Exemplo n.º 1
0
 public UserPermissionAuthorizer(IUserContext userContext,
                                 IPermissionAuthorizationMatcher permissionAuthorizationMatcher,
                                 IUserPermissionResolver userPermissionResolver,
                                 IPermissionTypeRegistry permissionTypeRegistry)
 {
     this.userContext = userContext;
     this.permissionAuthorizationMatcher = permissionAuthorizationMatcher;
     this.userPermissionResolver         = userPermissionResolver;
     this.permissionTypeRegistry         = permissionTypeRegistry;
 }
Exemplo n.º 2
0
        public CommandPermissionCache(IPermissionTypeRegistry permissionTypeRegistry,
                                      PermissionTypeIndexer permissionTypeIndexer,
                                      ITypeExplorer typeExplorer)
        {
            this.permissionTypeRegistry = permissionTypeRegistry;
            this.permissionTypeIndexer  = permissionTypeIndexer;
            this.typeExplorer           = typeExplorer;

            Clear();
        }
Exemplo n.º 3
0
        public UserPermissionAuthorizerTests()
        {
            userContext = new FakeUserContext();
            permissionAuthorizationMatcher = Substitute.For <IPermissionAuthorizationMatcher>();
            userPermissionResolver         = Substitute.For <IUserPermissionResolver>();
            permissionTypeRegistry         = Substitute.For <IPermissionTypeRegistry>();

            permissionTypeRegistry.GetPermissionTypeById(Guid.Parse("0F292EFD-792E-48EC-93DF-CD99EEDB5885"))
            .Returns(new PermissionType(Guid.Parse("0F292EFD-792E-48EC-93DF-CD99EEDB5885"), "permission"));

            sut = new UserPermissionAuthorizer(userContext, permissionAuthorizationMatcher,
                                               userPermissionResolver, permissionTypeRegistry);
        }
Exemplo n.º 4
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            IPrincipal user = httpContext.User;

            if (user == null || user.Identity == null || !user.Identity.IsAuthenticated)
            {
                return(false); //TODO: allow anonymous permissions
            }

            bool isAuthorized = base.AuthorizeCore(httpContext);

            if (!isAuthorized)
            {
                return(false);
            }

            if (user.Identity is ClaimsIdentity claimsIdentity)
            {
                IKernel kernel = RevoHttpApplication.Current.Kernel;
                IPermissionTypeRegistry permissionCache = kernel.Get <IPermissionTypeRegistry>();

                if (requiredPermissions == null)
                {
                    requiredPermissions = permissionIds.Select(x => new Permission(
                                                                   permissionCache.GetPermissionTypeById(x), null, null)).ToArray();
                }

                IPermissionAuthorizationMatcher authorizationMatcher = kernel.Get <IPermissionAuthorizationMatcher>();
                return(authorizationMatcher.CheckAuthorization(claimsIdentity, requiredPermissions));
            }
            else
            {
                // only claim-based identities are supported for permission authorization
                return(false);
            }
        }
Exemplo n.º 5
0
 public PermissionTypeIndexer(ITypeExplorer typeExplorer,
                              IPermissionTypeRegistry permissionTypeRegistry)
 {
     this.typeExplorer           = typeExplorer;
     this.permissionTypeRegistry = permissionTypeRegistry;
 }