Table of Contents

Class ConfigurationResourceProviderService

Namespace
FoundationaLLM.Configuration.Services
Assembly
FoundationaLLM.Configuration.dll

Implements the FoundationaLLM.Configuration resource provider.

public class ConfigurationResourceProviderService : ResourceProviderServiceBase<APIEndpointReference>, IResourceProviderService, IManagementProviderService
Inheritance
ConfigurationResourceProviderService
Implements
Inherited Members
Extension Methods

Constructors

ConfigurationResourceProviderService(IOptions<InstanceSettings>, IOptions<ResourceProviderCacheSettings>, IAuthorizationServiceClient, IStorageService, IEventService, IResourceValidatorFactory, IAzureAppConfigurationService, IAzureKeyVaultService, IConfiguration, IServiceProvider, ILogger<ConfigurationResourceProviderService>, bool)

Implements the FoundationaLLM.Configuration resource provider.

public ConfigurationResourceProviderService(IOptions<InstanceSettings> instanceOptions, IOptions<ResourceProviderCacheSettings> cacheOptions, IAuthorizationServiceClient authorizationService, IStorageService storageService, IEventService eventService, IResourceValidatorFactory resourceValidatorFactory, IAzureAppConfigurationService appConfigurationService, IAzureKeyVaultService keyVaultService, IConfiguration configuration, IServiceProvider serviceProvider, ILogger<ConfigurationResourceProviderService> logger, bool proxyMode = false)

Parameters

instanceOptions IOptions<InstanceSettings>

The options providing the InstanceSettings with instance settings.

cacheOptions IOptions<ResourceProviderCacheSettings>

The options providing the ResourceProviderCacheSettings with settings for the resource provider cache.

authorizationService IAuthorizationServiceClient

The IAuthorizationServiceClient providing authorization services.

storageService IStorageService

The IStorageService providing storage services.

eventService IEventService

The IEventService providing event services.

resourceValidatorFactory IResourceValidatorFactory

The IResourceValidatorFactory providing the factory to create resource validators.

appConfigurationService IAzureAppConfigurationService

The IAzureAppConfigurationService provding access to the app configuration service.

keyVaultService IAzureKeyVaultService

The IAzureKeyVaultService providing access to the key vault service.

configuration IConfiguration

The IConfiguration providing configuration services.

serviceProvider IServiceProvider

The IServiceProvider of the main dependency injection container.

logger ILogger<ConfigurationResourceProviderService>

The ILogger used for logging.

proxyMode bool

Indicates whether the resource provider is running in proxy mode.

Properties

_name

The name of the resource provider. Must be overridden in derived classes.

protected override string _name { get; }

Property Value

string

Methods

DeleteResourceAsync(ResourcePath, UnifiedUserIdentity)

The internal implementation of DeleteResourceAsync. Must be overridden in derived classes.

protected override Task DeleteResourceAsync(ResourcePath resourcePath, UnifiedUserIdentity userIdentity)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

Returns

Task

ExecuteActionAsync(ResourcePath, ResourcePathAuthorizationResult, string, UnifiedUserIdentity, Func<object, bool>?)

The internal implementation of ExecuteActionAsync. Must be overriden in derived classes.

protected override Task<object> ExecuteActionAsync(ResourcePath resourcePath, ResourcePathAuthorizationResult authorizationResult, string serializedAction, UnifiedUserIdentity userIdentity, Func<object, bool>? requestPayloadValidator = null)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

authorizationResult ResourcePathAuthorizationResult

The ResourcePathAuthorizationResult containing the result of the resource path authorization request.

serializedAction string

The serialized details of the action being executed.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

requestPayloadValidator Func<object, bool>

An optional validator used to perform additional validation on the action payload after deserialization.

Returns

Task<object>

Remarks

In the special case of the filter action, the override must handle the authorization result and return the appropriate response as follows:

  1. The read action is authorized for the resource path itself. In this case, all matching resources must be returned according to the PBAC policies specified by the authorization result (if any).
  2. The read action is denied for the resource path itself. In this case, only the matching resources specified in the subordinate authorized resource paths list of the authorization result should be returned (if any).

