Beispiel #1
0
        public bool CheckAccess(IEnumerable <string> actions, IEnumerable <string> resources)
        {
            resources = resources.Select(resource => ClaimsConstants.ApiClaimType + resource.ToLower());
            actions   = actions.Select(action => action.ToLower());
            var claims = UserContext.AllRetrieveClaims();

            if (!UserContext.IsAuthenticated)
            {
                return(false);
            }

            return
                (resources.Any(
                     resource => actions.Any(action => claims.HasClaim(resource, action, false))) ||
                 resources.Any(resource => actions.Any(action => claims.HasClaim(resource, "all", false))));
        }