Example #1
0
        private static bool CallHandleAuthAttribute(this Type t,
                                                    SapphireAuthResource.OperationTypeEnum operationTypeEnum,
                                                    HttpInformation httpInformation, object entityObject, IServiceProvider serviceProvider)
        {
            ModelAttributesInfo modelAttributesInfo = t.GetModelAttributesInfo();

            switch (operationTypeEnum)
            {
            case SapphireAuthResource.OperationTypeEnum.Create:
                return(HandleAuthAttributes(modelAttributesInfo.CreateAuthAttributes,
                                            httpInformation, operationTypeEnum, entityObject, serviceProvider));

            case SapphireAuthResource.OperationTypeEnum.Remove:
                return(HandleAuthAttributes(modelAttributesInfo.RemoveAuthAttributes,
                                            httpInformation, operationTypeEnum, entityObject, serviceProvider));

            case SapphireAuthResource.OperationTypeEnum.Update:
                return(HandleAuthAttributes(modelAttributesInfo.UpdateAuthAttributes,
                                            httpInformation, operationTypeEnum, entityObject, serviceProvider));

            default:
                return(HandleAuthAttributes(modelAttributesInfo.QueryAuthAttributes,
                                            httpInformation, operationTypeEnum, entityObject, serviceProvider));
            }
        }
Example #2
0
        private static bool HandleAuthAttributes <T>(List <T> authAttributes,
                                                     HttpInformation httpInformation,
                                                     SapphireAuthResource.OperationTypeEnum operationTypeEnum, object entityObject,
                                                     IServiceProvider serviceProvider) where T : AuthAttributeBase
        {
            if (!authAttributes.Any())
            {
                return(true);
            }

            return(authAttributes.Any(authAttribute => HandleAuthAttribute(authAttribute, httpInformation,
                                                                           operationTypeEnum, entityObject, serviceProvider)));
        }
Example #3
0
        private static bool HandleAuthAttribute(AuthAttributeBase authAttribute,
                                                HttpInformation httpInformation,
                                                SapphireAuthResource.OperationTypeEnum operationTypeEnum, object entityObject,
                                                IServiceProvider serviceProvider)
        {
            ClaimsPrincipal user = httpInformation.User;

            if (authAttribute.Policies.Any())
            {
                SapphireAuthResource authResource = new SapphireAuthResource()
                {
                    OperationType     = operationTypeEnum,
                    RequestedResource = entityObject
                };

                IAuthorizationService authorizationService = serviceProvider.GetService <IAuthorizationService>();

                foreach (string policy in authAttribute.Policies)
                {
                    if (!authorizationService.AuthorizeAsync(user, authResource, policy).Result.Succeeded)
                    {
                        return(false);
                    }
                }
            }

            if (authAttribute.FunctionLambda != null)
            {
                return(authAttribute.FunctionLambda(httpInformation, entityObject));
            }

            if (authAttribute.FunctionInfo != null)
            {
                return((bool)authAttribute.FunctionInfo.Invoke(entityObject,
                                                               authAttribute.FunctionInfo.CreateParameters(httpInformation, serviceProvider)));
            }

            return(user.Identity.IsAuthenticated);
        }