public IEnumerable <AuthorizationRuleMethod> AuthorizationRules(AuthorizeOperation operation)
{
if (!AuthorizationMethods.TryGetValue(operation, out var methodInfoList))
{
AuthorizationMethods.Add(operation, methodInfoList = new List <AuthorizationRuleMethod>());
}
return(methodInfoList);
}
protected async Task CheckAccess(AuthorizeOperation operation, params object[] criteria)
{
if (criteria == null)
{
throw new ArgumentNullException(nameof(criteria));
}
await AuthorizationRuleManager.CheckAccess(operation, criteria);
}
public async Task CheckAccess(AuthorizeOperation operation)
{
if (IsRegistered)
{
var methods = AuthorizationRules(operation);
var methodFound = false;
foreach (var ruleMethod in methods)
{
var method = ruleMethod.Method;
if (!method.GetParameters().Any())
{
// Only allow one; maybe take this out later
// AuthorizationRules should be stringent
if (methodFound)
{
throw new AuthorzationRulesMethodException($"More than one {operation.ToString()} method with no criteria found in {ruleMethod.AuthorizationRule.GetType().ToString()}");
}
methodFound = true;
IAuthorizationRuleResult ruleResult;
var methodResult = method.Invoke(ruleMethod.AuthorizationRule, new object[0]);
var methodResultAsync = methodResult as Task <IAuthorizationRuleResult>;
if (methodResultAsync != null)
{
await methodResultAsync;
ruleResult = ((IAuthorizationRuleResult)methodResultAsync.Result);
}
else
{
ruleResult = ((IAuthorizationRuleResult)methodResult);
}
if (!ruleResult.HasAccess)
{
throw new AccessDeniedException(ruleResult.Message);
}
}
}
if (!methodFound)
{
throw new AccessDeniedException($"Missing authorization method for {operation.ToString()} with no criteria");
}
}
}
public ExecuteAttribute(AuthorizeOperation operation)
{
this.AuthorizeOperation = operation;
}
/// <summary>
/// Create auth button
/// </summary>
/// <param name="htmlHelper">Html helper</param>
/// <param name="text">Text</param>
/// <param name="authorizeOperation">Authorize operation</param>
/// <param name="htmlAttributes">Html attributes</param>
/// <returns>Return button html content</returns>
public static IHtmlContent AuthButton(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, object htmlAttributes = null)
{
return(AuthButton(htmlHelper, new AuthButtonOptions()
{
Text = text,
AuthorizeOperation = authorizeOperation,
HtmlAttributes = htmlAttributes?.ObjectToDcitionary()
}));
}
/// <summary>
/// Create auth button use pre attribute
/// </summary>
/// <param name="htmlHelper">Html helper</param>
/// <param name="text">Text</param>
/// <param name="authorizeOperation">Authorize operation</param>
/// <param name="classValues">Class values</param>
/// <param name="htmlAttributes">Html attributes</param>
/// <param name="icoHtmlAttributes">Ico html attributes</param>
/// <returns>Return button html content</returns>
public static IHtmlContent PreClassAuthButton(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, List <string> classValues = null, object htmlAttributes = null, object icoHtmlAttributes = null)
{
return(PreAttributeAuthButton(htmlHelper, text, authorizeOperation, "class", classValues, htmlAttributes, icoHtmlAttributes));
}
/// <summary>
/// Create auth button use pre attribute
/// </summary>
/// <param name="htmlHelper">Html helper</param>
/// <param name="text">Text</param>
/// <param name="authorizeOperation">Authorize operation</param>
/// <param name="attrName">Attr name</param>
/// <param name="attrValues">Attr values</param>
/// <param name="htmlAttributes">Html attributes</param>
/// <param name="icoHtmlAttributes">Ico html attributes</param>
/// <returns>Return button html content</returns>
