public bool CheckSecurity(int orgId, string[] keys, Models.Scope scope = Models.Scope.All, int scopeId = 0)
{
if (Keys.ContainsKey(orgId))
{
if (Keys[orgId].Any(a => (a.Key == "Owner" || a.Key == Security.Keys.OrgFullAccess.ToString()) && a.Enabled == true))
{
//full access to organization
return(true);
}
foreach (var key in keys)
{
if (Keys[orgId].Any(a => a.Key == key))
{
var orgkeys = Keys[orgId];
if (scope != Models.Scope.All)
{
//specific scope
return(orgkeys.Any(a => a.Key == key && a.Enabled == true && (a.Scope == Models.Scope.All || (a.Scope == scope && a.ScopeId == scopeId))));
}
else
{
//all scopes
return(orgkeys.Any(a => a.Key == key && a.Enabled == true));
}
}
}
}
//check if user has full access to Kandu application (if all else fails)
if (Keys.Any(a => a.Value.Any(b => (b.Key == "AppOwner" || b.Key == "AppFullAccess") && b.Enabled == true)))
{
return(true);
}
return(false);
}
public async Task <bool> InsertAsync(Domains.Scope scope)
{
using (var transaction = _context.Database.BeginTransaction())
{
try
{
var record = new Models.Scope
{
Name = scope.Name,
Description = scope.Description,
IsDisplayedInConsent = scope.IsDisplayedInConsent,
IsExposed = scope.IsExposed,
IsOpenIdScope = scope.IsOpenIdScope,
Type = (Models.ScopeType)scope.Type,
ScopeClaims = new List <Models.ScopeClaim>(),
CreateDateTime = DateTime.UtcNow,
UpdateDateTime = DateTime.UtcNow
};
if (scope.Claims != null &&
scope.Claims.Any())
{
foreach (var type in scope.Claims)
{
var rec = _context.Claims.FirstOrDefault(c => c.Code == type);
if (rec == null)
{
rec = new Models.Claim {
Code = type
};
_context.Claims.Add(rec);
}
record.ScopeClaims.Add(new Models.ScopeClaim {
Claim = rec
});
}
}
_context.Scopes.Add(record);
await _context.SaveChangesAsync().ConfigureAwait(false);
transaction.Commit();
}
catch (Exception ex)
{
_managerEventSource.Failure(ex);
transaction.Rollback();
return(false);
}
}
return(true);
}
//public CopyConfig(string consumerKey, string consumerSecret)
//{
// Config = new Config()
// {
// ConsumerKey = consumerKey,
// ConsumerSecret = consumerSecret
// };
//}
public CopyAuth(string callbackURL, string consumerKey, string consumerSecret, Models.Scope scope)
{
CallbackURL = callbackURL;
Scope = scope;
Config = new Models.Config()
{
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret
};
}
public static Entities.Scope ToEntity(this Models.Scope s)
{
if (s == null)
{
return(null);
}
if (s.Claims == null)
{
s.Claims = new List <Models.ScopeClaim>();
}
return(Mapper.Map <Models.Scope, Entities.Scope>(s));
}
public static Contrib.Nhibernate.Entities.Scope ToEntity(this Models.Scope s)
{
if (s == null)
{
return(null);
}
if (s.Claims == null)
{
s.Claims = new List <Models.ScopeClaim>();
}
if (s.ScopeSecrets == null)
{
s.ScopeSecrets = new List <Models.Secret>();
}
return(Mapper.Map <Models.Scope, Contrib.Nhibernate.Entities.Scope>(s));
}
public static IdentityServer3.Core.Models.Scope ToIdentityServerModel(this Models.Scope scope)
{
if (scope == null)
{
return(null);
}
return(new IdentityServer3.Core.Models.Scope()
{
AllowUnrestrictedIntrospection = scope.AllowUnrestrictedIntrospection,
ClaimsRule = scope.ClaimsRule,
Description = scope.Description,
DisplayName = scope.DisplayName,
Emphasize = scope.Emphasize,
Enabled = scope.Enabled,
IncludeAllClaimsForUser = scope.IncludeAllClaimsForUser,
Name = scope.Name,
Required = scope.Required,
ShowInDiscoveryDocument = scope.ShowInDiscoveryDocument,
Type = (IdentityServer3.Core.Models.ScopeType)scope.Type
});
}
public virtual bool CheckSecurity(int orgId, string[] keys, Models.Scope scope = Models.Scope.All, int scopeId = 0)
{
return(User.CheckSecurity(orgId, keys, scope, scopeId));
}
public bool CheckSecurity(int orgId, string key, Models.Scope scope = Models.Scope.All, int scopeId = 0)
{
return(CheckSecurity(orgId, new string[] { key }, scope, scopeId));
}
public static Scope ToEntity(this Models.Scope scope)
{
return(scope == null ? null : Mapper.Map <Scope>(scope));
}