v9.0.5 / Fixed tenant registration / UX identity roles.

Author: eben-roux

Shuttle.Access.Application/RegisterTenantParticipant.cs

@@ -13,17 +13,28 @@ public async Task HandleAsync(RegisterTenant message, CancellationToken cancella
         ArgumentNullException.ThrowIfNull(idKeyRepository);
 
         var key = Tenant.Key(message.Name);
+        var id = await idKeyRepository.FindAsync(key, cancellationToken);
 
-        if (await idKeyRepository.ContainsAsync(key, cancellationToken))
+        if (!id.HasValue)
         {
-            return;
+            await idKeyRepository.AddAsync(message.Id, key, cancellationToken);
         }
-
-        await idKeyRepository.AddAsync(message.Id, key, cancellationToken);
-
-        var stream = (await eventStore.GetAsync(message.Id, cancellationToken)).MustBeEmpty();
+        else
+        {
+            if (!id.Value.Equals(message.Id))
+            {
+                throw new ApplicationException($"There is already a tenant key '{key}' which is associated with id '{id.Value}'.");
+            }
+        }
+        
+        var stream = await eventStore.GetAsync(message.Id, cancellationToken);
         var aggregate = stream.Get<Tenant>();
 
+        if (!string.IsNullOrWhiteSpace(aggregate.Name))
+        {
+            return;
+        }
+
         stream.Add(aggregate.Register(message.Name, (int)message.Status, message.LogoSvg, message.LogoUrl));
 
         await eventStore.SaveAsync(stream, builder => builder.Audit(message), cancellationToken);

Shuttle.Access.Application/Shuttle.Access.Application.csproj

@@ -32,7 +32,7 @@
 
   <PropertyGroup>
     <Description>Application concern implementations such as Shuttle.Mediator participants.</Description>
-    <Version>9.0.4</Version>
+    <Version>9.0.5</Version>
     <Authors>Eben Roux</Authors>
     <Company>Shuttle</Company>
     <Copyright>Copyright (c) 2025, Eben Roux</Copyright>

Shuttle.Access.AspNetCore/Shuttle.Access.AspNetCore.csproj

@@ -33,7 +33,7 @@
 
   <PropertyGroup>
     <Description>Authorization middleware for web API endpoints using Shuttle.Access.</Description>
-    <Version>9.0.4</Version>
+    <Version>9.0.5</Version>
     <Authors>Eben Roux</Authors>
     <Company>Shuttle</Company>
     <Copyright>Copyright (c) 2025, Eben Roux</Copyright>

Shuttle.Access.Messages/Shuttle.Access.Messages.csproj

@@ -27,7 +27,7 @@
 
   <PropertyGroup>
     <Description>Messages for use in Shuttle.Access implementations.</Description>
-    <Version>9.0.4</Version>
+    <Version>9.0.5</Version>
     <Authors>Eben Roux</Authors>
     <Company>Shuttle</Company>
     <Copyright>Copyright (c) 2025, Eben Roux</Copyright>

Shuttle.Access.Messages/v1/RegisterTenant.cs

@@ -8,4 +8,5 @@ public class RegisterTenant : AuditMessage
     public string LogoUrl { get; set; } = string.Empty;
     public int Status { get; set; } = 1;
     public string AdministratorIdentityName { get; set; } = string.Empty;
+    public Guid AccessAdministratorRoleId { get; set; }
 }

Shuttle.Access.RestClient/Shuttle.Access.RestClient.csproj

@@ -33,7 +33,7 @@
 
   <PropertyGroup>
     <Description>A client used to interact with the restful Shuttle.Access web API.</Description>
-    <Version>9.0.4</Version>
+    <Version>9.0.5</Version>
     <Authors>Eben Roux</Authors>
     <Company>Shuttle</Company>
     <Copyright>Copyright (c) 2025, Eben Roux</Copyright>

Shuttle.Access.Server/v1/MessageHandlers/RegisterRoleHandler.cs

@@ -1,14 +1,11 @@
 using Shuttle.Access.Messages.v1;
-using Shuttle.Contract;
-using Shuttle.Mediator;
 using Shuttle.Hopper;
-using Shuttle.Recall;
+using Shuttle.Mediator;
 using Shuttle.Recall.SqlServer.Storage;
-using RoleRegistered = Shuttle.Access.Messages.v2.RoleRegistered;
 
 namespace Shuttle.Access.Server.v1.MessageHandlers;
 
