コード例 #1
0
ファイル: Commands.cs プロジェクト: digital-asset/daml-net
 public override bool Equals(object obj)
 {
     return(this.Compare(obj, rhs => _hashCode == rhs._hashCode &&
                         WorkflowId == rhs.WorkflowId &&
                         ApplicationId == rhs.ApplicationId &&
                         CommandId == rhs.CommandId &&
                         Party == rhs.Party &&
                         !ActAs.Except(rhs.ActAs).Any() &&
                         !ReadAs.Except(rhs.ReadAs).Any() &&
                         MinLedgerTimeAbs == rhs.MinLedgerTimeAbs &&
                         MinLedgerTimeRel == rhs.MinLedgerTimeRel &&
                         DeduplicationTime == rhs.DeduplicationTime &&
                         !CommandList.Except(rhs.CommandList).Any()));
 }
コード例 #2
0
        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PolicyRequirement requirement)
        {
            if (context.User != null && _state.LoggedUser == null)
            {
                var my = await _esquioHttpClient.GetMy();

                if (my != null && !String.IsNullOrEmpty(my.ActAs))
                {
                    var loggedUser = new LoggedUserViewModel()
                    {
                        UserName  = context.User.Identity.Name,
                        SubjectId = context.User.FindFirst("sub").Value,
                        ActAs     = my.ActAs
                    };

                    var policy = _policyBuilder.Build(my);

                    _state.ClearState();
                    _state.SetLoggedUser(loggedUser);
                    _state.SetPolicy(policy);
                }
                else
                {
                    context.Fail();
                    return;
                }
            }

            var actAs = ActAs.From(_state.LoggedUser.ActAs);

            bool allowed = requirement.Permission switch
            {
                Policies.Reader => actAs == ActAs.Reader || actAs == ActAs.Contributor || actAs == ActAs.Management,
                Policies.Contributor => actAs == ActAs.Contributor || actAs == ActAs.Management,
                Policies.Management => actAs == ActAs.Management,
                _ => throw new ArgumentNullException("The configured authorization policy is not supported.")
            };

            if (!allowed)
            {
                LogAuthorizationFailed(_state.LoggedUser.SubjectId, requirement.Permission);
                context.Fail();
            }

            context.Succeed(requirement);
        }
コード例 #3
0
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PolicyRequirement requirement)
        {
            if (_state.LoggedUser == null)
            {
                _logger.LogError("Authorization failed because the logged user is not present.");
                context.Fail();
                return(Task.CompletedTask);
            }

            if (string.IsNullOrEmpty(_state.LoggedUser.ActAs))
            {
                LogAuthorizationFailed(_state.LoggedUser.SubjectId, requirement.Permission);
                context.Fail();
                return(Task.CompletedTask);
            }

            var actAs = ActAs.From(_state.LoggedUser.ActAs);

            bool allowed = requirement.Permission switch
            {
                Policies.Reader => actAs == ActAs.Reader || actAs == ActAs.Contributor || actAs == ActAs.Management,
                Policies.Contributor => actAs == ActAs.Contributor || actAs == ActAs.Management,
                Policies.Management => actAs == ActAs.Management,
                _ => throw new ArgumentNullException("The configured authorization policy is not supported.")
            };

            if (!allowed)
            {
                LogAuthorizationFailed(_state.LoggedUser.SubjectId, requirement.Permission);
                context.Fail();
            }

            context.Succeed(requirement);

            return(Task.CompletedTask);
        }