/// <summary> /// Calls ClaimsAuthorizationManager. /// </summary> /// <param name="resourceType">The resource type.</param> /// <param name="resource">The resource.</param> /// <param name="action">The action.</param> /// <returns>True when access is granted. Otherwise false.</returns> public static bool CheckAccess(string resourceType, string resource, string action) { var resourceAction = new ResourceAction(resourceType, resource, ClaimTypes.ActionType, action); var context = CreateAuthorizationContext(ClaimsPrincipal.Current, resourceAction); var claimsAuthorizationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthorizationManager; return(claimsAuthorizationManager.CheckAccess(context)); }
/// <summary> /// Calls ClaimsAuthorizationManager. /// </summary> /// <param name="action">The action.</param> /// <param name="resource">The resource.</param> /// <param name="additionalResources">Additional resources.</param> /// <returns>True when access is granted. Otherwise false.</returns> public static bool CheckAccess(string action, string resource, params Claim[] additionalResources) { var resourceAction = new ResourceAction(ClaimTypes.ResourceType, resource, ClaimTypes.ActionType, action); var context = CreateAuthorizationContext(ClaimsPrincipal.Current, resourceAction); additionalResources.ToList().ForEach(claim => context.Resource.Add(claim)); var claimsAuthorizationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthorizationManager; return(claimsAuthorizationManager.CheckAccess(context)); }
public static bool CheckAccess(string resourceType, string resource, string action, string userName) { var resourceAction = new ResourceAction(resourceType, resource, ClaimTypes.ActionType, action); var user = IdentityHelper.GetIdentityUserByName(userName); var manager = IdentityHelper.GetUserManager(); ClaimsIdentity userIdentity = null; if (user == null) { log4net.LogManager.GetLogger(nameof(ClaimPermission)).Warn($"A user with username '{userName}' was not found by user manager. Creating Claims Identity from Owin Context Request User.Identity ..."); userIdentity = (OwinHelper.GetOwinContext(HttpContext.Current).Request.User.Identity as ClaimsIdentity); } else { userIdentity = user.GenerateUserIdentityAsync(manager).Result; } var context = CreateAuthorizationContext(ClaimsPrincipal.Current, resourceAction); var claimsAuthorizationManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthorizationManager as AuthorizationManager; return(claimsAuthorizationManager.CheckAccess(context, userIdentity)); }
private static AuthorizationContext CreateAuthorizationContext(ClaimsPrincipal currentPrincipal, ResourceAction resourceAction) { var resourceClaim = new Claim(resourceAction.ResourceType, resourceAction.Resource); var actionClaim = new Claim(resourceAction.ActionType, resourceAction.Action); return(new AuthorizationContext(currentPrincipal, new Collection <Claim> { resourceClaim }, new Collection <Claim> { actionClaim })); }