-public class RegisterRoleHandler(IBus bus, IMediator mediator, IPermissionQuery permissionQuery)
+public class RegisterRoleHandler(IBus bus, IMediator mediator, IPermissionQuery permissionQuery, IIdKeyRepository idKeyRepository)
     : IMessageHandler<RegisterRole>
 {
     public async Task HandleAsync(RegisterRole message, CancellationToken cancellationToken = default)
@@ -17,6 +14,7 @@ public async Task HandleAsync(RegisterRole message, CancellationToken cancellati
         ArgumentNullException.ThrowIfNull(bus);
         ArgumentNullException.ThrowIfNull(mediator);
         ArgumentNullException.ThrowIfNull(permissionQuery);
+        ArgumentNullException.ThrowIfNull(idKeyRepository);
 
         var permissionIds = new List<Guid>();
 
@@ -42,6 +40,15 @@ public async Task HandleAsync(RegisterRole message, CancellationToken cancellati
             }
         }
 
+        var key = Role.Key(message.Name, message.TenantId);
+
+        if (await idKeyRepository.ContainsAsync(key, cancellationToken))
+        {
+            return;
+        }
+
+        await idKeyRepository.AddAsync(message.Id, key, cancellationToken);
+
         var registerRole = new Application.RegisterRole(message.Id, message.TenantId, message.Name, message.AuditTenantId, message.AuditIdentityName);
 
         foreach (var permissionId in permissionIds)

Shuttle.Access.Server/v1/MessageHandlers/RegisterTenantHandler.cs

@@ -1,40 +1,50 @@
-using System.Transactions;
-using Shuttle.Access.Messages.v1;
-using Shuttle.Contract;
+using Shuttle.Access.Messages.v1;
 using Shuttle.Mediator;
 using Shuttle.Hopper;
 
 namespace Shuttle.Access.Server.v1.MessageHandlers;
 
-public class RegisterTenantHandler(ITenantQuery tenantQuery, IRoleQuery roleQuery, IIdentityQuery identityQuery, IMediator mediator) :  IMessageHandler<RegisterTenant>
+public class RegisterTenantHandler(ITenantQuery tenantQuery, IRoleQuery roleQuery, IPermissionQuery permissionQuery, IIdentityQuery identityQuery, IMediator mediator, IBus bus) :  IMessageHandler<RegisterTenant>
 {
-    private readonly IIdentityQuery _identityQuery = Guard.AgainstNull(identityQuery);
-    private readonly IMediator _mediator = Guard.AgainstNull(mediator);
-    private readonly IRoleQuery _roleQuery = Guard.AgainstNull(roleQuery);
-    private readonly ITenantQuery _tenantQuery = Guard.AgainstNull(tenantQuery);
-
     public async Task HandleAsync(RegisterTenant message, CancellationToken cancellationToken = default)
     {
-        Guard.AgainstNull(message);
+        ArgumentNullException.ThrowIfNull(tenantQuery);
+        ArgumentNullException.ThrowIfNull(roleQuery);
+        ArgumentNullException.ThrowIfNull(permissionQuery);
+        ArgumentNullException.ThrowIfNull(identityQuery);
+        ArgumentNullException.ThrowIfNull(mediator);
+        ArgumentNullException.ThrowIfNull(bus);
+        ArgumentNullException.ThrowIfNull(message);
 
-        var identity = (await _identityQuery.SearchAsync(new Query.Identity.Specification().WithName(message.AdministratorIdentityName), cancellationToken)).FirstOrDefault();
+        var identity = (await identityQuery.SearchAsync(new Query.Identity.Specification().WithName(message.AdministratorIdentityName), cancellationToken)).FirstOrDefault();
 
         if (identity == null)
         {
-            return;
+            throw new ApplicationException($"Could not find the administrator identity with name '{message.AdministratorIdentityName}'.");
         }
 
-        using (new TransactionScope(TransactionScopeOption.Suppress, TransactionScopeAsyncFlowOption.Enabled))
+        var accessAdministratorPermission = (await permissionQuery.SearchAsync(new Query.Permission.Specification().AddName(AccessPermissions.Administrator), cancellationToken)).FirstOrDefault();
+
+        if (accessAdministratorPermission == null)
         {
-            await mediator.SendAsync(message, cancellationToken);
+            throw new ApplicationException($"Could not find the Access administrator permission '{AccessPermissions.Administrator}'.");
         }
 
