private AccessPolicy GetPolicyFromConfig(string policyName)
{
var policy = new AccessPolicy();
IConfigurationSection ps = _section?.GetSection(policyName) ?? null;
if (ps == null)
{
return(policy);
}
//
// Users
policy.Users = ps.GetValue("users", string.Empty).Trim();
//
// AccessKey
policy.AccessKey = ps.GetValue("access_key", true);
//
// Forbidden
policy.Forbidden = ps.GetValue("forbidden", false);
//
// ReadOnly
policy.ReadOnly = ps.GetValue("read_only", false);
return(policy);
}
private void AddAccessPolicy(AuthorizationPolicyBuilder builder, AuthorizationOptions options, AccessPolicy policy)
{
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
//
// Forbidden
if (policy.Forbidden)
{
builder.Combine(GetPolicyRequirement(FORBIDDEN, options));
}
//
// AccessKey
if (policy.AccessKey)
{
builder.Combine(GetPolicyRequirement(ACCESS_KEY, options));
}
//
// Users
if (!policy.Users.Equals("Everyone", StringComparison.OrdinalIgnoreCase))
{
builder.Combine(GetPolicyRequirement(WINDOWS_USER, options));
builder.AddRequirements(new NtlmAuthorizationPolicy(policy.Users, _roleMapping));
}
else
{
builder.Combine(GetPolicyRequirement(AUTHENTICATED_USER, options));
}
//
// Read Only
if (policy.ReadOnly)
{
builder.Combine(GetPolicyRequirement(READ_ONLY, options));
}
}
