public override bool CheckAccess(AuthorizationContext context)
{
/*
* Validationa Sequence check
* 1) Check Principal Claims
* If principal has zero claims then return false (token expiration most likely)
* else get the role claims
* if prinipal has admin role then return true
* else build a unique list of claims from the role claims
* then check to see if principal has a claim otherwise return false
*/
var principalClaims = context.Principal.Claims;
var principalClaimsArrary = principalClaims as Claim[] ?? principalClaims.ToArray();
if (!principalClaimsArrary.Any())
{
return(false);
}
//So we have lets get all the role claims
var roleClaims = principalClaimsArrary.Where(p => p.Type == ClaimTypes.Role).Select(p => p.Value);
var roleClaimsArray = roleClaims as string[] ?? roleClaims.ToArray();
if (!roleClaimsArray.Any())
{
return(false);
}
//get the db context
var dbContext = new MyQuestionnaireDbContext();
var resource = context.Resource.First().Value;
var action = context.Action.First().Value;
var applicationClaims = new List <ApplicationClaim>();
var claims = applicationClaims;
dbContext.ApplicationRoles.ForEach(role =>
{
if (roleClaimsArray.Contains(role.Name))
{
claims.AddRange(role.ApplicationClaims.ToList());
}
});
applicationClaims = applicationClaims.Distinct().ToList();
return(applicationClaims.Any(c => c.ClaimType == action && c.ClaimValue == resource));
}
public override bool CheckAccess(AuthorizationContext context)
{
/*
* Validationa Sequence check
* 1) Check Principal Claims
* If principal has zero claims then return false (token expiration most likely)
* else get the role claims
* if prinipal has admin role then return true
* else build a unique list of claims from the role claims
* then check to see if principal has a claim otherwise return false
*/
var principalClaims = context.Principal.Claims;
var principalClaimsArrary = principalClaims as Claim[] ?? principalClaims.ToArray();
if (!principalClaimsArrary.Any())
{
return false;
}
//So we have lets get all the role claims
var roleClaims = principalClaimsArrary.Where(p => p.Type == ClaimTypes.Role).Select(p => p.Value);
var roleClaimsArray = roleClaims as string[] ?? roleClaims.ToArray();
if (!roleClaimsArray.Any())
{
return false;
}
//get the db context
var dbContext = new MyQuestionnaireDbContext();
var resource = context.Resource.First().Value;
var action = context.Action.First().Value;
var applicationClaims = new List<ApplicationClaim>();
var claims = applicationClaims;
dbContext.ApplicationRoles.ForEach(role =>
{
if (roleClaimsArray.Contains(role.Name))
{
claims.AddRange(role.ApplicationClaims.ToList());
}
});
applicationClaims = applicationClaims.Distinct().ToList();
return applicationClaims.Any(c => c.ClaimType == action && c.ClaimValue == resource);
}