예제 #1
0
        public User(SecurityProvider provider, ClaimsPrincipal principal, List <string> baseRoles, IEnumerable <StatusModule> modules)
        {
            Provider  = provider;
            Principal = principal;
            var identity = principal?.Identity;

            if (identity == null)
            {
                IsAnonymous = true;
                return;
            }

            IsAnonymous = !identity.IsAuthenticated;
            if (identity.IsAuthenticated)
            {
                AccountName = identity.Name;
            }

            var roles = baseRoles;

            if (IsAnonymous)
            {
                roles.Add(Models.Roles.Anonymous);
            }
            else
            {
                roles.Add(Models.Roles.Authenticated);

                // Global admins are unique and can see a few more things about Opserver itself (not per-module)
                if (provider.IsGlobalAdmin(this))
                {
                    roles.Add(Models.Roles.GlobalAdmin);
                    IsGlobalAdmin = true;
                }
            }

            // Add per-module roles
            foreach (var module in modules)
            {
                if (IsAdmin(module))
                {
                    roles.Add(module.SecuritySettings.AdminRole);
                    roles.Add(module.SecuritySettings.ViewRole);
                }
                else if (HasAccess(module))
                {
                    roles.Add(module.SecuritySettings.ViewRole);
                }
            }

            Roles = roles.ToImmutableHashSet();
        }