public IEnumerable <AuthorizationRuleMethod> AuthorizationRules(AuthorizeOperation operation) { if (!AuthorizationMethods.TryGetValue(operation, out var methodInfoList)) { AuthorizationMethods.Add(operation, methodInfoList = new List <AuthorizationRuleMethod>()); } return(methodInfoList); }
protected async Task CheckAccess(AuthorizeOperation operation, params object[] criteria) { if (criteria == null) { throw new ArgumentNullException(nameof(criteria)); } await AuthorizationRuleManager.CheckAccess(operation, criteria); }
public async Task CheckAccess(AuthorizeOperation operation) { if (IsRegistered) { var methods = AuthorizationRules(operation); var methodFound = false; foreach (var ruleMethod in methods) { var method = ruleMethod.Method; if (!method.GetParameters().Any()) { // Only allow one; maybe take this out later // AuthorizationRules should be stringent if (methodFound) { throw new AuthorzationRulesMethodException($"More than one {operation.ToString()} method with no criteria found in {ruleMethod.AuthorizationRule.GetType().ToString()}"); } methodFound = true; IAuthorizationRuleResult ruleResult; var methodResult = method.Invoke(ruleMethod.AuthorizationRule, new object[0]); var methodResultAsync = methodResult as Task <IAuthorizationRuleResult>; if (methodResultAsync != null) { await methodResultAsync; ruleResult = ((IAuthorizationRuleResult)methodResultAsync.Result); } else { ruleResult = ((IAuthorizationRuleResult)methodResult); } if (!ruleResult.HasAccess) { throw new AccessDeniedException(ruleResult.Message); } } } if (!methodFound) { throw new AccessDeniedException($"Missing authorization method for {operation.ToString()} with no criteria"); } } }
public ExecuteAttribute(AuthorizeOperation operation) { this.AuthorizeOperation = operation; }
/// <summary> /// Create auth button /// </summary> /// <param name="htmlHelper">Html helper</param> /// <param name="text">Text</param> /// <param name="authorizeOperation">Authorize operation</param> /// <param name="htmlAttributes">Html attributes</param> /// <returns>Return button html content</returns> public static IHtmlContent AuthButton(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, object htmlAttributes = null) { return(AuthButton(htmlHelper, new AuthButtonOptions() { Text = text, AuthorizeOperation = authorizeOperation, HtmlAttributes = htmlAttributes?.ObjectToDcitionary() })); }
/// <summary> /// Create auth button use pre attribute /// </summary> /// <param name="htmlHelper">Html helper</param> /// <param name="text">Text</param> /// <param name="authorizeOperation">Authorize operation</param> /// <param name="classValues">Class values</param> /// <param name="htmlAttributes">Html attributes</param> /// <param name="icoHtmlAttributes">Ico html attributes</param> /// <returns>Return button html content</returns> public static IHtmlContent PreClassAuthButton(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, List <string> classValues = null, object htmlAttributes = null, object icoHtmlAttributes = null) { return(PreAttributeAuthButton(htmlHelper, text, authorizeOperation, "class", classValues, htmlAttributes, icoHtmlAttributes)); }
/// <summary> /// Create auth button use pre attribute /// </summary> /// <param name="htmlHelper">Html helper</param> /// <param name="text">Text</param> /// <param name="authorizeOperation">Authorize operation</param> /// <param name="attrName">Attr name</param> /// <param name="attrValues">Attr values</param> /// <param name="htmlAttributes">Html attributes</param> /// <param name="icoHtmlAttributes">Ico html attributes</param> /// <returns>Return button html content</returns> public static IHtmlContent PreAttributeAuthButton(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, string attrName, List <string> attrValues = null, object htmlAttributes = null, object icoHtmlAttributes = null) { var attributesDict = htmlAttributes?.ObjectToDcitionary() ?? new Dictionary <string, object>(); if (!attrValues.IsNullOrEmpty()) { if (attributesDict.ContainsKey(attrName)) { attributesDict[attrName] += string.Join(" ", attrValues.ToArray()); } else { attributesDict.Add(attrName, string.Join(" ", attrValues.ToArray())); } } return(AuthButton(htmlHelper, new AuthButtonOptions() { Text = text, AuthorizeOperation = authorizeOperation, HtmlAttributes = attributesDict, UseIco = icoHtmlAttributes != null, IcoHtmlAttributes = icoHtmlAttributes?.ObjectToDcitionary() })); }
protected async Task CheckAccess(AuthorizeOperation operation) { await AuthorizationRuleManager.CheckAccess(operation); }
public async Task CheckAccess(AuthorizeOperation operation, params object[] criteria) { if (criteria == null) { throw new ArgumentNullException(nameof(criteria)); } if (IsRegistered) { var methods = AuthorizationRules(operation); var methodFound = false; foreach (var ruleMethod in methods) { var method = ruleMethod.Method; if (method.GetParameters().Count() == criteria.Length) { var parameterTypes = method.GetParameters().Cast <ParameterInfo>().Select(p => p.ParameterType).GetEnumerator(); var criteriaTypes = criteria.Select(c => c.GetType()).GetEnumerator(); var match = true; parameterTypes.MoveNext(); criteriaTypes.MoveNext(); while (match && parameterTypes.Current != null && criteriaTypes.Current != null) { if (!parameterTypes.Current.IsAssignableFrom(criteriaTypes.Current)) { match = false; } parameterTypes.MoveNext(); criteriaTypes.MoveNext(); } if (match) { // Only allow one; maybe take this out later // AuthorizationRules should be stringent if (methodFound) { throw new AuthorzationRulesMethodException($"More than one {operation.ToString()} method with no criteria found in {ruleMethod.AuthorizationRule.GetType().ToString()}"); } methodFound = true; IAuthorizationRuleResult ruleResult; var methodResult = method.Invoke(ruleMethod.AuthorizationRule, criteria); var methodResultAsync = methodResult as Task <IAuthorizationRuleResult>; if (methodResultAsync != null) { await methodResultAsync; ruleResult = ((IAuthorizationRuleResult)methodResultAsync.Result); } else { ruleResult = ((IAuthorizationRuleResult)methodResult); } if (!ruleResult.HasAccess) { throw new AccessDeniedException(ruleResult.Message); } } } } if (!methodFound) { throw new AccessDeniedException($"Missing authorization method for {operation.ToString()} with criteria [{string.Join(", ", criteria.Select(x => x.GetType().FullName))}]"); } } }
public PermissionClaimAuthorizeAttribute(AuthorizeOperation authorizeOperation = AuthorizeOperation.And, params string[] perm) { _permissions = perm.Append(Permission.Login).ToArray(); _authorizationOperation = authorizeOperation; }
/// <summary> /// Dropdown auth link /// </summary> /// <param name="htmlHelper">Html helper</param> /// <param name="text">Text</param> /// <param name="authorizeOperation">Authorize operation</param> /// <param name="htmlAttributes">Html attributes</param> /// <returns>Return html content</returns> public static IHtmlContent DropdownAuthLink(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, object htmlAttributes = null, object icoHtmlAttributes = null) { return(AuthLink(htmlHelper, new AuthButtonOptions() { Text = text, AuthorizeOperation = authorizeOperation, HtmlAttributes = htmlAttributes?.ObjectToDcitionary(), UseIco = icoHtmlAttributes != null, IcoHtmlAttributes = icoHtmlAttributes?.ObjectToDcitionary() })); }