/// <summary>
/// When implemented in a derived class, checks authorization for the subject in the specified context to perform the specified action on the specified resource.
/// </summary>
/// <param name="context">The authorization context that contains the subject, resource, and action for which authorization is to be checked.</param>
/// <returns>
/// true if the subject is authorized to perform the specified action on the specified resource; otherwise, false.
/// </returns>
public override bool CheckAccess(AuthorizationContext context)
{
bool result = false;
// 如果沒有Resource和Operation的情況下,表示可以看
if (context.Resource.Count == 0 && context.Action.Count == 0)
{
return(true);
}
if (context.Principal.Identity.IsAuthenticated)
{
string resourceStr = context.Resource.First().Value;
string operationStr = context.Action.First().Value;
ResourceOperationEnum operation = (ResourceOperationEnum)
Enum.Parse(typeof(ResourceOperationEnum), operationStr);
ResourceOperation resourceOperation = new ResourceOperation()
{
ResourceName = resourceStr,
Operation = operation
};
var rolesName = context.Principal.FindAll(x => x.Type == ClaimTypes.Role)
.Select(x => x.Value).ToArray();
result = CheckAccess(context, resourceOperation, rolesName);
}
return(result);
}
/// <summary>
/// 實例化一個 <see cref="ResourceOperation" /> 物件.
/// </summary>
/// <param name="resourceName">Resource名稱</param>
/// <param name="resourceOperation">Resource可以做的動作</param>
/// <param name="areaName">對應的Area名稱</param>
/// <param name="controllerName">對應的Controller名稱</param>
/// <param name="actionName">對應的Action名稱</param>
/// <param name="displayName">Resource顯示的名稱</param>
/// <param name="displayNameWithParent">Resource顯示的名稱 - 包括parent的部分</param>
public ResourceOperation(string resourceName,
ResourceOperationEnum resourceOperation,
string areaName, string controllerName,
string actionName, string displayName,
string displayNameWithParent)
{
ResourceName = resourceName;
Operation = resourceOperation;
AreaName = areaName;
ControllerName = controllerName;
ActionName = actionName;
DisplayName = displayName;
DisplayNameWithParent = displayNameWithParent;
}
/// <summary>
/// 實例化一個 <see cref="ResourceOperation" /> 物件.
/// </summary>
/// <param name="resourceName">Resource名稱</param>
/// <param name="resourceOperation">Resource可以做的動作</param>
/// <param name="areaName">對應的Area名稱</param>
/// <param name="controllerName">對應的Controller名稱</param>
/// <param name="actionName">對應的Action名稱</param>
/// <param name="displayName">Resource顯示的名稱</param>
/// <param name="displayNameWithParent">Resource顯示的名稱 - 包括parent的部分</param>
public ResourceOperation(string resourceName,
ResourceOperationEnum resourceOperation,
string areaName, string controllerName,
string actionName, string displayName,
string displayNameWithParent)
{
ResourceName = resourceName;
Operation = resourceOperation;
AreaName = areaName;
ControllerName = controllerName;
ActionName = actionName;
DisplayName = displayName;
DisplayNameWithParent = displayNameWithParent;
}