/// <summary>
/// Reads all scoped permissions from database and create a custom "permission" claim for every scope, if any permission found for this scope.
/// </summary>
/// <param name="userId_">Application user ID.</param>
/// <returns>List of claims.</returns>
internal IEnumerable <Claim> GetAllPermissionClaims(string userId_)
{
HashSet <KeyValuePair <Permission, string> > scopedPermissions = _storage.GetRepository <IPermissionRepository>().AllForUser(userId_);
List <Claim> claims = new List <Claim>();
Dictionary <string, Permission> permissionByScope = new Dictionary <string, Permission>();
// Take highest level permission for every scope
foreach (KeyValuePair <Permission, string> kv in scopedPermissions)
{
if (permissionByScope.ContainsKey(kv.Value))
{
if ((int)permissionByScope[kv.Value] < (int)kv.Key)
{
permissionByScope[kv.Value] = kv.Key;
}
}
else
{
permissionByScope.Add(kv.Value, kv.Key);
}
}
// Now build the claims
foreach (KeyValuePair <string, Permission> kv in permissionByScope)
{
claims.Add(new Claim(ClaimType.Permission, PermissionHelper.GetExtensionPermissionIdentifier(kv.Value, kv.Key)));
}
return(claims);
}
/// <summary>
/// Check whether the currently logged user has some claim of type Permission,
/// defined by a permission level with a extension assembly name.
/// Useful for Razor views.
/// </summary>
/// <param name="claimsPrincipal_">Application user object with all claims.</param>
/// <param name="permission_">Permission level.</param>
/// <param name="extensionAssemblySimpleName_">Assembly name of target extension.</param>
/// <returns>True if a claim is found.</returns>
public static bool HasPermissionClaim(this ClaimsPrincipal claimsPrincipal_, Permission permission_, string extensionAssemblySimpleName_)
{
return(HasClaim(claimsPrincipal_, ClaimType.Permission, PermissionHelper.GetExtensionPermissionIdentifier(permission_, extensionAssemblySimpleName_)));
}
