brunobritodev
diff --git a/‎src/Backend/Jp.Application/AutoMapper/DomainToViewModelMappingProfile.cs‎
Lines changed: 3 additions & 1 deletion b/‎src/Backend/Jp.Application/AutoMapper/DomainToViewModelMappingProfile.cs‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/Backend/Jp.Application/Services/ApiResourceAppService.cs‎
Lines changed: 2 additions & 1 deletion b/‎src/Backend/Jp.Application/Services/ApiResourceAppService.cs‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Backend/Jp.Application/ViewModels/ScopeViewModel.cs‎
Lines changed: 9 additions & 2 deletions b/‎src/Backend/Jp.Application/ViewModels/ScopeViewModel.cs‎
Lines changed: 9 additions & 2 deletions
diff --git a/‎src/Backend/Jp.Infra.Data/Repository/ApiScopeRepository.cs‎
Lines changed: 1 addition & 1 deletion b/‎src/Backend/Jp.Infra.Data/Repository/ApiScopeRepository.cs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Backend/Jp.UserManagement/Configuration/AuthenticationConfig.cs‎
Lines changed: 3 additions & 5 deletions b/‎src/Backend/Jp.UserManagement/Configuration/AuthenticationConfig.cs‎
Lines changed: 3 additions & 5 deletions
diff --git a/‎src/Backend/Jp.UserManagement/Configuration/ConfigurePolicy.cs‎
Lines changed: 11 additions & 6 deletions b/‎src/Backend/Jp.UserManagement/Configuration/ConfigurePolicy.cs‎
Lines changed: 11 additions & 6 deletions
diff --git a/‎src/Backend/Jp.UserManagement/Controllers/ApiController.cs‎
Lines changed: 1 addition & 3 deletions b/‎src/Backend/Jp.UserManagement/Controllers/ApiController.cs‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎src/Backend/Jp.UserManagement/Controllers/ApiResourceController.cs‎
Lines changed: 9 additions & 8 deletions b/‎src/Backend/Jp.UserManagement/Controllers/ApiResourceController.cs‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎src/Backend/Jp.UserManagement/Controllers/ClientController.cs‎
Lines changed: 13 additions & 13 deletions b/‎src/Backend/Jp.UserManagement/Controllers/ClientController.cs‎
Lines changed: 13 additions & 13 deletions
diff --git a/‎src/Backend/Jp.UserManagement/Controllers/IdentityResourceController.cs‎
Lines changed: 5 additions & 6 deletions b/‎src/Backend/Jp.UserManagement/Controllers/IdentityResourceController.cs‎
Lines changed: 5 additions & 6 deletions
@@ -28,7 +28,9 @@ public DomainToViewModelMappingProfile()
             CreateMap<IdentityServer4.EntityFramework.Entities.ClientProperty, ClientPropertyViewModel>();
             CreateMap<IdentityServer4.EntityFramework.Entities.ClientClaim, ClaimViewModel>();
             CreateMap<IdentityServer4.EntityFramework.Entities.IdentityResource, IdentityResourceListView>(MemberList.Destination);
-            CreateMap<IdentityServer4.EntityFramework.Entities.ApiScope, ScopeViewModel>(MemberList.Destination);
+            CreateMap<IdentityServer4.EntityFramework.Entities.ApiScope, ScopeViewModel>();
+            CreateMap<IdentityServer4.EntityFramework.Entities.UserClaim, ClaimViewModel>(MemberList.Destination);
+
             CreateMap<Claim, ClaimViewModel>(MemberList.Destination);
             CreateMap<Role, RoleViewModel>(MemberList.Destination);
             CreateMap<UserLogin, UserLoginViewModel>(MemberList.Destination);
 
@@ -89,7 +89,8 @@ public Task SaveSecret(SaveApiSecretViewModel model)
 
         public async Task<IEnumerable<ScopeViewModel>> GetScopes(string name)
         {
-            return _mapper.Map<IEnumerable<ScopeViewModel>>(await _apiScopeRepository.GetScopesByResource(name));
+            var scopes = await _apiScopeRepository.GetScopesByResource(name);
+            return _mapper.Map<IEnumerable<ScopeViewModel>>(scopes);
         }
 
         public Task RemoveScope(RemoveApiScopeViewModel model)
 
