public async Task <IActionResult> Delete(int id)
{
if (id == 0)
{
return(BadRequest());
}
var authorizationResult = await _authorizationService.Authorize(User, id);
if (!authorizationResult)
{
return(Forbid());
}
using (var uow = _unitOfWork.Create())
{
try
{
await _deviceService.DeleteAsync(id);
uow.Commit();
}
catch (RecordNotFoundException)
{
return(NotFound());
}
}
return(NoContent());
}
public bool IssueBook(int userId, Book book)
{
_authorizationService.Authorize(loggedInUser.roleName, "IssueBook");
if (book.quantity > 0 && _transactionRepository.IssueBook(userId, book) == true)
{
_bookRepository.EditQuantity(book.bookId, book.quantity - 1);
return(true);
}
return(false);
}
public ActionResult Index()
{
var dinners = _context.Dinners;
return(View(new DinnerIndexPageViewModel
{
Dinners = dinners.ToList(),
CanCreateDinner = _service.Authorize <DinnerController>(c => c.Create(), User)
}));
}
public async Task <TokenModel> Handle(AuthorizeAccountCommand request, CancellationToken cancellationToken)
{
var token = await _authorizationService.Authorize(request.Email, request.Password, cancellationToken)
.ConfigureAwait(false);
return(token);
}
public Task Process(TRequest request, CancellationToken cancellationToken)
{
var authResult = _authorizationService.Authorize();
_logger.LogDebug("AuthorizationResult: {authResult}", authResult);
return(Task.CompletedTask);
}
public static AuthorizationResult Authorize(this IAuthorizationService authorizationService, object resource, string policyName)
{
return(authorizationService.Authorize(
authorizationService.AsAbpAuthorizationService().CurrentPrincipal,
resource,
policyName
));
}
private bool IsUserAuthorizedFor(object view)
{
var requirement = view.ToRequirement();
var authState = _authenticationState.GetAuthenticationState();
var user = authState.User;
var result = _authorizationService.Authorize(user, requirement);
return(result.Success);
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="resource">The resource the policy should be checked with.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static bool Authorize([NotNull] this IAuthorizationService service, ClaimsPrincipal user, object resource, [NotNull] AuthorizationPolicy policy)
{
// TODO: REeanble
//if (policy.ActiveAuthenticationSchemes != null && policy.ActiveAuthenticationSchemes.Any() && user != null)
//{
// // Filter the user to only contain the active authentication types
// user = new ClaimsPrincipal(user.Identities.Where(i => policy.ActiveAuthenticationSchemes.Contains(i.AuthenticationScheme)));
//}
return(service.Authorize(user, resource, policy.Requirements.ToArray()));
}
public Task <bool> Authorize(ClaimsPrincipal user, IMessage message)
{
var policyName = options.GetPolicyFor(message.GetType());
if (policyName != null)
{
return(authorizationService.Authorize(this, user, message, policyName));
}
else
{
return(Task.FromResult(true));
}
}
private async void OnAuthorizeCommandAsync()
{
if (_authorizationService.Authorize(Login, Password))
{
await NavigationService.NavigateAsync($"/{nameof(NavigationPage)}/{nameof(Views.MainPage)}");
}
else
{
await Application.Current.MainPage.DisplayAlert(Resources["Oops"], Resources["WrongCredentials"], Resources["Ok"]);
Password = string.Empty;
RaisePropertyChanged($"{nameof(Password)}");
}
}
public async Task <IActionResult> Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
var user = await _authorizationService.Authorize(model.UserName, model.Password);
await _signInManager.SignInAsync(user, model.RememberMe);
if (string.IsNullOrEmpty(model.ReturnUrl) && Url.IsLocalUrl(model.ReturnUrl))
{
return(Redirect(model.ReturnUrl));
}
}
return(View(model));
}
private async void OnSignInTappedCommandAsync()
{
int id = _authenticationService.Authenticate(SignIn.Login, SignIn.Password);
if (id != 0)
{
_authorizationService.Authorize(id);
await _navigationService.NavigateAsync("/NavigationPage/MainListPage");
}
else
{
await App.Current.MainPage.DisplayAlert(LocalizedResources["AlertWhoops"], LocalizedResources["AlertSomethingWentWrong"], "OK");
SignIn = new User()
{
Login = this.SignIn.Login, Password = string.Empty
};
}
}
public async Task <IActionResult> Authorize([FromBody] AuthorizationInfo authInfo)
{
var authResult = await authorizationService.Authorize(authInfo);
if (authResult.ResultStatus == HttpStatusCode.OK)
{
var option = new CookieOptions
{
Expires = DateTime.Now.AddDays(15)
};
Response.Cookies.Append("GUID", authResult.GUID, option);
Response.Cookies.Append("atoken", authResult.atoken, option);
Response.Cookies.Append("stoken", authResult.stoken, option);
Response.Cookies.Append("gameUrl", authInfo.GameUrl, option);
return(Ok(authResult.ResultStatus));
}
return(BadRequest("Failed"));
