private async Task AddRoleForAllPermissionsToIdentityAsync(ClaimsIdentity claimsIdentity, string plantId, Guid userOid)
{
var permissions = await _permissionCache.GetPermissionsForUserAsync(plantId, userOid);
permissions?.ToList().ForEach(
permission => claimsIdentity.AddClaim(CreateClaim(ClaimTypes.Role, permission)));
}
public static async Task <bool> HasIpoAdminPrivilege(
IPermissionCache permissionCache,
IPlantProvider plantProvider,
ICurrentUserProvider currentUserProvider)
{
var permissions = await permissionCache.GetPermissionsForUserAsync(plantProvider.Plant, currentUserProvider.GetCurrentUserOid());
return(permissions != null && permissions.Contains("IPO/ADMIN"));
}
public async Task<IList<string>> GetPermissions(
[FromHeader(Name = CurrentPlantMiddleware.PlantHeader)]
[Required]
string plant)
{
var currentUserOid = _currentUserProvider.GetCurrentUserOid();
var permissions = await _permissionCache.GetPermissionsForUserAsync(plant, currentUserOid);
return permissions;
}
private async Task AddRoleForLibraryPermissionsToPrincipalAsync(ClaimsPrincipal principal, string plantId, Guid userOid)
{
var permissions = await _permissionCache.GetPermissionsForUserAsync(plantId, userOid);
var claimsIdentity = new ClaimsIdentity();
// add role claim just for "LIBRARY_GENERAL" permissions since we assume these are all we need in Library context
permissions?.Where(p => p.StartsWith(Permissions.LIBRARY_GENERAL)).ToList().ForEach(
permission => claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, permission)));
principal.AddIdentity(claimsIdentity);
}