private async Task <bool> CheckOwnerAccess(bool allowServiceAccess, DataManagerAuthorization ownerAuthorization)
{
if (ownerAuthorization.IsAllowAnonymous)
{
return(true);
}
if (User == null)
{
return(false);
}
// if it does not overide authorization for the service
if (!ownerAuthorization.IsOverride && !allowServiceAccess)
{
return(false);
}
// check authorization for the owner
if (!await CheckAccessCore(ownerAuthorization.AuthorizeData))
{
return(false);
}
return(true);
}
public static DataManagerAuthorization GetDataManagerAuthorization(this Type managerType)
{
object[] attr = managerType.GetCustomAttributes(false).ToArray();
DataManagerAuthorization managerAuthorization = new DataManagerAuthorization
{
ManagerType = managerType,
AuthorizeData = Enumerable.Empty <IAuthorizeData>(),
MethodsAuthorization = new MethodAuthorization[0],
IsOverride = false,
IsAllowAnonymous = attr.Where(a => a is IAllowAnonymous).Any()
};
if (managerAuthorization.IsAllowAnonymous)
{
return(managerAuthorization);
}
IAuthorizeData[] denies = attr.Where(a => a is IDenyAuthorizeData).Cast <IAuthorizeData>().ToArray();
IAuthorizeData[] overrides = attr.Where(a => a is IOverrideAuthorizeData).Cast <IAuthorizeData>().ToArray();
if (overrides.Any())
{
managerAuthorization.IsOverride = true;
managerAuthorization.AuthorizeData = Enumerable.Union(denies, overrides);
return(managerAuthorization);
}
IAuthorizeData[] permits = attr.Where(a => a is IAuthorizeData && !(a is IDenyAuthorizeData) && !(a is IOverrideAuthorizeData)).Cast <IAuthorizeData>().ToArray();
managerAuthorization.AuthorizeData = Enumerable.Union(denies, permits);
return(managerAuthorization);
}
public static DataManagerAuthorization GetDataManagerAuthorization(this Type managerType)
{
object[] attr = managerType.GetCustomAttributes(false);
DataManagerAuthorization managerAuthorization = new DataManagerAuthorization
{
ManagerType = managerType,
AuthorizeData = Enumerable.Empty <IAuthorizeData>(),
MethodsAuthorization = new MethodAuthorization[0],
IsOverride = false,
IsAllowAnonymous = attr.Where(a => a is IAllowAnonymous).Any()
};
if (managerAuthorization.IsAllowAnonymous)
{
return(managerAuthorization);
}
IAuthorizeData[] attributes = attr.Where(a => a is IAuthorizeData).Cast <IAuthorizeData>().ToArray();
// the override attribute replaces all higher and the current authorization
IEnumerable <IOverrideAuthorize> overrides = attributes.OfType <IOverrideAuthorize>();
if (overrides.Any())
{
managerAuthorization.IsOverride = true;
managerAuthorization.AuthorizeData = overrides;
return(managerAuthorization);
}
if (attributes.Any())
{
managerAuthorization.AuthorizeData = attributes;
}
return(managerAuthorization);
}
