/// <summary> /// These are sensitive claims related to being able to manage security for the entire system. Hence these are dealt /// seperately from the application related claims. /// </summary> /// <returns>IEnumerable of Claims.</returns> /// <remarks>Notice we are also not storing the permissions in Aumentum. We do not want someone to accidently assign these permissions from the Aumentum side.</remarks> public IEnumerable <Claim> GetFullSecurityClaims() { return(new List <Claim> { ClaimsHelper.ToClaim("api.securityservice", "ClientInfo", true, true, true, true), ClaimsHelper.ToClaim("api.securityservice", "Client", true, true, true, true) }); }
private Claim ToClaim(Permission permission, Permission parentPermission = null) { return(ClaimsHelper.ToClaim(permission.ApplicationName, permission.Name, parentPermission != null ? parentPermission.CanView || permission.CanView : permission.CanView, parentPermission != null ? parentPermission.CanCreate || permission.CanCreate : permission.CanCreate, parentPermission != null ? parentPermission.CanModify || permission.CanModify : permission.CanModify, parentPermission != null ? parentPermission.CanDelete || permission.CanDelete : permission.CanDelete)); }
public static string DeleteSql(string applicationName, string resource, ServiceTypes serviceType) { var apiScopeName = GetApiScopeName(applicationName, serviceType); var claim = ClaimsHelper.ToClaim( PermissionSeeder.ToApplicationName(applicationName), PermissionSeeder.ToResourceName(resource), false, false, false, false); return($"DELETE FROM [dbo].[ApiScopeClaims] WHERE [ApiScopeId] = (SELECT Id FROM [dbo].[ApiScopes] WHERE Name='{apiScopeName}') AND [Type] = '{claim.Type}'"); }
public static string InsertSql(string applicationName, string resource, ServiceTypes serviceType) { var apiScopeName = GetApiScopeName(applicationName, serviceType); var claim = ClaimsHelper.ToClaim( PermissionSeeder.ToApplicationName(applicationName), PermissionSeeder.ToResourceName(resource), false, false, false, false); return($"INSERT INTO [dbo].[ApiScopeClaims]([ApiScopeId],[Type]) VALUES((SELECT Id FROM [dbo].[ApiScopes] WHERE Name='{apiScopeName}'),'{claim.Type}')"); }