public CommandPermissionAuthorizer(ICommandPermissionCache commandPermissionCache, IPermissionAuthorizationMatcher permissionAuthorizationMatcher, IUserContext userContext) { this.commandPermissionCache = commandPermissionCache; this.permissionAuthorizationMatcher = permissionAuthorizationMatcher; this.userContext = userContext; }
public UserPermissionAuthorizer(IUserContext userContext, IPermissionAuthorizationMatcher permissionAuthorizationMatcher, IUserPermissionResolver userPermissionResolver) { this.userContext = userContext; this.permissionAuthorizationMatcher = permissionAuthorizationMatcher; this.userPermissionResolver = userPermissionResolver; }
public CommandPermissionAuthorizerTests() { commandPermissionCache = Substitute.For <ICommandPermissionCache>(); permissionAuthorizationMatcher = Substitute.For <IPermissionAuthorizationMatcher>(); userContext = new FakeUserContext(); sut = new CommandPermissionAuthorizer(commandPermissionCache, permissionAuthorizationMatcher, userContext); }
public UserPermissionAuthorizerTests() { userContext = new FakeUserContext(); permissionAuthorizationMatcher = Substitute.For <IPermissionAuthorizationMatcher>(); userPermissionResolver = Substitute.For <IUserPermissionResolver>(); permissionType1Id = Guid.Parse("0F292EFD-792E-48EC-93DF-CD99EEDB5885"); sut = new UserPermissionAuthorizer(userContext, permissionAuthorizationMatcher, userPermissionResolver); }
public UserPermissionAuthorizerTests() { userContext = new FakeUserContext(); permissionAuthorizationMatcher = Substitute.For <IPermissionAuthorizationMatcher>(); userPermissionResolver = Substitute.For <IUserPermissionResolver>(); permissionTypeRegistry = Substitute.For <IPermissionTypeRegistry>(); permissionTypeRegistry.GetPermissionTypeById(Guid.Parse("0F292EFD-792E-48EC-93DF-CD99EEDB5885")) .Returns(new PermissionType(Guid.Parse("0F292EFD-792E-48EC-93DF-CD99EEDB5885"), "permission")); sut = new UserPermissionAuthorizer(userContext, permissionAuthorizationMatcher, userPermissionResolver, permissionTypeRegistry); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { IPrincipal user = httpContext.User; if (user == null || user.Identity == null || !user.Identity.IsAuthenticated) { return(false); //TODO: allow anonymous permissions } bool isAuthorized = base.AuthorizeCore(httpContext); if (!isAuthorized) { return(false); } if (user.Identity is ClaimsIdentity claimsIdentity) { IKernel kernel = RevoHttpApplication.Current.Kernel; IPermissionTypeRegistry permissionCache = kernel.Get <IPermissionTypeRegistry>(); if (requiredPermissions == null) { requiredPermissions = permissionIds.Select(x => new Permission( permissionCache.GetPermissionTypeById(x), null, null)).ToArray(); } IPermissionAuthorizationMatcher authorizationMatcher = kernel.Get <IPermissionAuthorizationMatcher>(); return(authorizationMatcher.CheckAuthorization(claimsIdentity, requiredPermissions)); } else { // only claim-based identities are supported for permission authorization return(false); } }