private Dictionary <int, AuthorizationStrategy[]> GetAuthStrategyOverrides(List <ClaimSetResourceClaim> resourceClaims)
        {
            var resultDictionary = new Dictionary <int, AuthorizationStrategy[]>();

            resourceClaims =
                new List <ClaimSetResourceClaim>(resourceClaims.OrderBy(i => new List <string> {
                Action.Create.Value, Action.Read.Value, Action.Update.Value, Action.Delete.Value
            }.IndexOf(i.Action.ActionName)));
            foreach (var resourceClaim in resourceClaims)
            {
                AuthorizationStrategy authStrategy = null;
                if (resourceClaim.ResourceClaim.ParentResourceClaim == null)
                {
                    authStrategy = _mapper.Map <AuthorizationStrategy>(resourceClaim.AuthorizationStrategyOverride);
                }
                else
                {
                    var parentResources = _securityContext.ClaimSetResourceClaims
                                          .Include(x => x.ResourceClaim)
                                          .Include(x => x.ClaimSet)
                                          .Include(x => x.Action)
                                          .Include(x => x.AuthorizationStrategyOverride).ToList();
                    var parentResourceOverride = parentResources.SingleOrDefault(x => x.ResourceClaim.ResourceClaimId == resourceClaim.ResourceClaim.ParentResourceClaimId &&
                                                                                 x.ClaimSet.ClaimSetId == resourceClaim.ClaimSet.ClaimSetId &&
                                                                                 x.Action.ActionId == resourceClaim.Action.ActionId);
                    if (parentResourceOverride?.AuthorizationStrategyOverride != null)
                    {
                        authStrategy =
                            _mapper.Map <AuthorizationStrategy>(parentResourceOverride.AuthorizationStrategyOverride);
                        if (authStrategy != null)
                        {
                            authStrategy.IsInheritedFromParent = true;
                        }
                    }

                    if (resourceClaim.AuthorizationStrategyOverride != null)
                    {
                        authStrategy = _mapper.Map <AuthorizationStrategy>(resourceClaim.AuthorizationStrategyOverride);
                    }
                }

                if (resultDictionary.ContainsKey(resourceClaim.ResourceClaim.ResourceClaimId))
                {
                    resultDictionary[resourceClaim.ResourceClaim.ResourceClaimId].AddAuthorizationStrategyOverrides(resourceClaim.Action,
                                                                                                                    authStrategy);
                }
                else
                {
                    var actions = new AuthorizationStrategy[] { null, null, null, null };
                    resultDictionary[resourceClaim.ResourceClaim.ResourceClaimId] = actions.AddAuthorizationStrategyOverrides(resourceClaim.Action, authStrategy);
                }
            }
            return(resultDictionary);
        }
コード例 #2
0
 static int AuthStrategyOverrideForAction(AuthorizationStrategy authorizationStrategy)
 {
     return(authorizationStrategy != null ? authorizationStrategy.AuthStrategyId : 0);
 }