public static IPolicyContainerConfiguration DelegatePolicy(this IPolicyContainerConfiguration policyContainer, string uniqueName, Func<DelegateSecurityContext, bool> policyDelegate, Func<PolicyViolationException, ActionResult> violationHandlerDelegate = null, string failureMessage = "Access denied")
        {
            Func<DelegateSecurityContext, PolicyResult> booleanPolicyDelegate =
                context => policyDelegate.Invoke(context)
                    ? PolicyResult.CreateSuccessResult(context.Policy)
                    : PolicyResult.CreateFailureResult(context.Policy, failureMessage);

            policyContainer.AddPolicy(new DelegatePolicy(uniqueName, booleanPolicyDelegate, violationHandlerDelegate));
            return policyContainer;
        }
        public static void AddTeamOwnerPolicy(this AuthorizationOptions options, IServiceProvider provider)
        {
            if (options == null)
            {
                throw new ArgumentNullException(nameof(options));
            }

            // build team ownership policy
            var ownershipRequirements = new IAuthorizationRequirement[]
            {
                    new DenyAnonymousAuthorizationRequirement(),
                    (TeamOwnerRequirement)provider.GetService(typeof(TeamOwnerRequirement))
            };

            var ownershipPolicy = new AuthorizationPolicy(ownershipRequirements, new string[0]);

            options.AddPolicy(AuthorizationDefaults.PolicyTeamOwner, ownershipPolicy);
        }
 public static void Default(this AuthorizationOptions options, Action<AuthorizationPolicyBuilder> configurePolicy) {
     options.AddPolicy(nameof(Default), configurePolicy);
 }
 public static IPolicyContainerConfiguration<RequireRolePolicy> RequireRole(this IPolicyContainerConfiguration policyContainer, params object[] roles)
 {
     policyContainer.AddPolicy(new RequireRolePolicy(roles));
     return new PolicyContainerConfigurationWrapper<RequireRolePolicy>(policyContainer);
 }
 public static IPolicyContainerConfiguration Ignore(this IPolicyContainerConfiguration policyContainer)
 {
     policyContainer.AddPolicy(new IgnorePolicy());
     return policyContainer;
 }
 public static IPolicyContainerConfiguration<DenyAuthenticatedAccessPolicy> DenyAuthenticatedAccess(this IPolicyContainerConfiguration policyContainer)
 {
     policyContainer.AddPolicy(new DenyAuthenticatedAccessPolicy());
     return new PolicyContainerConfigurationWrapper<DenyAuthenticatedAccessPolicy>(policyContainer);
 }
 public static IPolicyContainerConfiguration DelegatePolicy(this IPolicyContainerConfiguration policyContainer, string uniqueName, Func<DelegateSecurityContext, PolicyResult> policyDelegate, Func<PolicyViolationException, ActionResult> violationHandlerDelegate = null)
 {
     policyContainer.AddPolicy(new DelegatePolicy(uniqueName, policyDelegate, violationHandlerDelegate));
     return policyContainer;
 }
 public static IConventionPolicyContainer RequireRole(this IConventionPolicyContainer conventionPolicyContainer, params object[] roles)
 {
     conventionPolicyContainer.AddPolicy(new RequireRolePolicy(roles));
     return conventionPolicyContainer;
 }
 public static IConventionPolicyContainer RequireAllRoles(this IConventionPolicyContainer policyContainer, params object[] roles)
 {
     policyContainer.AddPolicy(new RequireAllRolesPolicy(roles));
     return policyContainer;
 }
 public static IConventionPolicyContainer Ignore(this IConventionPolicyContainer conventionPolicyContainer)
 {
     conventionPolicyContainer.AddPolicy(new IgnorePolicy());
     return conventionPolicyContainer;
 }
 public static IConventionPolicyContainer DenyAuthenticatedAccess(this IConventionPolicyContainer conventionPolicyContainer)
 {
     conventionPolicyContainer.AddPolicy(new DenyAuthenticatedAccessPolicy());
     return conventionPolicyContainer;
 }
 public static IPolicyContainer RequireRole(this IPolicyContainer policyContainer, params object[] roles)
 {
     policyContainer.AddPolicy(new RequireRolePolicy(roles));
     return policyContainer;
 }
 public static IPolicyContainer Ignore(this IPolicyContainer policyContainer)
 {
     policyContainer.AddPolicy(new IgnorePolicy());
     return policyContainer;
 }
 public static IPolicyContainer DenyAuthenticatedAccess(this IPolicyContainer policyContainer)
 {
     policyContainer.AddPolicy(new DenyAuthenticatedAccessPolicy());
     return policyContainer;
 }
 public static IPolicyContainer DenyAnonymousAccess(this IPolicyContainer policyContainer)
 {
     policyContainer.AddPolicy(new DenyAnonymousAccessPolicy());
     return policyContainer;
 }
Exemplo n.º 16
0
        public static AuthorizationOptions AddCloudscribeCoreDefaultPolicies(this AuthorizationOptions options)
        {
            options.AddPolicy(
                    "ServerAdminPolicy",
                    authBuilder =>
                    {
                        authBuilder.RequireRole("ServerAdmins");
                    });

            options.AddPolicy(
                "CoreDataPolicy",
                authBuilder =>
                {
                    authBuilder.RequireRole("ServerAdmins");
                });

            options.AddPolicy(
                "AdminPolicy",
                authBuilder =>
                {
                    authBuilder.RequireRole("ServerAdmins", "Administrators");
                });

            options.AddPolicy(
                "UserManagementPolicy",
                authBuilder =>
                {
                    authBuilder.RequireRole("ServerAdmins", "Administrators");
                });

            options.AddPolicy(
                "RoleAdminPolicy",
                authBuilder =>
                {
                    authBuilder.RequireRole("Role Administrators", "Administrators");
                });

            return options;
        }