@@ -1,9 +1,16 @@
-namespace Jp.Application.ViewModels
+using System.Collections.Generic;
+
+namespace Jp.Application.ViewModels
 {
     public class ScopeViewModel
     {
         public int Id { get; set; }
         public string Name { get; set; }
-        public string Description { get; set; }
+        public string DisplayName { get; set; }
+        public bool Required { get; set; }
+        public bool Emphasize { get; set; }
+        public bool ShowInDiscoveryDocument { get; set; }
+        public IEnumerable<ClaimViewModel> UserClaims { get; set; }
+
     }
 }
@@ -15,7 +15,7 @@ public ApiScopeRepository(JpContext context) : base(context)
         }
 
         public Task<List<ApiScope>> SearchScopes(string search) => DbSet.Where(id => id.Name.Contains(search)).ToListAsync();
-        public Task<List<ApiScope>> GetScopesByResource(string search) => DbSet.Where(id => id.ApiResource.Name == search).ToListAsync();
+        public Task<List<ApiScope>> GetScopesByResource(string search) => DbSet.Include(s => s.UserClaims).Where(id => id.ApiResource.Name == search).ToListAsync();
 
     }
 }
@@ -1,6 +1,4 @@
-using System;
-using System.Threading.Tasks;
-using IdentityServer4.AccessTokenValidation;
+using IdentityServer4.AccessTokenValidation;
 using Jp.Infra.CrossCutting.Tools.DefaultConfig;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.DependencyInjection;
@@ -13,7 +11,7 @@ public static class AuthenticationConfig
         public static void AddIdentityServerAuthentication(this IServiceCollection services, ILogger logger)
         {
             logger.LogInformation($"Authority URI: {JpProjectConfiguration.IdentityServerUrl}");
-
+            Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
             services
 
                 .AddAuthentication(options =>
@@ -26,7 +24,7 @@ public static void AddIdentityServerAuthentication(this IServiceCollection servi
                     options.Authority = JpProjectConfiguration.IdentityServerUrl;
                     options.RequireHttpsMetadata = false;
                     options.ApiSecret = "Q&tGrEQMypEk.XxPU:%bWDZMdpZeJiyMwpLv4F7d**w9x:7KuJ#fy,E8KPHpKz++";
-                    options.ApiName = "management-api";
+                    options.ApiName = "jp_api";
 
                 });
         }
 
@@ -1,4 +1,4 @@
-using Microsoft.AspNetCore.Authorization;
+using IdentityServer4.Extensions;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace Jp.Management.Configuration
@@ -7,15 +7,20 @@ public static class ConfigurePolicy
     {
         public static void AddPolicies(this IServiceCollection services)
         {
-            return;
             services.AddAuthorization(options =>
             {
-                options.AddPolicy("IS4-Adm", policy => policy.RequireAssertion(context => context.User.HasClaim("IS4-Permission", "Manager") || context.User.IsInRole("Administrator")).RequireScope("management-api.identityserver4-manager"));
-                options.AddPolicy("IS4-ReadOnly", policy => policy.RequireScope("management-api.identityserver4-manager").RequireAssertion(context => context.User.HasClaim("IS4-Permission", "Manager") || context.User.IsInRole("Administrator") || context.User.HasClaim("IS4-Permission", "ReadOnly")));
+                options.AddPolicy("Admin", 
+                    policy => policy.RequireAssertion(c => 
+                        c.User.HasClaim("is4-rights", "manager") || 
+                        c.User.IsInRole("Administrador")));
+
+                options.AddPolicy("ReadOnly", policy =>
+                    policy.RequireAssertion(c => 
+                        c.User.IsAuthenticated() || 
+                        c.User.HasClaim("is4-rights", "manager") || 
+                        c.User.IsInRole("Administrador")));
             });
 
         }
-
-
     }
 }
@@ -1,7 +1,5 @@
-using System;
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.Linq;
-using IdentityModel;
 using Jp.Domain.Core.Bus;
 using Jp.Domain.Core.Notifications;
 using Jp.Infra.CrossCutting.Tools.Model;
 
