Move swagger out of development-only.

2023-02-06 16:04:44 -06:00
parent bc07f728cf
commit 049465953c
4 changed files with 17 additions and 11 deletions
--- a/Shogi.Api/Models/User.cs
+++ b/Shogi.Api/Models/User.cs
@@ -30,10 +30,6 @@ public class User

  public WhichLoginPlatform LoginPlatform { get; }

-  public bool IsGuest => LoginPlatform == WhichLoginPlatform.Guest;
-
-  public bool IsAdmin => LoginPlatform == WhichLoginPlatform.Microsoft && Id == "Hauth@live.com";
-
  public User(string id, string displayName, WhichLoginPlatform platform)
  {
    Id = id;
--- a/Shogi.Api/Program.cs
+++ b/Shogi.Api/Program.cs
@@ -48,16 +48,17 @@ namespace Shogi.Api
            // Configure the HTTP request pipeline.
            if (app.Environment.IsDevelopment())
            {
-                app.UseSwagger();
-                app.UseSwaggerUI(options =>
-                {
-                    options.OAuthScopes("api://c1e94676-cab0-42ba-8b6c-9532b8486fff/DefaultScope");
-                    options.OAuthConfigObject.ClientId = builder.Configuration["AzureAd:SwaggerUIClientId"];
-                    options.OAuthConfigObject.UsePkceWithAuthorizationCodeGrant = true;
-                });
                app.UseHttpsRedirection(); // Apache handles HTTPS in production.
            }

+            app.UseSwagger();
+            app.UseSwaggerUI(options =>
+            {
+                options.OAuthScopes("api://c1e94676-cab0-42ba-8b6c-9532b8486fff/DefaultScope");
+                options.OAuthConfigObject.ClientId = builder.Configuration["AzureAd:SwaggerUIClientId"];
+                options.OAuthConfigObject.UsePkceWithAuthorizationCodeGrant = true;
+            });
+
            UseCorsAndWebSockets(app, allowedOrigins);

            app.UseAuthentication();
@@ -211,6 +212,7 @@ namespace Shogi.Api
                    BearerFormat = "JWT",
                    In = ParameterLocation.Header,
                });
+
                // This adds the lock symbol next to every route in SwaggerUI.
                options.AddSecurityRequirement(new OpenApiSecurityRequirement
                {
--- a/Shogi.Database/FirstTimeSetup.sql
+++ b/Shogi.Database/FirstTimeSetup.sql
@@ -0,0 +1,7 @@
+-- Create a user named Shogi.Api
+
+-- Create a role and grant execute permission to that role
+--CREATE ROLE db_executor
+--GRANT EXECUTE To db_executor
+
+-- Give Shogi.Api user permission to db_executor, db_datareader, db_datawriter
--- a/Shogi.Database/Shogi.Database.sqlproj
+++ b/Shogi.Database/Shogi.Database.sqlproj
@@ -95,5 +95,6 @@
  <ItemGroup>
    <None Include="Post Deployment\Scripts\PopulatePieces.sql" />
    <None Include="Post Deployment\Scripts\EnableSnapshotIsolationLevel.sql" />
+    <None Include="FirstTimeSetup.sql" />
  </ItemGroup>
 </Project>