public static object GetTenantValue(this IUserInfo info, bool throwIfNotSupport = true)
{
TkDebug.AssertArgumentNull(info, nameof(info), null);
if (info is ISupportTenant support)
{
return(support.TenantId);
}
if (throwIfNotSupport)
{
throw new ToolkitException($"当前的UserInfo类型是{info.GetType()},不支持接口ISupportTenant", info);
}
return(null);
}
public IList<bool> GetAuthorizations(IUserInfo userInfo, IList<Claim> requiredClaims)
{
if (!(userInfo is IWindowsUserInfo))
throw new FrameworkException("Unexpected userInfo type '" + userInfo.GetType().FullName + "'.");
if (_roleRepository.Value.Query().Take(1).Select(role => role.ID).ToList().Count > 0)
throw new FrameworkException("SimpleWindowsAuth does not support roles. Please delete roles from Common.Role or use a different security package.");
var userMembership = (IList<string>)_windowsSecurity.GetIdentityMembership(userInfo.UserName);
var userPermissions = _permissionLoader.Value.LoadPermissions(requiredClaims, userMembership);
_logger.Trace(() => "User " + userInfo.UserName + " has roles: " + string.Join(", ", userMembership) + ".");
_logger.Trace(() => ReportPermissions(userInfo, userPermissions, requiredClaims));
HashSet<string> hasClaims = new HashSet<string>();
foreach (IPermissionBrowse permission in userPermissions)
if (permission.IsAuthorized.Value)
hasClaims.Add(permission.ClaimResource + "." + permission.ClaimRight);
foreach (IPermissionBrowse permission in userPermissions)
if (!permission.IsAuthorized.Value)
hasClaims.Remove(permission.ClaimResource + "." + permission.ClaimRight);
return requiredClaims.Select(requiredClaim => hasClaims.Contains(requiredClaim.FullName)).ToArray();
}
public IList <bool> GetAuthorizations(IUserInfo userInfo, IList <Claim> requiredClaims)
{
if (!(userInfo is IWindowsUserInfo))
{
throw new FrameworkException("Unexpected userInfo type '" + userInfo.GetType().FullName + "'.");
}
if (_roleRepository.Value.Query().Take(1).Select(role => role.ID).ToList().Count > 0)
{
throw new FrameworkException("SimpleWindowsAuth does not support roles. Please delete roles from Common.Role or use a different security package.");
}
var userMembership = (IList <string>)_windowsSecurity.GetIdentityMembership(userInfo.UserName);
var userPermissions = _permissionLoader.Value.LoadPermissions(requiredClaims, userMembership);
_logger.Trace(() => "User " + userInfo.UserName + " has roles: " + string.Join(", ", userMembership) + ".");
_logger.Trace(() => ReportPermissions(userInfo, userPermissions, requiredClaims));
HashSet <string> hasClaims = new HashSet <string>();
foreach (IPermissionBrowse permission in userPermissions)
{
if (permission.IsAuthorized.Value)
{
hasClaims.Add(permission.ClaimResource + "." + permission.ClaimRight);
}
}
foreach (IPermissionBrowse permission in userPermissions)
{
if (!permission.IsAuthorized.Value)
{
hasClaims.Remove(permission.ClaimResource + "." + permission.ClaimRight);
}
}
return(requiredClaims.Select(requiredClaim => hasClaims.Contains(requiredClaim.FullName)).ToArray());
}