@@ -9,11 +9,12 @@
 using Jp.Domain.Core.Notifications;
 using Jp.Infra.CrossCutting.Tools.Model;
 using MediatR;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Jp.Management.Controllers
 {
-    [Route("[controller]")]
+    [Route("[controller]"), Authorize(Policy = "ReadOnly")]
     public class ApiResourceController : ApiController
     {
         private readonly IApiResourceAppService _apiResourceAppService;
@@ -41,7 +42,7 @@ public async Task<ActionResult<DefaultResponse<ApiResource>>> Details(string nam
             return Response(irs);
         }
 
-        [HttpPost, Route("save")]
+        [HttpPost, Route("save"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] ApiResource model)
         {
             if (!ModelState.IsValid)
@@ -53,7 +54,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] ApiResour
             return Response(true);
         }
 
-        [HttpPost, Route("update")]
+        [HttpPost, Route("update"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] ApiResource model)
         {
             if (!ModelState.IsValid)
@@ -65,7 +66,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] ApiReso
             return Response(true);
         }
 
-        [HttpPost, Route("remove")]
+        [HttpPost, Route("remove"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveApiResourceViewModel model)
         {
             if (!ModelState.IsValid)
@@ -86,7 +87,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<SecretViewModel>>>> S
             return Response(clients);
         }
 
-        [HttpPost, Route("remove-secret")]
+        [HttpPost, Route("remove-secret"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] RemoveApiSecretViewModel model)
         {
             if (!ModelState.IsValid)
@@ -99,7 +100,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] R
         }
 
 
-        [HttpPost, Route("save-secret")]
+        [HttpPost, Route("save-secret"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> SaveSecret([FromBody] SaveApiSecretViewModel model)
         {
             if (!ModelState.IsValid)
@@ -118,7 +119,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ScopeViewModel>>>> Sc
             return Response(clients);
         }
 
-        [HttpPost, Route("remove-scope")]
+        [HttpPost, Route("remove-scope"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> RemoveScope([FromBody] RemoveApiScopeViewModel model)
         {
             if (!ModelState.IsValid)
@@ -131,7 +132,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveScope([FromBody] Re
         }
 
 
-        [HttpPost, Route("save-scope")]
+        [HttpPost, Route("save-scope"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> SaveScope([FromBody] SaveApiScopeViewModel model)
         {
             if (!ModelState.IsValid)
 
@@ -1,4 +1,5 @@
 using System.Collections.Generic;
+using System.Linq;
 using System.Threading.Tasks;
 using IdentityServer4.Models;
 using Jp.Application.Interfaces;
@@ -8,13 +9,12 @@
 using Jp.Domain.Core.Notifications;
 using Jp.Infra.CrossCutting.Tools.Model;
 using MediatR;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Jp.Management.Controllers
 {
-    [Route("[controller]"),
-    // Authorize(Policy = "IS4-ReadOnly")
-    ]
+    [Route("[controller]"), Authorize(Policy = "ReadOnly")]
     public class ClientsController : ApiController
     {
         private readonly IClientAppService _clientAppService;
@@ -34,7 +34,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ClientListViewModel>>
             return Response(clients);
         }
 
-        [HttpPost, Route("save")]
+        [HttpPost, Route("save"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] SaveClientViewModel client)
         {
             if (!ModelState.IsValid)
@@ -46,7 +46,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] SaveClien
             return Response(true);
         }
 
-        [HttpPost, Route("update")]
+        [HttpPost, Route("update"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] Client client)
         {
             if (!ModelState.IsValid)
@@ -58,7 +58,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] Client
             return Response(true);
         }
 
-        [HttpPost, Route("remove")]
+        [HttpPost, Route("remove"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveClientViewModel client)
         {
             if (!ModelState.IsValid)
@@ -70,7 +70,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveC
             return Response(true);
         }
 
-        [HttpPost, Route("copy")]
+        [HttpPost, Route("copy"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Copy([FromBody] CopyClientViewModel client)
         {
             if (!ModelState.IsValid)
@@ -96,7 +96,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<SecretViewModel>>>> S
             return Response(clients);
         }
 
