/// <summary>
/// Checks if a user meets a specific authorization policy against the specified resource.
/// </summary>
/// <param name="service">The <see cref="IAuthorizationService"/> providing authorization.</param>
/// <param name="user">The user to evaluate the policy against.</param>
/// <param name="policy">The policy to evaluate.</param>
/// <returns>
/// A flag indicating whether policy evaluation has succeeded or failed.
/// This value is <value>true</value> when the user fulfills the policy, otherwise <value>false</value>.
/// </returns>
public static Task <bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, AuthorizationPolicy policy)
{
return(AuthorizeAsync(service, user, null, policy));
}
/// <summary>
/// Checks if a user meets a specific authorization policy
/// </summary>
/// <param name="service">The authorization service.</param>
/// <param name="user">The user to check the policy against.</param>
/// <param name="policy">The policy to check against a specific context.</param>
/// <returns><value>true</value> when the user fulfills the policy, <value>false</value> otherwise.</returns>
public static Task <bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, AuthorizationPolicy policy)
{
if (service == null)
{
throw new ArgumentNullException(nameof(service));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
return(service.AuthorizeAsync(user, resource: null, policy: policy));
}
/// <summary>
/// Checks if a user meets a specific authorization policy against the specified resource.
/// </summary>
/// <param name="service">The <see cref="IAuthorizationService"/> providing authorization.</param>
/// <param name="user">The user to evaluate the policy against.</param>
/// <param name="resource">The resource to evaluate the policy against.</param>
/// <param name="policy">The policy to evaluate.</param>
/// <returns>
/// A flag indicating whether policy evaluation has succeeded or failed.
/// This value is <value>true</value> when the user fulfills the policy, otherwise <value>false</value>.
/// </returns>
public static Task <bool> AuthorizeAsync(this IAuthorizationService service, ClaimsPrincipal user, object resource, AuthorizationPolicy policy)
{
if (service == null)
{
throw new ArgumentNullException(nameof(service));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
return(service.AuthorizeAsync(user, resource, policy.Requirements.ToArray()));
}
public async Task CombineShouldReturnNullWhenThereAreNoAttributes()
{
var policy = await AuthorizationPolicy.CombineAsync(new DefaultAuthorizationPolicyProvider(new AuthorizationOptions()), new IAuthorizeData[0]);
Assert.IsNull(policy, "policy != null");
}
public AuthorizationPolicyBuilder(AuthorizationPolicy policy)
{
Combine(policy);
}
public async Task CombineShouldThrowWhenOptionsIsNull()
{
await AuthorizationPolicy.CombineAsync(null, new IAuthorizeData[0]);
}
public async Task CombineShouldThrowWhenAttributesIsNull()
{
await AuthorizationPolicy.CombineAsync(new DefaultAuthorizationPolicyProvider(new AuthorizationOptions()), null);
}
public void CombineShouldThrowWhenPoliciesEnumerableIsNull()
{
AuthorizationPolicy.Combine((IEnumerable <AuthorizationPolicy>)null);
}
public void CombineShouldThrowWhenPoliciesParametersIsNull()
{
AuthorizationPolicy[] policies = null;
// ReSharper disable once ExpressionIsAlwaysNull because we want it to be null
AuthorizationPolicy.Combine(policies);
}
private static void AssertCorrectSchemes(IReadOnlyList <string> expected, AuthorizationPolicy policy)
{
AssertListsEqual(expected, policy.AuthenticationSchemes);
}
private static void AssertCorrectRoles(IReadOnlyList <string> expected, AuthorizationPolicy policy, int index = 0)
{
var roleRequirement = (RolesAuthorizationRequirement)policy.Requirements[index];
AssertListsEqual(expected, roleRequirement.AllowedRoles.ToArray());
}
private static AuthorizationOptions CreateOptionsAndAddPolicy(string policyName, AuthorizationPolicy policy)
{
var options = new AuthorizationOptions();
options.AddPolicy(policyName, policy);
return(options);
}
