public ActionHelper(IMiddlerRequestContext middlerRequestContext)
{
_middlerRequestContext = middlerRequestContext;
}
public static AccessMode?AccessAllowed(this IEnumerable <MiddlerRulePermission> permissionRules, IMiddlerRequestContext middlerRequestContext)
{
var roles = middlerRequestContext.Principal.Claims.Where(c => c.Type.Equals("role", StringComparison.OrdinalIgnoreCase))
.Select(c => c.Value)
.ToList();
var hasUser = !String.IsNullOrWhiteSpace(middlerRequestContext.Principal.Identity.Name);
foreach (var permissionRule in permissionRules)
{
var inRange = SourceIpAddressIsInRange(middlerRequestContext.SourceIPAddress, permissionRule.SourceAddress);
var isClient = IsCurrentClient(middlerRequestContext.Principal, permissionRule.Client);
switch (permissionRule.Type)
{
case PrincipalType.Everyone: {
if (inRange && isClient)
{
return(permissionRule.AccessMode);
}
break;
}
case PrincipalType.Authenticated: {
if (inRange && isClient && hasUser)
{
return(permissionRule.AccessMode);
}
break;
}
case PrincipalType.User: {
if (inRange && isClient && Wildcard.Match(middlerRequestContext.Principal.Identity.Name, permissionRule.PrincipalName.ToNull() ?? ""))
{
return(permissionRule.AccessMode);
}
break;
}
case PrincipalType.Role: {
if (isClient && inRange)
{
foreach (var role in roles)
{
if (Wildcard.Match(role, permissionRule.PrincipalName.ToNull() ?? ""))
{
return(permissionRule.AccessMode);
}
}
}
break;
}
}
}
return(null);
}
public ScriptContextRequest(IMiddlerRequestContext middlerRequestContext)
{
_middlerRequestContext = middlerRequestContext;
}
public static AccessMode?AccessAllowed(this MiddlerRule middlerMiddler, IMiddlerRequestContext middlerRequestContext)
{
return(AccessAllowed(middlerMiddler.Permissions, middlerRequestContext));
}