-        [HttpPost, Route("remove-secret")]
+        [HttpPost, Route("remove-secret"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] RemoveClientSecretViewModel model)
         {
             if (!ModelState.IsValid)
@@ -109,7 +109,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] R
         }
 
 
-        [HttpPost, Route("save-secret")]
+        [HttpPost, Route("save-secret"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> SaveSecret([FromBody] SaveClientSecretViewModel model)
         {
             if (!ModelState.IsValid)
@@ -128,7 +128,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ClientPropertyViewMod
             return Response(clients);
         }
 
-        [HttpPost, Route("remove-property")]
+        [HttpPost, Route("remove-property"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> RemoveProperty([FromBody] RemovePropertyViewModel model)
         {
             if (!ModelState.IsValid)
@@ -141,7 +141,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveProperty([FromBody]
         }
 
 
-        [HttpPost, Route("save-property")]
+        [HttpPost, Route("save-property"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> SaveProperty([FromBody] SaveClientPropertyViewModel model)
         {
             if (!ModelState.IsValid)
@@ -160,7 +160,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ClaimViewModel>>>> Cl
             return Response(clients);
         }
 
-        [HttpPost, Route("remove-claim")]
+        [HttpPost, Route("remove-claim"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> RemoveClaim([FromBody] RemoveClientClaimViewModel model)
         {
             if (!ModelState.IsValid)
@@ -173,7 +173,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveClaim([FromBody] Re
         }
 
 
-        [HttpPost, Route("save-claim")]
+        [HttpPost, Route("save-claim"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> SaveClaim([FromBody] SaveClientClaimViewModel model)
         {
             if (!ModelState.IsValid)
 
@@ -10,13 +10,12 @@
 using Jp.Domain.Core.Notifications;
 using Jp.Infra.CrossCutting.Tools.Model;
 using MediatR;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
 namespace Jp.Management.Controllers
 {
-    [Route("[controller]"),
-        // Authorize(Policy = "IS4-ReadOnly")
-    ]
+    [Route("[controller]"), Authorize(Policy = "ReadOnly")]
     public class IdentityResourceController: ApiController
     {
         private readonly IIdentityResourceAppService _identityResourceAppService;
@@ -43,7 +42,7 @@ public async Task<ActionResult<DefaultResponse<IdentityResource>>> Details(strin
             return Response(irs);
         }
 
-        [HttpPost, Route("save")]
+        [HttpPost, Route("save"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] IdentityResource model)
         {
             if (!ModelState.IsValid)
@@ -55,7 +54,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] IdentityR
             return Response(true);
         }
 
-        [HttpPost, Route("update")]
+        [HttpPost, Route("update"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] IdentityResource model)
         {
             if (!ModelState.IsValid)
@@ -67,7 +66,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] Identit
             return Response(true);
         }
 