GetResourceAsyncInternal<T>(ResourcePath, ResourcePathAuthorizationResult, UnifiedUserIdentity, ResourceProviderGetOptions?, ResourceBase?)

The internal implementation of GetResource. Must be overridden in derived classes.

protected override Task<T> GetResourceAsyncInternal<T>(ResourcePath resourcePath, ResourcePathAuthorizationResult authorizationResult, UnifiedUserIdentity userIdentity, ResourceProviderGetOptions? options = null, ResourceBase? parentResourceInstance = null) where T : ResourceBase

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

authorizationResult ResourcePathAuthorizationResult

The ResourcePathAuthorizationResult containing the result of the resource path authorization request.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity providing information about the calling user identity.

options ResourceProviderGetOptions

The ResourceProviderGetOptions which provides operation parameters.

parentResourceInstance ResourceBase

The optional parent resource of the resource identified by resourcePath.

Returns

Task<T>

Type Parameters

T

Remarks

When the parent resource instance is provided, and it specifies inheritable authorizable actions, the parent resource instance is used to authorize the request for any of those actions.

GetResourceTypes()

Gets the details about the resource types managed by the resource provider.

protected override Dictionary<string, ResourceTypeDescriptor> GetResourceTypes()

Returns

Dictionary<string, ResourceTypeDescriptor>

A dictionary of ResourceTypeDescriptor objects with details about the resource types.

GetResourcesAsync(ResourcePath, ResourcePathAuthorizationResult, UnifiedUserIdentity, ResourceProviderGetOptions?)

The internal implementation of GetResourcesAsync. Must be overridden in derived classes.

protected override Task<object> GetResourcesAsync(ResourcePath resourcePath, ResourcePathAuthorizationResult authorizationResult, UnifiedUserIdentity userIdentity, ResourceProviderGetOptions? options = null)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

authorizationResult ResourcePathAuthorizationResult

The ResourcePathAuthorizationResult containing the result of the resource path authorization request.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

options ResourceProviderGetOptions

The ResourceProviderGetOptions which provides operation parameters.

Returns

Task<object>

Remarks

The override implementation should return a list of resources or a single resource, depending on the resource path. It also must handle the authorization result and return the appropriate response as follows:

  1. The resource path refers to a single resource. In this case, the authorization is already confirmed and the specific resource should be returned.
  2. The resource path refers to a resource type and the read action is authorized for the resource path itself. In this case, all resources must be returned according to the PBAC policies specified by the authorization result (if any).
  3. The resource path refers to a resource type and the read action is denied for the resource path itself. In this case, only the resources specified in the subordinate authorized resource paths list of the authorization result should be returned (if any).

HandleEventsInternal(EventTypeEventArgs)

Handles events received from the IEventService when they are dequeued locally.

protected override Task HandleEventsInternal(EventTypeEventArgs e)

Parameters

e EventTypeEventArgs

The EventTypeEventArgs containing the event type and the actual events.

Returns

Task

InitializeInternal()

The internal implementation of Initialize. Must be overridden in derived classes.

protected override Task InitializeInternal()

Returns

Task

UpsertResourceAsync(ResourcePath, string?, ResourceProviderFormFile?, ResourcePathAuthorizationResult, UnifiedUserIdentity, Func<object, bool>?)

The internal implementation of UpsertResourceAsync. Must be overridden in derived classes.

protected override Task<object> UpsertResourceAsync(ResourcePath resourcePath, string? serializedResource, ResourceProviderFormFile? formFile, ResourcePathAuthorizationResult authorizationResult, UnifiedUserIdentity userIdentity, Func<object, bool>? requestPayloadValidator = null)

Parameters

resourcePath ResourcePath

A ResourcePath containing information about the resource path.

serializedResource string

The optional serialized resource being created or updated.

formFile ResourceProviderFormFile

The optional file attached to the request.

authorizationResult ResourcePathAuthorizationResult

The ResourcePathAuthorizationResult containing the result of the resource path authorization request.

userIdentity UnifiedUserIdentity

The UnifiedUserIdentity with details about the identity of the user.

requestPayloadValidator Func<object, bool>

An optional validator used to perform additional validation on the serialized resource after deserialization.

Returns

Task<object>
Edit this page