/// <summary>
/// Add policies to options
/// </summary>
/// <param name="options"></param>
/// <param name="withAuthorization"></param>
/// <param name="useRoleBasedAccess"></param>
public static void AddPolicies(this AuthorizationOptions options,
bool withAuthorization, bool useRoleBasedAccess)
{
if (!withAuthorization)
{
options.AddNoOpPolicies(Policies.All());
return;
}
options.AddPolicy(Policies.CanRead, policy =>
policy.RequireAuthenticatedUser());
if (!useRoleBasedAccess)
{
options.AddPolicy(Policies.CanWrite, policy =>
policy.RequireAuthenticatedUser());
options.AddPolicy(Policies.CanSign, policy =>
policy.RequireAuthenticatedUser());
options.AddPolicy(Policies.CanManage, policy =>
policy.RequireAuthenticatedUser());
}
else
{
options.AddPolicy(Policies.CanWrite, policy =>
policy.RequireAuthenticatedUser()
.Require(WriterRights));
options.AddPolicy(Policies.CanSign, policy =>
policy.RequireAuthenticatedUser()
.Require(ApproverRights));
options.AddPolicy(Policies.CanManage, policy =>
policy.RequireAuthenticatedUser()
.Require(AdminRights));
}
}
/// <summary>
/// Add policies to options
/// </summary>
/// <param name="options"></param>
/// <param name="withAuthorization"></param>
/// <param name="useRoleBasedAccess"></param>
public static void AddPolicies(this AuthorizationOptions options,
bool withAuthorization, bool useRoleBasedAccess)
{
if (!withAuthorization)
{
options.AddNoOpPolicies(Policies.All());
return;
}
options.AddPolicy(Policies.CanQuery, policy =>
policy.RequireAuthenticatedUser());
if (!useRoleBasedAccess)
{
options.AddPolicy(Policies.CanChange, policy =>
policy.RequireAuthenticatedUser());
options.AddPolicy(Policies.CanManage, policy =>
policy.RequireAuthenticatedUser());
}
else
{
options.AddPolicy(Policies.CanChange, policy =>
policy.RequireAuthenticatedUser()
.Require(ChangeRights));
options.AddPolicy(Policies.CanManage, policy =>
policy.RequireAuthenticatedUser()
.Require(ManageRights));
}
}
/// <summary>
/// Add policies to options
/// </summary>
/// <param name="options"></param>
/// <param name="withAuthorization"></param>
/// <param name="useRoleBasedAccess"></param>
public static void AddPolicies(this AuthorizationOptions options,
bool withAuthorization, bool useRoleBasedAccess)
{
if (!withAuthorization)
{
options.AddNoOpPolicies(Policies.All());
return;
}
options.AddPolicy(Policies.CanBrowse, policy =>
policy.RequireAuthenticatedUser());
if (!useRoleBasedAccess)
{
options.AddPolicy(Policies.CanControl, policy =>
policy.RequireAuthenticatedUser());
options.AddPolicy(Policies.CanPublish, policy =>
policy.RequireAuthenticatedUser());
}
else
{
options.AddPolicy(Policies.CanControl, policy =>
policy.RequireAuthenticatedUser()
.Require(ControlRights));
options.AddPolicy(Policies.CanPublish, policy =>
policy.RequireAuthenticatedUser()
.Require(PublishRights));
}
}
/// <summary>
/// Add policies to options
/// </summary>
/// <param name="options"></param>
/// <param name="withAuthorization"></param>
/// <param name="useRoleBasedAccess"></param>
public static void AddPolicies(this AuthorizationOptions options,
bool withAuthorization, bool useRoleBasedAccess)
{
if (!withAuthorization)
{
options.AddNoOpPolicies(Policies.All());
return;
}
options.AddPolicy(Policies.CanRead, policy =>
policy.RequireAuthenticatedUser());
if (!useRoleBasedAccess)
{
options.AddPolicy(Policies.CanUpdate, policy =>
policy.RequireAuthenticatedUser());
options.AddPolicy(Policies.CanDelete, policy =>
policy.RequireAuthenticatedUser());
}
else
{
options.AddPolicy(Policies.CanUpdate, policy =>
policy.RequireAuthenticatedUser()
.Require(UpdateRights));
options.AddPolicy(Policies.CanDelete, policy =>
policy.RequireAuthenticatedUser()
.Require(UpdateRights));
}
}
/// <summary>
/// Add policies to options
/// </summary>
/// <param name="options"></param>
/// <param name="withAuthorization"></param>
/// <param name="useRoleBasedAccess"></param>
public static void AddPolicies(this AuthorizationOptions options,
bool withAuthorization, bool useRoleBasedAccess)
{
if (!withAuthorization)
{
options.AddNoOpPolicies(Policies.All());
return;
}
if (!useRoleBasedAccess)
{
options.AddPolicy(Policies.CanOnboard, policy =>
policy.RequireAuthenticatedUser());
}
else
{
options.AddPolicy(Policies.CanOnboard, policy =>
policy.RequireAuthenticatedUser()
.Require(AdminRights));
}
}