-        [HttpPost, Route("remove")]
+        [HttpPost, Route("remove"), Authorize(Policy = "Admin")]
         public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveIdentityResourceViewModel model)
         {
             if (!ModelState.IsValid)
Original file line number	Diff line number	Diff line change
`@@ -89,7 +89,8 @@ public Task SaveSecret(SaveApiSecretViewModel model)`
`89`	`89`
`90`	`90`	`public async Task<IEnumerable<ScopeViewModel>> GetScopes(string name)`
`91`	`91`	`{`
`92`		`- return _mapper.Map<IEnumerable<ScopeViewModel>>(await _apiScopeRepository.GetScopesByResource(name));`
	`92`	`+ var scopes = await _apiScopeRepository.GetScopesByResource(name);`
	`93`	`+ return _mapper.Map<IEnumerable<ScopeViewModel>>(scopes);`
`93`	`94`	`}`
`94`	`95`
`95`	`96`	`public Task RemoveScope(RemoveApiScopeViewModel model)`
Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,16 @@`
`1`		`-namespace Jp.Application.ViewModels`
	`1`	`+using System.Collections.Generic;`
	`2`	`+`
	`3`	`+namespace Jp.Application.ViewModels`
`2`	`4`	`{`
`3`	`5`	`public class ScopeViewModel`
`4`	`6`	`{`
`5`	`7`	`public int Id { get; set; }`
`6`	`8`	`public string Name { get; set; }`
`7`		`- public string Description { get; set; }`
	`9`	`+ public string DisplayName { get; set; }`
	`10`	`+ public bool Required { get; set; }`
	`11`	`+ public bool Emphasize { get; set; }`
	`12`	`+ public bool ShowInDiscoveryDocument { get; set; }`
	`13`	`+ public IEnumerable<ClaimViewModel> UserClaims { get; set; }`
	`14`	`+`
`8`	`15`	`}`
`9`	`16`	`}`
Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ public ApiScopeRepository(JpContext context) : base(context)`
`15`	`15`	`}`
`16`	`16`
`17`	`17`	`public Task<List<ApiScope>> SearchScopes(string search) => DbSet.Where(id => id.Name.Contains(search)).ToListAsync();`
`18`		`- public Task<List<ApiScope>> GetScopesByResource(string search) => DbSet.Where(id => id.ApiResource.Name == search).ToListAsync();`
	`18`	`+ public Task<List<ApiScope>> GetScopesByResource(string search) => DbSet.Include(s => s.UserClaims).Where(id => id.ApiResource.Name == search).ToListAsync();`
`19`	`19`
`20`	`20`	`}`
`21`	`21`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-using Microsoft.AspNetCore.Authorization;`
	`1`	`+using IdentityServer4.Extensions;`
`2`	`2`	`using Microsoft.Extensions.DependencyInjection;`
`3`	`3`
`4`	`4`	`namespace Jp.Management.Configuration`
`@@ -7,15 +7,20 @@ public static class ConfigurePolicy`
`7`	`7`	`{`
`8`	`8`	`public static void AddPolicies(this IServiceCollection services)`
`9`	`9`	`{`
`10`		`- return;`
`11`	`10`	`services.AddAuthorization(options =>`
`12`	`11`	`{`
`13`		`- options.AddPolicy("IS4-Adm", policy => policy.RequireAssertion(context => context.User.HasClaim("IS4-Permission", "Manager") \|\| context.User.IsInRole("Administrator")).RequireScope("management-api.identityserver4-manager"));`
`14`		`- options.AddPolicy("IS4-ReadOnly", policy => policy.RequireScope("management-api.identityserver4-manager").RequireAssertion(context => context.User.HasClaim("IS4-Permission", "Manager") \|\| context.User.IsInRole("Administrator") \|\| context.User.HasClaim("IS4-Permission", "ReadOnly")));`
	`12`	`+ options.AddPolicy("Admin",`
	`13`	`+ policy => policy.RequireAssertion(c =>`
	`14`	`+ c.User.HasClaim("is4-rights", "manager") \|\|`
	`15`	`+ c.User.IsInRole("Administrador")));`
	`16`	`+`
	`17`	`+ options.AddPolicy("ReadOnly", policy =>`
	`18`	`+ policy.RequireAssertion(c =>`
	`19`	`+ c.User.IsAuthenticated() \|\|`
	`20`	`+ c.User.HasClaim("is4-rights", "manager") \|\|`
