loresoft / MediatR.CommandQuery / 8911801772

coverage: 57.379% (-1.8%) from 59.163%
8911801772

push

github

pwelter34 
tweak build

342 of 700 branches covered (48.86%)

Branch coverage included in aggregate %.

1011 of 1658 relevant lines covered (60.98%)

18.48 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

71.88
/src/MediatR.CommandQuery/Behaviors/TenantAuthenticateCommandBehavior.cs
1 
using System.Net;
2 









3



using MediatR.CommandQuery.Commands;










4



using MediatR.CommandQuery.Definitions;










5












6



using Microsoft.Extensions.Logging;










7












8



namespace MediatR.CommandQuery.Behaviors;










9












10



public class TenantAuthenticateCommandBehavior<TKey, TEntityModel, TResponse>










11



    : PipelineBehaviorBase<EntityModelCommand<TEntityModel, TResponse>, TResponse>










12



    where TEntityModel : class










13



{










14












15



    private readonly ITenantResolver<TKey> _tenantResolver;










16












17



    public TenantAuthenticateCommandBehavior(ILoggerFactory loggerFactory, ITenantResolver<TKey> tenantResolver)










18



        : base(loggerFactory)




24





19



    {










20



        _tenantResolver = tenantResolver ?? throw new ArgumentNullException(nameof(tenantResolver));





24!





21



    }




24





22












23



    protected override async Task<TResponse> Process(










24



        EntityModelCommand<TEntityModel, TResponse> request,










25



        RequestHandlerDelegate<TResponse> next,










26



        CancellationToken cancellationToken)










27



    {










28



        if (request is null)





24!





29



            throw new ArgumentNullException(nameof(request));




×







30












31



        if (next is null)





24!





32



            throw new ArgumentNullException(nameof(next));




×







33












34



        await Authorize(request).ConfigureAwait(false);




24





35












36



        // continue pipeline










37



        return await next().ConfigureAwait(false);




20





38



    }




20





39












40



    private async Task Authorize(EntityModelCommand<TEntityModel, TResponse> request)










41



    {










42



        var principal = request.Principal;




24





43



        if (principal == null)





24!





44



            return;




×







45












46



        // check principal tenant is same as model tenant










47



        if (request.Model is not IHaveTenant<TKey> tenantModel)





24!





48



            return;




×







49












50



        var tenantId = await _tenantResolver.GetTenantId(principal);




24





51



        if (Equals(tenantId, tenantModel.TenantId))





24





52



            return;




20





53












54



        throw new DomainException(HttpStatusCode.Forbidden, "User does not have access to specified tenant.");




4





55



    }




20





56



}
























    

  • 

    •