public static bool IsAuthorized(string callerClass, AuthorizationAction action) { var q = Privileges.Where(r => r.FormName == callerClass); switch (action) { case AuthorizationAction.Access: return(q.Any(r => r.AllowAccess)); case AuthorizationAction.View: return(q.Any(r => r.AllowView)); case AuthorizationAction.ViewAll: return(q.Any(r => r.AllowViewAll)); case AuthorizationAction.Create: return(q.Any(r => r.AllowCreate)); case AuthorizationAction.Edit: return(q.Any(r => r.AllowEdit)); case AuthorizationAction.Delete: return(q.Any(r => r.AllowDelete)); case AuthorizationAction.Print: return(q.Any(r => r.AllowPrint)); } return(false); }
async Task <HttpResponseMessage> Process(string parameters) { // Call Authlete's /api/auth/authorization API. AuthorizationResponse response = await CallAuthorizationApi(parameters); // 'action' in the response denotes the next action // which this authorization endpoint implementation // should take. AuthorizationAction action = response.Action; // Dispatch according to the action. switch (action) { case AuthorizationAction.INTERACTION: // Process the authorization request with // user interaction. return(await HandleInteraction(response)); case AuthorizationAction.NO_INTERACTION: // Process the authorization request without // user interaction. The flow reaches here // only when the authorization request contains // 'prompt=none'. return(await HandleNoInteraction(response)); default: // Handle other error cases here. return(HandleError(response)); } }
/// <summary> /// 为特定的权限路径进行授权 /// </summary> /// <param name="authorizationUri">权限路径</param> /// <param name="action">授权动作<see cref="AuthorizationAction"/></param> public void Authorization(string authorizationUri, AuthorizationAction action) { if (!actions.Contains(new AuthorizationActionInfo(authorizationUri, action))) { actions.Add(new AuthorizationActionInfo(authorizationUri, action)); } }
public static bool IsAuthorized(Type callerClass, AuthorizationAction action) { return(IsAuthorized(callerClass.Name, action)); }
public AuthorizationActionInfo(string authorizationUri, AuthorizationAction action) { AuthorizationUri = authorizationUri; Action = action; }
/// <summary> /// 为特定的权限路径进行授权 /// </summary> /// <param name="authorizationUri">权限路径</param> /// <param name="action">授权动作<see cref="AuthorizationAction"/></param> public void Authorization(string authorizationUri, AuthorizationAction action) { if(!actions.Contains(new AuthorizationActionInfo(authorizationUri, action))) actions.Add(new AuthorizationActionInfo(authorizationUri, action)); }
public AuthorizationAttribute(ClaimScope claimScope, AuthorizationAction action, AuthorizationEntity entity) { ClaimScope = claimScope; Name = AuthorizationName.Generate(action, entity); }
public static string Generate(AuthorizationAction action, AuthorizationEntity entity) { return($"{action}-{entity}"); }
public AuthorizationActionInfo(string authorizationUri, AuthorizationAction action) { AuthorizationUri = authorizationUri; Action = action; }