private UserPermissions GetPermissionFromPrincipal(ClaimsPrincipal user, ConfigServerOptions options) { var result = new UserPermissions(); if (AllowAnomynousClientAdmin(options)) { result.CanAccessClientAdmin = true; result.CanEditClients = true; result.CanEditGroups = true; result.CanDeleteArchives = true; } if (user.HasClaim(s => s.Type.Equals(options.ClientAdminClaimType, StringComparison.OrdinalIgnoreCase) && ConfigServerConstants.AdminClaimValue.Equals(s.Value, StringComparison.OrdinalIgnoreCase))) { result.CanAccessClientAdmin = true; result.CanEditClients = true; result.CanEditGroups = true; result.CanDeleteArchives = true; } if (!result.CanAccessClientAdmin && user.HasClaim(s => s.Type.Equals(options.ClientAdminClaimType, StringComparison.OrdinalIgnoreCase) && ConfigServerConstants.ConfiguratorClaimValue.Equals(s.Value, StringComparison.OrdinalIgnoreCase))) { result.CanAccessClientAdmin = true; } result.ClientConfiguratorClaims = user.Claims.Where(w => w.Type.Equals(options.ClientConfiguratorClaimType, StringComparison.OrdinalIgnoreCase)) .Select(s => s.Value) .ToArray(); return(result); }
private UserClientPermissions MapToClientPermission(UserPermissions permission, ConfigurationClient client) { return(new UserClientPermissions { CanAccessClientAdmin = true, CanEditClients = true, CanEditGroups = true, CanDeleteArchives = true, HasClientConfiguratorClaim = client != null && (string.IsNullOrWhiteSpace(client.ConfiguratorClaim) || permission.ClientConfiguratorClaims.Any(s => s.Equals(client.ConfiguratorClaim, StringComparison.OrdinalIgnoreCase))) }); }