Example #1
0
        public async Task Create(
            AuthorizationPolicyInfo policy,
            CancellationToken cancellationToken = default(CancellationToken))
        {
            if (policy == null)
            {
                throw new ArgumentException("policy cannot be null");
            }

            using (var db = _contextFactory.CreateContext())
            {
                var entity = new AuthorizationPolicyEntity();
                policy.CopyTo(entity);
                SyncRoles(db, policy.AllowedRoles, entity);
                SyncSchemes(db, policy.AuthenticationSchemes, entity);
                SyncClaimRequirements(db, policy.RequiredClaims, entity);

                db.Policies.Add(entity);

                int rowsAffected = await db.SaveChangesAsync(cancellationToken)
                                   .ConfigureAwait(false);

                _cache.ClearListCache(policy.TenantId);
            }
        }
        public static AuthorizationPolicyInfo ToAuthorizationPolicyInfo(this AuthorizationPolicyEntity entity)
        {
            var policy = new AuthorizationPolicyInfo();

            policy.Id       = entity.Id;
            policy.Name     = entity.Name;
            policy.TenantId = entity.TenantId;
            policy.RequireAuthenticatedUser = entity.RequireAuthenticatedUser;
            policy.RequiredUserName         = entity.RequiredUserName;
            policy.Notes = entity.Notes;
            foreach (var r in entity.AllowedRoles)
            {
                policy.AllowedRoles.Add(r.AllowedRole);
            }
            foreach (var s in entity.AuthenticationSchemes)
            {
                policy.AuthenticationSchemes.Add(s.AuthenticationScheme);
            }
            foreach (var c in entity.RequiredClaims)
            {
                var cr = new ClaimRequirement();
                cr.ClaimName = c.ClaimName;
                foreach (var r in c.AllowedValues)
                {
                    cr.AllowedValues.Add(r.AllowedValue);
                }
                policy.RequiredClaims.Add(cr);
            }

            return(policy);
        }
 public static void CopyTo(this AuthorizationPolicyInfo policy, AuthorizationPolicyEntity entity)
 {
     entity.Id       = policy.Id;
     entity.Name     = policy.Name;
     entity.TenantId = policy.TenantId;
     entity.RequireAuthenticatedUser = policy.RequireAuthenticatedUser;
     entity.RequiredUserName         = policy.RequiredUserName;
     entity.Notes = policy.Notes;
     //policy.AllowedRoles.SyncTo(entity.AllowedRoles, entity);
     //policy.AuthenticationSchemes.SyncTo(entity.AuthenticationSchemes, entity);
     //policy.RequiredClaims.SyncTo(entity.RequiredClaims, entity);
 }
Example #4
0
        private void SyncClaimRequirements(
            IDynamicPolicyDbContext db,
            List <ClaimRequirement> requiredClaims,
            AuthorizationPolicyEntity entity)
        {
            if (requiredClaims.Count == 0)
            {
                entity.RequiredClaims.Clear();
            }
            else
            {
                if (entity.RequiredClaims.Count > 0)
                {
                    for (int i = 0; i < entity.RequiredClaims.Count; i++)
                    {
                        if (!requiredClaims.HasClaim(entity.RequiredClaims[i].ClaimName))
                        {
                            db.ClaimRequirements.Remove(entity.RequiredClaims[i]);
                            entity.RequiredClaims.RemoveAt(i);
                        }
                    }
                }

                foreach (var c in requiredClaims)
                {
                    var found = entity.RequiredClaims.FindClaim(c.ClaimName);
                    if (found != null)
                    {
                        //c.SyncTo(found);
                        SyncClaimAllowedValues(db, c, found);
                    }
                    else
                    {
                        var newClaim = new ClaimRequirementEntity();
                        newClaim.ClaimName = c.ClaimName;
                        newClaim.Policy    = entity;
                        // c.SyncTo(newClaim);
                        SyncClaimAllowedValues(db, c, newClaim);

                        entity.RequiredClaims.Add(newClaim);
                        db.ClaimRequirements.Add(newClaim);
                    }
                }
            }
        }
Example #5
0
        private void SyncRoles(
            IDynamicPolicyDbContext db,
            List <string> allowedRoleStrings,
            //List<AllowedRoleEntity> allowedRoles,
            AuthorizationPolicyEntity entity)
        {
            if (allowedRoleStrings.Count == 0)
            {
                entity.AllowedRoles.Clear();
            }
            else
            {
                if (entity.AllowedRoles.Count > 0)
                {
                    for (int i = 0; i < entity.AllowedRoles.Count; i++)
                    {
                        if (!allowedRoleStrings.Contains(entity.AllowedRoles[i].AllowedRole))
                        {
                            db.AllowedRoles.Remove(entity.AllowedRoles[i]);
                            entity.AllowedRoles.RemoveAt(i);
                        }
                    }
                }

                foreach (var s in allowedRoleStrings)
                {
                    if (!entity.AllowedRoles.HasRole(s))
                    {
                        var r = new AllowedRoleEntity();
                        r.AllowedRole = s;
                        r.Policy      = entity;
                        entity.AllowedRoles.Add(r);
                        db.AllowedRoles.Add(r);
                    }
                }
            }
        }
Example #6
0
        private static void SyncSchemes(
            IDynamicPolicyDbContext db,
            List <string> authSchemeStrings,
            AuthorizationPolicyEntity entity)
        {
            if (authSchemeStrings.Count == 0)
            {
                entity.AuthenticationSchemes.Clear();
            }
            else
            {
                if (entity.AuthenticationSchemes.Count > 0)
                {
                    for (int i = 0; i < entity.AuthenticationSchemes.Count; i++)
                    {
                        if (!authSchemeStrings.Contains(entity.AuthenticationSchemes[i].AuthenticationScheme))
                        {
                            db.AuthenticationSchemes.Remove(entity.AuthenticationSchemes[i]);
                            entity.AuthenticationSchemes.RemoveAt(i);
                        }
                    }
                }

                foreach (var s in authSchemeStrings)
                {
                    if (!entity.AuthenticationSchemes.HasScheme(s))
                    {
                        var r = new AuthenticationSchemeEntity();
                        r.AuthenticationScheme = s;
                        r.Policy = entity;
                        entity.AuthenticationSchemes.Add(r);
                        db.AuthenticationSchemes.Add(r);
                    }
                }
            }
        }