/// <summary> /// Add policies to options /// </summary> /// <param name="options"></param> /// <param name="withAuthorization"></param> /// <param name="useRoleBasedAccess"></param> public static void AddPolicies(this AuthorizationOptions options, bool withAuthorization, bool useRoleBasedAccess) { if (!withAuthorization) { options.AddNoOpPolicies(Policies.All()); return; } options.AddPolicy(Policies.CanRead, policy => policy.RequireAuthenticatedUser()); if (!useRoleBasedAccess) { options.AddPolicy(Policies.CanWrite, policy => policy.RequireAuthenticatedUser()); options.AddPolicy(Policies.CanSign, policy => policy.RequireAuthenticatedUser()); options.AddPolicy(Policies.CanManage, policy => policy.RequireAuthenticatedUser()); } else { options.AddPolicy(Policies.CanWrite, policy => policy.RequireAuthenticatedUser() .Require(WriterRights)); options.AddPolicy(Policies.CanSign, policy => policy.RequireAuthenticatedUser() .Require(ApproverRights)); options.AddPolicy(Policies.CanManage, policy => policy.RequireAuthenticatedUser() .Require(AdminRights)); } }
/// <summary> /// Add policies to options /// </summary> /// <param name="options"></param> /// <param name="withAuthorization"></param> /// <param name="useRoleBasedAccess"></param> public static void AddPolicies(this AuthorizationOptions options, bool withAuthorization, bool useRoleBasedAccess) { if (!withAuthorization) { options.AddNoOpPolicies(Policies.All()); return; } options.AddPolicy(Policies.CanQuery, policy => policy.RequireAuthenticatedUser()); if (!useRoleBasedAccess) { options.AddPolicy(Policies.CanChange, policy => policy.RequireAuthenticatedUser()); options.AddPolicy(Policies.CanManage, policy => policy.RequireAuthenticatedUser()); } else { options.AddPolicy(Policies.CanChange, policy => policy.RequireAuthenticatedUser() .Require(ChangeRights)); options.AddPolicy(Policies.CanManage, policy => policy.RequireAuthenticatedUser() .Require(ManageRights)); } }
/// <summary> /// Add policies to options /// </summary> /// <param name="options"></param> /// <param name="withAuthorization"></param> /// <param name="useRoleBasedAccess"></param> public static void AddPolicies(this AuthorizationOptions options, bool withAuthorization, bool useRoleBasedAccess) { if (!withAuthorization) { options.AddNoOpPolicies(Policies.All()); return; } options.AddPolicy(Policies.CanBrowse, policy => policy.RequireAuthenticatedUser()); if (!useRoleBasedAccess) { options.AddPolicy(Policies.CanControl, policy => policy.RequireAuthenticatedUser()); options.AddPolicy(Policies.CanPublish, policy => policy.RequireAuthenticatedUser()); } else { options.AddPolicy(Policies.CanControl, policy => policy.RequireAuthenticatedUser() .Require(ControlRights)); options.AddPolicy(Policies.CanPublish, policy => policy.RequireAuthenticatedUser() .Require(PublishRights)); } }
/// <summary> /// Add policies to options /// </summary> /// <param name="options"></param> /// <param name="withAuthorization"></param> /// <param name="useRoleBasedAccess"></param> public static void AddPolicies(this AuthorizationOptions options, bool withAuthorization, bool useRoleBasedAccess) { if (!withAuthorization) { options.AddNoOpPolicies(Policies.All()); return; } options.AddPolicy(Policies.CanRead, policy => policy.RequireAuthenticatedUser()); if (!useRoleBasedAccess) { options.AddPolicy(Policies.CanUpdate, policy => policy.RequireAuthenticatedUser()); options.AddPolicy(Policies.CanDelete, policy => policy.RequireAuthenticatedUser()); } else { options.AddPolicy(Policies.CanUpdate, policy => policy.RequireAuthenticatedUser() .Require(UpdateRights)); options.AddPolicy(Policies.CanDelete, policy => policy.RequireAuthenticatedUser() .Require(UpdateRights)); } }
/// <summary> /// Add policies to options /// </summary> /// <param name="options"></param> /// <param name="withAuthorization"></param> /// <param name="useRoleBasedAccess"></param> public static void AddPolicies(this AuthorizationOptions options, bool withAuthorization, bool useRoleBasedAccess) { if (!withAuthorization) { options.AddNoOpPolicies(Policies.All()); return; } if (!useRoleBasedAccess) { options.AddPolicy(Policies.CanOnboard, policy => policy.RequireAuthenticatedUser()); } else { options.AddPolicy(Policies.CanOnboard, policy => policy.RequireAuthenticatedUser() .Require(AdminRights)); } }