Пример #1
0
        public HidroAuthorize(string policy)
        {
            policy = policy.Trim().Replace(HidroConstants.WHITE_SPACE, string.Empty);

            if (string.IsNullOrEmpty(policy) || string.IsNullOrWhiteSpace(policy))
            {
                throw new Exception("HidroAuthorize.Constructor - No permission given.");
            }

            var stringPermissions = policy.Split(",");

            if (stringPermissions.Length == 0 || stringPermissions.Length != PERM_QTY)
            {
                throw new Exception("HidroAuthorize.Constructor - Permission tokens error.");
            }

            RequiredPermissions = new HidroPermissionVM {
                AllowCreate       = stringPermissions[0] == "1",
                AllowView         = stringPermissions[1] == "1",
                AllowEditOwn      = stringPermissions[2] == "1",
                AllowEditOthers   = stringPermissions[3] == "1",
                AllowDeleteOwn    = stringPermissions[4] == "1",
                AllowDeleteOthers = stringPermissions[5] == "1",
                AllowReviveOwn    = stringPermissions[6] == "1",
                AllowReviveOthers = stringPermissions[7] == "1"
            };
        }
Пример #2
0
        public Task OnAuthorizationAsync(AuthorizationFilterContext context)
        {
            var sessionPermissions = context.HttpContext.Session.GetString(nameof(HidroAuthorize));

            if (sessionPermissions == null)
            {
                context.Result = new RedirectToActionResult("LogOutInternal", "Authentication", null);
                return(Task.CompletedTask);
            }

            UserPermissions = JsonConvert.DeserializeObject <HidroPermissionVM>(sessionPermissions);

            if (RequiredPermissions.AllowCreate && UserPermissions.AllowCreate == RequiredPermissions.AllowCreate)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowView && UserPermissions.AllowView == RequiredPermissions.AllowView)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowEditOwn && UserPermissions.AllowEditOwn == RequiredPermissions.AllowEditOwn)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowEditOthers && UserPermissions.AllowEditOthers == RequiredPermissions.AllowEditOthers)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowDeleteOwn && UserPermissions.AllowDeleteOwn == RequiredPermissions.AllowDeleteOwn)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowDeleteOthers && UserPermissions.AllowDeleteOthers == RequiredPermissions.AllowDeleteOthers)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowReviveOwn && UserPermissions.AllowReviveOwn == RequiredPermissions.AllowReviveOwn)
            {
                return(Task.CompletedTask);
            }
            if (RequiredPermissions.AllowReviveOthers && UserPermissions.AllowReviveOthers == RequiredPermissions.AllowReviveOthers)
            {
                return(Task.CompletedTask);
            }

            context.Result = new StatusCodeResult((int)HttpStatusCode.Forbidden);
            return(Task.CompletedTask);
        }
Пример #3
0
        public async Task <HidroPermissionVM> ComputeAuthorizationFor(int hidrogenianId)
        {
            _logger.LogInformation("AuthenticationService.ComputeAuthorizationFor - Service starts.");

            var roleClaim = await _dbContext.RoleClaimer.FirstOrDefaultAsync(rc => rc.HidrogenianId == hidrogenianId);

            HidroPermissionVM permissions = roleClaim;

            if (roleClaim.AllowTemporarily == null)
            {
                return(permissions);
            }

            var temporaryPermissions = JsonConvert.DeserializeObject <TemporaryPermissionVM>(roleClaim.AllowTemporarily);

            if (temporaryPermissions.EffectUntil < DateTime.UtcNow)
            {
                return(permissions);
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowCreate)))
            {
                permissions.AllowCreate = !permissions.AllowCreate;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowView)))
            {
                permissions.AllowView = !permissions.AllowView;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowEditOwn)))
            {
                permissions.AllowEditOwn = !permissions.AllowEditOwn;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowEditOthers)))
            {
                permissions.AllowEditOthers = !permissions.AllowEditOthers;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowDeleteOwn)))
            {
                permissions.AllowDeleteOwn = !permissions.AllowDeleteOwn;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowDeleteOthers)))
            {
                permissions.AllowDeleteOthers = !permissions.AllowDeleteOthers;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowReviveOwn)))
            {
                permissions.AllowReviveOwn = !permissions.AllowReviveOwn;
            }

            if (temporaryPermissions.OverriddenPermissions.Contains(nameof(HidroPermissionVM.AllowReviveOthers)))
            {
                permissions.AllowReviveOthers = !permissions.AllowReviveOthers;
            }

            return(permissions);
        }