private static void RegisterPermissionClaimPolicyByModule(AuthorizationOptions options, string module)
{
var allPermissions = PermissionModules.GeneratePermissionsForModule(module);
foreach (var permission in allPermissions)
{
options.AddPolicy(permission, policy => policy.RequireClaim(ApplicationClaimTypes.Permission, permission));
}
}
public static async Task GeneratePermissionClaimByModule(this RoleManager <IdentityRole> roleManager, IdentityRole role, string module)
{
var allClaims = await roleManager.GetClaimsAsync(role);
var allPermissions = PermissionModules.GeneratePermissionsForModule(module);
foreach (var permission in allPermissions)
{
if (!allClaims.Any(a => a.Type == ApplicationClaimTypes.Permission && a.Value == permission))
{
await roleManager.AddClaimAsync(role, new Claim(ApplicationClaimTypes.Permission, permission));
}
}
}