	`21`	`+ c.User.IsInRole("Administrador")));`
`15`	`22`	`});`
`16`	`23`
`17`	`24`	`}`
`18`		`-`
`19`		`-`
`20`	`25`	`}`
`21`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,11 +9,12 @@`
`9`	`9`	`using Jp.Domain.Core.Notifications;`
`10`	`10`	`using Jp.Infra.CrossCutting.Tools.Model;`
`11`	`11`	`using MediatR;`
	`12`	`+using Microsoft.AspNetCore.Authorization;`
`12`	`13`	`using Microsoft.AspNetCore.Mvc;`
`13`	`14`
`14`	`15`	`namespace Jp.Management.Controllers`
`15`	`16`	`{`
`16`		`- [Route("[controller]")]`
	`17`	`+ [Route("[controller]"), Authorize(Policy = "ReadOnly")]`
`17`	`18`	`public class ApiResourceController : ApiController`
`18`	`19`	`{`
`19`	`20`	`private readonly IApiResourceAppService _apiResourceAppService;`
`@@ -41,7 +42,7 @@ public async Task<ActionResult<DefaultResponse<ApiResource>>> Details(string nam`
`41`	`42`	`return Response(irs);`
`42`	`43`	`}`
`43`	`44`
`44`		`- [HttpPost, Route("save")]`
	`45`	`+ [HttpPost, Route("save"), Authorize(Policy = "Admin")]`
`45`	`46`	`public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] ApiResource model)`
`46`	`47`	`{`
`47`	`48`	`if (!ModelState.IsValid)`
`@@ -53,7 +54,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] ApiResour`
`53`	`54`	`return Response(true);`
`54`	`55`	`}`
`55`	`56`
`56`		`- [HttpPost, Route("update")]`
	`57`	`+ [HttpPost, Route("update"), Authorize(Policy = "Admin")]`
`57`	`58`	`public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] ApiResource model)`
`58`	`59`	`{`
`59`	`60`	`if (!ModelState.IsValid)`
`@@ -65,7 +66,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] ApiReso`
`65`	`66`	`return Response(true);`
`66`	`67`	`}`
`67`	`68`
`68`		`- [HttpPost, Route("remove")]`
	`69`	`+ [HttpPost, Route("remove"), Authorize(Policy = "Admin")]`
`69`	`70`	`public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveApiResourceViewModel model)`
`70`	`71`	`{`
`71`	`72`	`if (!ModelState.IsValid)`
`@@ -86,7 +87,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<SecretViewModel>>>> S`
`86`	`87`	`return Response(clients);`
`87`	`88`	`}`
`88`	`89`
`89`		`- [HttpPost, Route("remove-secret")]`
	`90`	`+ [HttpPost, Route("remove-secret"), Authorize(Policy = "Admin")]`
`90`	`91`	`public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] RemoveApiSecretViewModel model)`
`91`	`92`	`{`
`92`	`93`	`if (!ModelState.IsValid)`
`@@ -99,7 +100,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] R`
`99`	`100`	`}`
`100`	`101`
`101`	`102`
`102`		`- [HttpPost, Route("save-secret")]`
	`103`	`+ [HttpPost, Route("save-secret"), Authorize(Policy = "Admin")]`
`103`	`104`	`public async Task<ActionResult<DefaultResponse<bool>>> SaveSecret([FromBody] SaveApiSecretViewModel model)`
`104`	`105`	`{`
`105`	`106`	`if (!ModelState.IsValid)`
`@@ -118,7 +119,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ScopeViewModel>>>> Sc`
`118`	`119`	`return Response(clients);`
`119`	`120`	`}`
`120`	`121`
`121`		`- [HttpPost, Route("remove-scope")]`
	`122`	`+ [HttpPost, Route("remove-scope"), Authorize(Policy = "Admin")]`
`122`	`123`	`public async Task<ActionResult<DefaultResponse<bool>>> RemoveScope([FromBody] RemoveApiScopeViewModel model)`
`123`	`124`	`{`
`124`	`125`	`if (!ModelState.IsValid)`
`@@ -131,7 +132,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveScope([FromBody] Re`
`131`	`132`	`}`
`132`	`133`
`133`	`134`
`134`		`- [HttpPost, Route("save-scope")]`
	`135`	`+ [HttpPost, Route("save-scope"), Authorize(Policy = "Admin")]`
`135`	`136`	`public async Task<ActionResult<DefaultResponse<bool>>> SaveScope([FromBody] SaveApiScopeViewModel model)`
