/// <summary>
/// Checks the target role list and roles associated with groups to see if a role exists
/// </summary>
/// <param name="target">The target to check</param>
/// <param name="thisRole">The role to check for</param>
/// <returns>If the target has the role in its role list</returns>
public static bool HasRole(this IHasGroupsAndRoles target, IRole thisRole)
{
if (thisRole is null)
{
throw new ArgumentNullException(nameof(thisRole));
}
return(target.HasRole(thisRole.ExternalId));
}
/// <summary>
/// Checks the target role list and roles associated with groups to see if a role exists
/// </summary>
/// <param name="target">The target to check</param>
/// <param name="roleName">The name of the role to check for</param>
/// <returns>If the target has the role</returns>
public static bool HasRole(this IHasGroupsAndRoles target, string roleName)
{
if (target is null)
{
throw new ArgumentNullException(nameof(target));
}
List <IRole> userRoles = target.Roles.ToList() ?? new List <IRole>();
List <IRole> groupRoles = target.Groups?.SelectMany(g => g.Roles)?.ToList() ?? new List <IRole>();
return(userRoles.Any(r => string.Equals(r.ExternalId, roleName, StringComparison.InvariantCultureIgnoreCase)) || groupRoles.Any(r => string.Equals(r.ExternalId, roleName, StringComparison.InvariantCultureIgnoreCase)));
}
/// <summary>
/// Evaluates the user session against the roles provided at construction
/// </summary>
/// <param name="userSession">The user session to evaluate</param>
/// <returns>The result of the evaluation</returns>
public RequiresRoleResult Evaluate(IUserSession userSession)
{
if (userSession is null)
{
throw new System.ArgumentNullException(nameof(userSession));
}
IHasGroupsAndRoles loggedInUser = userSession.LoggedInUser;
if (userSession.IsLocalConnection)
{
return(RequiresRoleResult.Authorized);
}
if (userSession is null || !userSession.IsLoggedIn)
{
return(RequiresRoleResult.Login);
}
/// <summary>
/// Returns all roles from associated groups as well as directly assigned
/// </summary>
/// <param name="target">The object to retrieve roles for</param>
/// <returns>An IEnumerable of distinct roles</returns>
public static IEnumerable <IRole> AllRoles(this IHasGroupsAndRoles target)
{
if (target is null)
{
throw new ArgumentNullException(nameof(target));
}
List <IRole> allRoles = new List <IRole>();
if (target.Groups != null)
{
foreach (IGroup g in target.Groups)
{
if (g.Roles != null)
{
foreach (IRole r in g.Roles)
{
if (!allRoles.Contains(r))
{
yield return(r);
allRoles.Add(r);
}
}
}
}
}
if (target.Roles != null)
{
foreach (IRole r in target.Roles)
{
if (!allRoles.Contains(r))
{
yield return(r);
allRoles.Add(r);
}
}
}
}
/// <summary>
/// Gets a list of security group guids for the target containing all groups, and all roles (inc recursive)
/// </summary>
/// <param name="target">The user to retrieve the security groups for</param>
/// <returns>A list of security group guids for the user containing all groups, and all roles (inc recursive)</returns>
public static IEnumerable <Guid> SecurityGroups(this IHasGroupsAndRoles target)
{
if (target is null)
{
throw new ArgumentNullException(nameof(target));
}
if (target is ISecurityGroup te)
{
yield return(te.Guid);
}
foreach (Guid g in GetGroupGuids(target))
{
yield return(g);
}
foreach (Guid g in GetRoleGuids(target))
{
yield return(g);
}
}
