentity userIdentity, ResourceProviderGetOptions? options = null)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

authorizationResult ResourcePathAuthorizationResult

The ResourcePathAuthorizationResult containing the result of the resource path authorization request.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

options ResourceProviderGetOptions

The ResourceProviderGetOptions which provides operation parameters.

Returns

Task<object>

Remarks

The override implementation should return a list of resources or a single resource, depending on the resource path. It also must handle the authorization result and return the appropriate response as follows:

1. The resource path refers to a single resource. In this case, the authorization is already confirmed and the specific resource should be returned.
2. The resource path refers to a resource type and the read action is authorized for the resource path itself. In this case, all resources must be returned according to the PBAC policies specified by the authorization result (if any).
3. The resource path refers to a resource type and the read action is denied for the resource path itself. In this case, only the resources specified in the subordinate authorized resource paths list of the authorization result should be returned (if any).

InitializeInternal()

The internal implementation of Initialize. Must be overridden in derived classes.

protected override Task InitializeInternal()

Returns

Task

UpsertResourceAsync(ResourcePath, string?, ResourceProviderFormFile?, UnifiedUserIdentity)

The internal implementation of UpsertResourceAsync. Must be overridden in derived classes.

protected override Task<object> UpsertResourceAsync(ResourcePath resourcePath, string? serializedResource, ResourceProviderFormFile? formFile, UnifiedUserIdentity userIdentity)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

serializedResource string

The optional serialized resource being created or updated.

formFile ResourceProviderFormFile

The optional file attached to the request.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

Returns

Task<object>