コード例 #1
0
        private async Task <bool> CheckOwnerAccess(bool allowServiceAccess, DataManagerAuthorization ownerAuthorization)
        {
            if (ownerAuthorization.IsAllowAnonymous)
            {
                return(true);
            }

            if (User == null)
            {
                return(false);
            }

            // if it does not overide authorization for the service
            if (!ownerAuthorization.IsOverride && !allowServiceAccess)
            {
                return(false);
            }

            // check authorization for the owner
            if (!await CheckAccessCore(ownerAuthorization.AuthorizeData))
            {
                return(false);
            }

            return(true);
        }
コード例 #2
0
        public static DataManagerAuthorization GetDataManagerAuthorization(this Type managerType)
        {
            object[] attr = managerType.GetCustomAttributes(false).ToArray();

            DataManagerAuthorization managerAuthorization = new DataManagerAuthorization
            {
                ManagerType          = managerType,
                AuthorizeData        = Enumerable.Empty <IAuthorizeData>(),
                MethodsAuthorization = new MethodAuthorization[0],
                IsOverride           = false,
                IsAllowAnonymous     = attr.Where(a => a is IAllowAnonymous).Any()
            };

            if (managerAuthorization.IsAllowAnonymous)
            {
                return(managerAuthorization);
            }

            IAuthorizeData[] denies    = attr.Where(a => a is IDenyAuthorizeData).Cast <IAuthorizeData>().ToArray();
            IAuthorizeData[] overrides = attr.Where(a => a is IOverrideAuthorizeData).Cast <IAuthorizeData>().ToArray();

            if (overrides.Any())
            {
                managerAuthorization.IsOverride    = true;
                managerAuthorization.AuthorizeData = Enumerable.Union(denies, overrides);
                return(managerAuthorization);
            }

            IAuthorizeData[] permits = attr.Where(a => a is IAuthorizeData && !(a is IDenyAuthorizeData) && !(a is IOverrideAuthorizeData)).Cast <IAuthorizeData>().ToArray();

            managerAuthorization.AuthorizeData = Enumerable.Union(denies, permits);

            return(managerAuthorization);
        }
コード例 #3
0
        public static DataManagerAuthorization GetDataManagerAuthorization(this Type managerType)
        {
            object[] attr = managerType.GetCustomAttributes(false);

            DataManagerAuthorization managerAuthorization = new DataManagerAuthorization
            {
                ManagerType          = managerType,
                AuthorizeData        = Enumerable.Empty <IAuthorizeData>(),
                MethodsAuthorization = new MethodAuthorization[0],
                IsOverride           = false,
                IsAllowAnonymous     = attr.Where(a => a is IAllowAnonymous).Any()
            };

            if (managerAuthorization.IsAllowAnonymous)
            {
                return(managerAuthorization);
            }

            IAuthorizeData[] attributes = attr.Where(a => a is IAuthorizeData).Cast <IAuthorizeData>().ToArray();

            // the override attribute replaces all higher and the current authorization
            IEnumerable <IOverrideAuthorize> overrides = attributes.OfType <IOverrideAuthorize>();

            if (overrides.Any())
            {
                managerAuthorization.IsOverride    = true;
                managerAuthorization.AuthorizeData = overrides;
                return(managerAuthorization);
            }

            if (attributes.Any())
            {
                managerAuthorization.AuthorizeData = attributes;
            }

            return(managerAuthorization);
        }