`136`	`137`	`{`
`137`	`138`	`if (!ModelState.IsValid)`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`using System.Collections.Generic;`
	`2`	`+using System.Linq;`
`2`	`3`	`using System.Threading.Tasks;`
`3`	`4`	`using IdentityServer4.Models;`
`4`	`5`	`using Jp.Application.Interfaces;`
`@@ -8,13 +9,12 @@`
`8`	`9`	`using Jp.Domain.Core.Notifications;`
`9`	`10`	`using Jp.Infra.CrossCutting.Tools.Model;`
`10`	`11`	`using MediatR;`
	`12`	`+using Microsoft.AspNetCore.Authorization;`
`11`	`13`	`using Microsoft.AspNetCore.Mvc;`
`12`	`14`
`13`	`15`	`namespace Jp.Management.Controllers`
`14`	`16`	`{`
`15`		`- [Route("[controller]"),`
`16`		`- // Authorize(Policy = "IS4-ReadOnly")`
`17`		`- ]`
	`17`	`+ [Route("[controller]"), Authorize(Policy = "ReadOnly")]`
`18`	`18`	`public class ClientsController : ApiController`
`19`	`19`	`{`
`20`	`20`	`private readonly IClientAppService _clientAppService;`
`@@ -34,7 +34,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ClientListViewModel>>`
`34`	`34`	`return Response(clients);`
`35`	`35`	`}`
`36`	`36`
`37`		`- [HttpPost, Route("save")]`
	`37`	`+ [HttpPost, Route("save"), Authorize(Policy = "Admin")]`
`38`	`38`	`public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] SaveClientViewModel client)`
`39`	`39`	`{`
`40`	`40`	`if (!ModelState.IsValid)`
`@@ -46,7 +46,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] SaveClien`
`46`	`46`	`return Response(true);`
`47`	`47`	`}`
`48`	`48`
`49`		`- [HttpPost, Route("update")]`
	`49`	`+ [HttpPost, Route("update"), Authorize(Policy = "Admin")]`
`50`	`50`	`public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] Client client)`
`51`	`51`	`{`
`52`	`52`	`if (!ModelState.IsValid)`
`@@ -58,7 +58,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] Client`
`58`	`58`	`return Response(true);`
`59`	`59`	`}`
`60`	`60`
`61`		`- [HttpPost, Route("remove")]`
	`61`	`+ [HttpPost, Route("remove"), Authorize(Policy = "Admin")]`
`62`	`62`	`public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveClientViewModel client)`
`63`	`63`	`{`
`64`	`64`	`if (!ModelState.IsValid)`
`@@ -70,7 +70,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveC`
`70`	`70`	`return Response(true);`
`71`	`71`	`}`
`72`	`72`
`73`		`- [HttpPost, Route("copy")]`
	`73`	`+ [HttpPost, Route("copy"), Authorize(Policy = "Admin")]`
`74`	`74`	`public async Task<ActionResult<DefaultResponse<bool>>> Copy([FromBody] CopyClientViewModel client)`
`75`	`75`	`{`
`76`	`76`	`if (!ModelState.IsValid)`
`@@ -96,7 +96,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<SecretViewModel>>>> S`
`96`	`96`	`return Response(clients);`
`97`	`97`	`}`
`98`	`98`
`99`		`- [HttpPost, Route("remove-secret")]`
	`99`	`+ [HttpPost, Route("remove-secret"), Authorize(Policy = "Admin")]`
`100`	`100`	`public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] RemoveClientSecretViewModel model)`
`101`	`101`	`{`
`102`	`102`	`if (!ModelState.IsValid)`
`@@ -109,7 +109,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveSecret([FromBody] R`
`109`	`109`	`}`
`110`	`110`
`111`	`111`
`112`		`- [HttpPost, Route("save-secret")]`
	`112`	`+ [HttpPost, Route("save-secret"), Authorize(Policy = "Admin")]`
`113`	`113`	`public async Task<ActionResult<DefaultResponse<bool>>> SaveSecret([FromBody] SaveClientSecretViewModel model)`
`114`	`114`	`{`
`115`	`115`	`if (!ModelState.IsValid)`
`@@ -128,7 +128,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ClientPropertyViewMod`
`128`	`128`	`return Response(clients);`
`129`	`129`	`}`
`130`	`130`
`131`		`- [HttpPost, Route("remove-property")]`
