Add whitelisting and admin

2025-11-07 23:46:48 +07:00
parent 21110cd771
commit e0795677e4
17 changed files with 2280 additions and 10 deletions
--- a/src/Managing.Application/Shared/AdminConfigurationService.cs
+++ b/src/Managing.Application/Shared/AdminConfigurationService.cs
@@ -1,4 +1,6 @@
+using Managing.Application.Abstractions.Repositories;
 using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;

 namespace Managing.Application.Shared;
@@ -13,11 +15,16 @@ public class AdminConfigurationService : IAdminConfigurationService
 {
    private readonly IConfiguration _configuration;
    private readonly ILogger<AdminConfigurationService> _logger;
+    private readonly IServiceScopeFactory _serviceScopeFactory;

-    public AdminConfigurationService(IConfiguration configuration, ILogger<AdminConfigurationService> logger)
+    public AdminConfigurationService(
+        IConfiguration configuration, 
+        ILogger<AdminConfigurationService> logger,
+        IServiceScopeFactory serviceScopeFactory)
    {
        _configuration = configuration;
        _logger = logger;
+        _serviceScopeFactory = serviceScopeFactory;
    }

    public bool IsUserAdmin(string userName)
@@ -27,15 +34,37 @@ public class AdminConfigurationService : IAdminConfigurationService
            return false;
        }

+        // First check configuration (for backward compatibility)
        var adminUserNames = GetAdminUserNames();
-        var isAdmin = adminUserNames.Contains(userName, StringComparer.OrdinalIgnoreCase);
+        var isAdminFromConfig = adminUserNames.Contains(userName, StringComparer.OrdinalIgnoreCase);
        
-        if (isAdmin)
+        if (isAdminFromConfig)
        {
-            _logger.LogInformation("User {UserName} has admin privileges", userName);
+            _logger.LogInformation("User {UserName} has admin privileges from configuration", userName);
+            return true;
+        }
+
+        // If not in config, check database User.IsAdmin flag
+        try
+        {
+            using var scope = _serviceScopeFactory.CreateScope();
+            var userRepository = scope.ServiceProvider.GetRequiredService<IUserRepository>();
+            
+            var user = userRepository.GetUserByNameAsync(userName).GetAwaiter().GetResult();
+            
+            if (user != null && user.IsAdmin)
+            {
+                _logger.LogInformation("User {UserName} has admin privileges from database", userName);
+                return true;
+            }
+        }
+        catch (Exception ex)
+        {
+            _logger.LogWarning(ex, "Error checking admin status for user {UserName} from database", userName);
+            // If database check fails, fall back to config-only result
        }
        
-        return isAdmin;
+        return false;
    }

    public List<string> GetAdminUserNames()