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (!request.RequestUri.AbsolutePath.ToLower().StartsWith("/api/"))
{
return(base.SendAsync(request, cancellationToken));
}
IEnumerable <string> apiKeyHeaderValues = null;
if (request.Headers.TryGetValues("X-ApiKey", out apiKeyHeaderValues))
{
var apiKeyHeaderValue = apiKeyHeaderValues.First();
if (!string.IsNullOrEmpty(apiKeyHeaderValue) &&
_service.Authorize(apiKeyHeaderValue))
{
return(base.SendAsync(request, cancellationToken));
}
}
return(Task.FromResult(request.CreateResponse(HttpStatusCode.Unauthorized)));
}
public async Task <IActionResult> ProcessCallback()
{
await _authorizationService.Authorize(Request.HttpContext);
FacebookWebhookRequest request = null;
using (var reader = new StreamReader(Request.Body))
{
var body = reader.ReadToEnd();
request = JsonConvert.DeserializeObject <FacebookWebhookRequest>(body);
}
var requestProcessor = new FacebookRequestProcessor();
// Fire and forget this service call since the response isn't dependent on the result of this
#pragma warning disable CS4014 // Because this call is not awaited, execution of the current method continues before the call is completed
requestProcessor.ProcessReqeust(request);
#pragma warning restore CS4014 // Because this call is not awaited, execution of the current method continues before the call is completed
return(Ok());
}
public AuthorizationResponse Authorize([FromBody] AuthorizationRequest request)
{
AuthorizationResponse response = _authorizationService.Authorize(request);
return(response);
}
public async Task <AuthorizationResult> Authorize <TRequest>(TRequest request)
{
return(await _authorizationService.Authorize(await _userAccessor.GetClaimsPrincipal(), request, resource : null));
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
return(_authorizationService.Authorize(httpContext));
}
/// <summary>
/// Checks if a user has specific claims for a specific context obj.
/// </summary>
/// <param name="claim">The claimsto check against a specific user.</param>
/// <param name="user">The user to check claims against.</param>
/// <param name="resource">The resource the claims should be check with.</param>
/// <returns><value>true</value> when the user fulfills one of the claims, <value>false</value> otherwise.</returns>
public static bool Authorize([NotNull] this IAuthorizationService service, Claim claim, ClaimsPrincipal user, object resource)
{
return service.Authorize(new Claim[] { claim }, user, resource);
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static bool Authorize([NotNull] this IAuthorizationService service, ClaimsPrincipal user, [NotNull] AuthorizationPolicy policy)
{
return(service.Authorize(user, resource: null, requirements: policy.Requirements.ToArray()));
}
/// <summary>
/// Checks if a user meets a specific requirement for the specified resource
/// </summary>
/// <param name="user"></param>
/// <param name="resource"></param>
/// <param name="requirement"></param>
/// <returns></returns>
public static bool Authorize([NotNull] this IAuthorizationService service, ClaimsPrincipal user, object resource, [NotNull] IAuthorizationRequirement requirement)
{
return(service.Authorize(user, resource, new IAuthorizationRequirement[] { requirement }));
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="policyName">The name of the policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static bool Authorize([NotNull] this IAuthorizationService service, ClaimsPrincipal user, [NotNull] string policyName)
{
return(service.Authorize(user, resource: null, policyName: policyName));
}
/// <summary>
/// Checks if a user has specific claims.
/// </summary>
/// <param name="claims">The claims to check against a specific user.</param>
/// <param name="user">The user to check claims against.</param>
/// <returns><value>true</value> when the user fulfills one of the claims, <value>false</value> otherwise.</returns>
public static bool Authorize([NotNull] this IAuthorizationService service, IEnumerable<Claim> claims, ClaimsPrincipal user)
{
return service.Authorize(claims, user, null);
}
// UserRepository urep = new UserRepository();
public bool AddUser(User newUser)
{
_authorizationService.Authorize(loggedInUser.roleName, "AddUser");
return(_userRepository.AddUser(newUser));
}
public static bool IsGranted(this IAuthorizationService authorizationService, string policyName)
{
return(authorizationService.Authorize(policyName).Succeeded);
}
public void Authorize_WithWrongLogin_ShouldSuccess()
{
Assert.DoesNotThrowAsync(async() => await _authorizationService.Authorize(Login, Password));
}
//BookRepository bookRepository = new BookRepository();
public bool AddBook(Book book)
{
_authorizationService.Authorize(loggedInUser.roleName, "AddBook");
return(_bookRepository.AddBook(book));
}