	`131`	`+ [HttpPost, Route("remove-property"), Authorize(Policy = "Admin")]`
`132`	`132`	`public async Task<ActionResult<DefaultResponse<bool>>> RemoveProperty([FromBody] RemovePropertyViewModel model)`
`133`	`133`	`{`
`134`	`134`	`if (!ModelState.IsValid)`
`@@ -141,7 +141,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveProperty([FromBody]`
`141`	`141`	`}`
`142`	`142`
`143`	`143`
`144`		`- [HttpPost, Route("save-property")]`
	`144`	`+ [HttpPost, Route("save-property"), Authorize(Policy = "Admin")]`
`145`	`145`	`public async Task<ActionResult<DefaultResponse<bool>>> SaveProperty([FromBody] SaveClientPropertyViewModel model)`
`146`	`146`	`{`
`147`	`147`	`if (!ModelState.IsValid)`
`@@ -160,7 +160,7 @@ public async Task<ActionResult<DefaultResponse<IEnumerable<ClaimViewModel>>>> Cl`
`160`	`160`	`return Response(clients);`
`161`	`161`	`}`
`162`	`162`
`163`		`- [HttpPost, Route("remove-claim")]`
	`163`	`+ [HttpPost, Route("remove-claim"), Authorize(Policy = "Admin")]`
`164`	`164`	`public async Task<ActionResult<DefaultResponse<bool>>> RemoveClaim([FromBody] RemoveClientClaimViewModel model)`
`165`	`165`	`{`
`166`	`166`	`if (!ModelState.IsValid)`
`@@ -173,7 +173,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> RemoveClaim([FromBody] Re`
`173`	`173`	`}`
`174`	`174`
`175`	`175`
`176`		`- [HttpPost, Route("save-claim")]`
	`176`	`+ [HttpPost, Route("save-claim"), Authorize(Policy = "Admin")]`
`177`	`177`	`public async Task<ActionResult<DefaultResponse<bool>>> SaveClaim([FromBody] SaveClientClaimViewModel model)`
`178`	`178`	`{`
`179`	`179`	`if (!ModelState.IsValid)`
Original file line number	Diff line number	Diff line change
`@@ -10,13 +10,12 @@`
`10`	`10`	`using Jp.Domain.Core.Notifications;`
`11`	`11`	`using Jp.Infra.CrossCutting.Tools.Model;`
`12`	`12`	`using MediatR;`
	`13`	`+using Microsoft.AspNetCore.Authorization;`
`13`	`14`	`using Microsoft.AspNetCore.Mvc;`
`14`	`15`
`15`	`16`	`namespace Jp.Management.Controllers`
`16`	`17`	`{`
`17`		`- [Route("[controller]"),`
`18`		`- // Authorize(Policy = "IS4-ReadOnly")`
`19`		`- ]`
	`18`	`+ [Route("[controller]"), Authorize(Policy = "ReadOnly")]`
`20`	`19`	`public class IdentityResourceController: ApiController`
`21`	`20`	`{`
`22`	`21`	`private readonly IIdentityResourceAppService _identityResourceAppService;`
`@@ -43,7 +42,7 @@ public async Task<ActionResult<DefaultResponse<IdentityResource>>> Details(strin`
`43`	`42`	`return Response(irs);`
`44`	`43`	`}`
`45`	`44`
`46`		`- [HttpPost, Route("save")]`
	`45`	`+ [HttpPost, Route("save"), Authorize(Policy = "Admin")]`
`47`	`46`	`public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] IdentityResource model)`
`48`	`47`	`{`
`49`	`48`	`if (!ModelState.IsValid)`
`@@ -55,7 +54,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Save([FromBody] IdentityR`
`55`	`54`	`return Response(true);`
`56`	`55`	`}`
`57`	`56`
`58`		`- [HttpPost, Route("update")]`
	`57`	`+ [HttpPost, Route("update"), Authorize(Policy = "Admin")]`
`59`	`58`	`public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] IdentityResource model)`
`60`	`59`	`{`
`61`	`60`	`if (!ModelState.IsValid)`
`@@ -67,7 +66,7 @@ public async Task<ActionResult<DefaultResponse<bool>>> Update([FromBody] Identit`
`67`	`66`	`return Response(true);`
`68`	`67`	`}`
`69`	`68`
`70`		`- [HttpPost, Route("remove")]`
	`69`	`+ [HttpPost, Route("remove"), Authorize(Policy = "Admin")]`
`71`	`70`	`public async Task<ActionResult<DefaultResponse<bool>>> Remove([FromBody] RemoveIdentityResourceViewModel model)`
`72`	`71`	`{`
`73`	`72`	`if (!ModelState.IsValid)`