+        var registerTenant = new Application.RegisterTenant(message.Id, message.Name, (TenantStatus)message.Status, message.AuditTenantId, message.AuditIdentityName)
+        {
+            LogoUrl = message.LogoUrl,
+            LogoSvg = message.LogoSvg
+        };
+
+        await mediator.SendAsync(registerTenant, cancellationToken);
+
         Query.Tenant? tenant;
 
         var timeout = DateTime.UtcNow.AddSeconds(15);
+
         do
         {
-            tenant = (await _tenantQuery.SearchAsync(new Query.Tenant.Specification().AddId(message.Id), cancellationToken)).FirstOrDefault();
+            tenant = (await tenantQuery.SearchAsync(new Query.Tenant.Specification().AddId(message.Id), cancellationToken)).FirstOrDefault();
 
             if (tenant == null)
             {
@@ -49,19 +59,18 @@ public async Task HandleAsync(RegisterTenant message, CancellationToken cancella
 
         var auditInformation = new AuditInformation(message.Id, "system");
 
-        var registerRoleMessage = new Application.RegisterRole(Guid.NewGuid(), message.Id, "Access Administrator", message.AuditTenantId, message.AuditIdentityName);
+        var registerRoleMessage = new Application.RegisterRole(message.AccessAdministratorRoleId, message.Id, "Access Administrator", message.AuditTenantId, message.AuditIdentityName);
 
-        using (new TransactionScope(TransactionScopeOption.Suppress, TransactionScopeAsyncFlowOption.Enabled))
-        {
-            await _mediator.SendAsync(registerRoleMessage, cancellationToken);
-        }
+        registerRoleMessage.AddPermissionId(accessAdministratorPermission.Id);
+
+        await mediator.SendAsync(registerRoleMessage, cancellationToken);
 
         Query.Role? role;
 
         timeout = DateTime.UtcNow.AddSeconds(15);
         do
         {
-            role = (await _roleQuery.SearchAsync(new Query.Role.Specification().AddName("Access Administrator").WithTenantId(message.Id), cancellationToken)).FirstOrDefault();
+            role = (await roleQuery.SearchAsync(new Query.Role.Specification().AddId(message.AccessAdministratorRoleId), cancellationToken)).FirstOrDefault();
 
             if (role == null)
             {
@@ -83,7 +92,7 @@ public async Task HandleAsync(RegisterTenant message, CancellationToken cancella
             AuditTenantId = auditInformation.AuditTenantId
         };
 
-        await _mediator.SendAsync(registerAdministratorMessage, cancellationToken);
+        await bus.SendAsync(registerAdministratorMessage, builder => builder.ToSelf(), cancellationToken);
 
         var setIdentityRoleMessage = new SetIdentityRoleStatus
         {
@@ -94,6 +103,6 @@ public async Task HandleAsync(RegisterTenant message, CancellationToken cancella
             AuditTenantId = auditInformation.AuditTenantId
         };
 
-        await _mediator.SendAsync(setIdentityRoleMessage, cancellationToken);
+        await bus.SendAsync(setIdentityRoleMessage, builder => builder.ToSelf(), cancellationToken);
     }
 }

Shuttle.Access.SqlServer/IdentityQuery.cs

@@ -81,6 +81,7 @@ public async Task<IEnumerable<Guid>> TenantIdsAsync(Query.Identity.Specification
                     Id = item.RoleId,
                     Name = item.Role.Name,
                     TenantId = item.Role.TenantId,
+                    TenantName = item.Role.Tenant.Name,
                     Permissions = specification.ShouldIncludePermissions
                         ? item.Role.RolePermissions.Select(rp => new Query.Permission
                         {
@@ -104,7 +105,9 @@ public async Task<IEnumerable<Guid>> TenantIdsAsync(Query.Identity.Specification
             : queryable;
 
         queryable = identitySpecification is { ShouldIncludeRoles: true, ShouldIncludePermissions: false }
-            ? queryable.Include(item => item.IdentityRoles).ThenInclude(item => item.Role)
+            ? queryable.Include(item => item.IdentityRoles)
+                .ThenInclude(item => item.Role)
+                .ThenInclude(item => item.Tenant)
             : queryable;
 
         queryable = identitySpecification.ShouldIncludePermissions