private async Task <PermissionConfiguration> GetPermissionConfigurationAsync() { PermissionConfiguration permissionConfiguration = new(); IEnumerable <string> policyNames = _permissionDefinitionManager.GetPermissions().Select(p => p.Name); PropertyInfo?policyMapProperty = typeof(AuthorizationOptions).GetProperty("PolicyMap", BindingFlags.Instance | BindingFlags.NonPublic); if (policyMapProperty is not null) { object?policyMapPropertyValue = policyMapProperty.GetValue(_authorizationOptions); if (policyMapPropertyValue is not null) { policyNames = policyNames.Union(((IDictionary <string, AuthorizationPolicy>)policyMapPropertyValue).Keys.ToList()); } } List <string> permissionPolicyNames = new(); List <string> otherPolicyNames = new(); foreach (var policyName in policyNames) { if (_permissionDefinitionManager.GetOrNull(policyName) is not null) { permissionPolicyNames.Add(policyName); } else { otherPolicyNames.Add(policyName); } } foreach (var policyName in otherPolicyNames) { permissionConfiguration.Policies[policyName] = true; if (_httpContextAccessor is not null && _httpContextAccessor.HttpContext is not null) { if ((await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User, policyName)).Succeeded) { permissionConfiguration.GrantedPolicies[policyName] = true; } } } MultiplePermissionGrantResult result = await _permissionChecker.IsGrantedAsync(permissionPolicyNames.ToArray()); foreach (var(key, value) in result.Result) { permissionConfiguration.Policies[key] = true; if (value == PermissionGrantResult.Granted) { permissionConfiguration.GrantedPolicies[key] = true; } } return(permissionConfiguration); }
private void PermissionChecker(string permissionName) { if (!permissionName.IsNullOrWhiteSpace()) { var permission = _permissionDefinitionManager.GetOrNull(permissionName); if (permission == null) { throw new UserFriendlyException($"未知的权限:“{permissionName}”。"); } } }
public override async Task <AuthorizationPolicy> GetPolicyAsync(string policyName) { var permission = _permissionDefinitionManager.GetOrNull(policyName); if (permission == null) { return(await base.GetPolicyAsync(policyName)); } //TODO: Optimize! var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty <string>()); policyBuilder.Requirements.Add(new PermissionRequirement(policyName)); return(policyBuilder.Build()); }
public async override Task <AuthorizationPolicy?> GetPolicyAsync(string policyName) { AuthorizationPolicy?policy = await base.GetPolicyAsync(policyName); if (policy is not null) { return(policy); } var permission = _permissionDefinitionManager.GetOrNull(policyName); if (permission is not null) { var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty <string>()); policyBuilder.Requirements.Add(new PermissionRequirement(policyName)); return(policyBuilder.Build()); } return(null); }
public override async Task <AuthorizationPolicy> GetPolicyAsync(string policyName) { var permissionName = policyName; var policy = await base.GetPolicyAsync(permissionName); if (policy != null) { return(policy); } return(_authorizationPolicies.GetOrAdd(permissionName, key => { var permission = _permissionDefinitionManager.GetOrNull(permissionName); if (permission != null) { var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty <string>()); policyBuilder.Requirements.Add(new PermissionRequirement(permissionName)); return policyBuilder.Build(); } return default; })); }
public override async Task <AuthorizationPolicy> GetPolicyAsync(string policyName) { var policy = await base.GetPolicyAsync(policyName); if (policy != null) { return(policy); } var permission = _permissionDefinitionManager.GetOrNull(policyName); if (permission != null) { //TODO: Optimize & Cache! // 通过 Builder 构建一个策略。 var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty <string>()); // 创建一个 PermissionRequirement 对象添加到限定条件组中。 policyBuilder.Requirements.Add(new PermissionRequirement(policyName)); return(policyBuilder.Build()); } return(null); }
public void GetOrNull() { _permissionDefinitionManager.GetOrNull("Permission_Test_1").ShouldNotBeNull(); _permissionDefinitionManager.GetOrNull("NotFoundPermission").ShouldBeNull(); }
protected virtual async Task <ApplicationAuthConfigurationDto> GetAuthConfigAsync() { var authConfig = new ApplicationAuthConfigurationDto(); var policyNames = await _abpAuthorizationPolicyProvider.GetPoliciesNamesAsync(); var abpPolicyNames = new List <string>(); var otherPolicyNames = new List <string>(); foreach (var policyName in policyNames) { if (await _defaultAuthorizationPolicyProvider.GetPolicyAsync(policyName) == null && _permissionDefinitionManager.GetOrNull(policyName) != null) { abpPolicyNames.Add(policyName); } else { otherPolicyNames.Add(policyName); } } foreach (var policyName in otherPolicyNames) { authConfig.Policies[policyName] = true; if (await _authorizationService.IsGrantedAsync(policyName)) { authConfig.GrantedPolicies[policyName] = true; } } var result = await _permissionChecker.IsGrantedAsync(abpPolicyNames.ToArray()); foreach (var(key, value) in result.Result) { authConfig.Policies[key] = true; if (value == PermissionGrantResult.Granted) { authConfig.GrantedPolicies[key] = true; } } return(authConfig); }