public static IHtmlContent PreAttributeAuthButton(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, string attrName, List <string> attrValues = null, object htmlAttributes = null, object icoHtmlAttributes = null)
{
var attributesDict = htmlAttributes?.ObjectToDcitionary() ?? new Dictionary <string, object>();
if (!attrValues.IsNullOrEmpty())
{
if (attributesDict.ContainsKey(attrName))
{
attributesDict[attrName] += string.Join(" ", attrValues.ToArray());
}
else
{
attributesDict.Add(attrName, string.Join(" ", attrValues.ToArray()));
}
}
return(AuthButton(htmlHelper, new AuthButtonOptions()
{
Text = text,
AuthorizeOperation = authorizeOperation,
HtmlAttributes = attributesDict,
UseIco = icoHtmlAttributes != null,
IcoHtmlAttributes = icoHtmlAttributes?.ObjectToDcitionary()
}));
}
protected async Task CheckAccess(AuthorizeOperation operation)
{
await AuthorizationRuleManager.CheckAccess(operation);
}
public async Task CheckAccess(AuthorizeOperation operation, params object[] criteria)
{
if (criteria == null)
{
throw new ArgumentNullException(nameof(criteria));
}
if (IsRegistered)
{
var methods = AuthorizationRules(operation);
var methodFound = false;
foreach (var ruleMethod in methods)
{
var method = ruleMethod.Method;
if (method.GetParameters().Count() == criteria.Length)
{
var parameterTypes = method.GetParameters().Cast <ParameterInfo>().Select(p => p.ParameterType).GetEnumerator();
var criteriaTypes = criteria.Select(c => c.GetType()).GetEnumerator();
var match = true;
parameterTypes.MoveNext();
criteriaTypes.MoveNext();
while (match && parameterTypes.Current != null && criteriaTypes.Current != null)
{
if (!parameterTypes.Current.IsAssignableFrom(criteriaTypes.Current))
{
match = false;
}
parameterTypes.MoveNext();
criteriaTypes.MoveNext();
}
if (match)
{
// Only allow one; maybe take this out later
// AuthorizationRules should be stringent
if (methodFound)
{
throw new AuthorzationRulesMethodException($"More than one {operation.ToString()} method with no criteria found in {ruleMethod.AuthorizationRule.GetType().ToString()}");
}
methodFound = true;
IAuthorizationRuleResult ruleResult;
var methodResult = method.Invoke(ruleMethod.AuthorizationRule, criteria);
var methodResultAsync = methodResult as Task <IAuthorizationRuleResult>;
if (methodResultAsync != null)
{
await methodResultAsync;
ruleResult = ((IAuthorizationRuleResult)methodResultAsync.Result);
}
else
{
ruleResult = ((IAuthorizationRuleResult)methodResult);
}
if (!ruleResult.HasAccess)
{
throw new AccessDeniedException(ruleResult.Message);
}
}
}
}
if (!methodFound)
{
throw new AccessDeniedException($"Missing authorization method for {operation.ToString()} with criteria [{string.Join(", ", criteria.Select(x => x.GetType().FullName))}]");
}
}
}
public PermissionClaimAuthorizeAttribute(AuthorizeOperation authorizeOperation = AuthorizeOperation.And, params string[] perm)
{
_permissions = perm.Append(Permission.Login).ToArray();
_authorizationOperation = authorizeOperation;
}
/// <summary>
/// Dropdown auth link
/// </summary>
/// <param name="htmlHelper">Html helper</param>
/// <param name="text">Text</param>
/// <param name="authorizeOperation">Authorize operation</param>
/// <param name="htmlAttributes">Html attributes</param>
/// <returns>Return html content</returns>
public static IHtmlContent DropdownAuthLink(this IHtmlHelper htmlHelper, string text, AuthorizeOperation authorizeOperation, object htmlAttributes = null, object icoHtmlAttributes = null)
{
return(AuthLink(htmlHelper, new AuthButtonOptions()
{
Text = text,
AuthorizeOperation = authorizeOperation,
HtmlAttributes = htmlAttributes?.ObjectToDcitionary(),
UseIco = icoHtmlAttributes != null,
IcoHtmlAttributes = icoHtmlAttributes?.ObjectToDcitionary()
}));
}
