public static object GetTenantValue(this IUserInfo info, bool throwIfNotSupport = true) { TkDebug.AssertArgumentNull(info, nameof(info), null); if (info is ISupportTenant support) { return(support.TenantId); } if (throwIfNotSupport) { throw new ToolkitException($"当前的UserInfo类型是{info.GetType()},不支持接口ISupportTenant", info); } return(null); }
public IList<bool> GetAuthorizations(IUserInfo userInfo, IList<Claim> requiredClaims) { if (!(userInfo is IWindowsUserInfo)) throw new FrameworkException("Unexpected userInfo type '" + userInfo.GetType().FullName + "'."); if (_roleRepository.Value.Query().Take(1).Select(role => role.ID).ToList().Count > 0) throw new FrameworkException("SimpleWindowsAuth does not support roles. Please delete roles from Common.Role or use a different security package."); var userMembership = (IList<string>)_windowsSecurity.GetIdentityMembership(userInfo.UserName); var userPermissions = _permissionLoader.Value.LoadPermissions(requiredClaims, userMembership); _logger.Trace(() => "User " + userInfo.UserName + " has roles: " + string.Join(", ", userMembership) + "."); _logger.Trace(() => ReportPermissions(userInfo, userPermissions, requiredClaims)); HashSet<string> hasClaims = new HashSet<string>(); foreach (IPermissionBrowse permission in userPermissions) if (permission.IsAuthorized.Value) hasClaims.Add(permission.ClaimResource + "." + permission.ClaimRight); foreach (IPermissionBrowse permission in userPermissions) if (!permission.IsAuthorized.Value) hasClaims.Remove(permission.ClaimResource + "." + permission.ClaimRight); return requiredClaims.Select(requiredClaim => hasClaims.Contains(requiredClaim.FullName)).ToArray(); }
public IList <bool> GetAuthorizations(IUserInfo userInfo, IList <Claim> requiredClaims) { if (!(userInfo is IWindowsUserInfo)) { throw new FrameworkException("Unexpected userInfo type '" + userInfo.GetType().FullName + "'."); } if (_roleRepository.Value.Query().Take(1).Select(role => role.ID).ToList().Count > 0) { throw new FrameworkException("SimpleWindowsAuth does not support roles. Please delete roles from Common.Role or use a different security package."); } var userMembership = (IList <string>)_windowsSecurity.GetIdentityMembership(userInfo.UserName); var userPermissions = _permissionLoader.Value.LoadPermissions(requiredClaims, userMembership); _logger.Trace(() => "User " + userInfo.UserName + " has roles: " + string.Join(", ", userMembership) + "."); _logger.Trace(() => ReportPermissions(userInfo, userPermissions, requiredClaims)); HashSet <string> hasClaims = new HashSet <string>(); foreach (IPermissionBrowse permission in userPermissions) { if (permission.IsAuthorized.Value) { hasClaims.Add(permission.ClaimResource + "." + permission.ClaimRight); } } foreach (IPermissionBrowse permission in userPermissions) { if (!permission.IsAuthorized.Value) { hasClaims.Remove(permission.ClaimResource + "." + permission.ClaimRight); } } return(requiredClaims.Select(requiredClaim => hasClaims.Contains(requiredClaim.FullName)).ToArray()); }