/// <summary> /// Checks if the principal specified in the authorization context is authorized to perform specified action /// on the specified resoure /// </summary> /// <param name="pec">Authorization context</param> /// <returns>true if authorized, false otherwise</returns> public override bool CheckAccess(AuthorizationContext pec) { // // Evaluate the policy against the claims of the // principal to determine access // bool access = false; try { var resource = (pec.Resource.First <Claim>().Value.Contains('/')) ? new Uri(pec.Resource.First <Claim>().Value) .GetComponents(UriComponents.PathAndQuery, UriFormat.Unescaped) : pec.Resource.First <Claim>().Value; var ra = new ResourceAction(resource, pec.Action.First <Claim>().Value); access = _policies[ra](pec.Principal); } catch (Exception) { // if no policy specified for the URI, allow access // if a custom policy is specified then make sure that the policy is satisfied. return(pec.Resource.First <Claim>().Value.Contains('/')); //access = false; } return(access); }
/// <summary> /// Checks if the current instance is equal to the given object by comparing the resource and action values /// </summary> /// <param name="obj">object to compare to</param> /// <returns>True if equal, else false.</returns> public override bool Equals(object obj) { ResourceAction ra = obj as ResourceAction; if (ra != null) { return((string.Compare(ra.Resource, Resource, true) == 0) && (string.Compare(ra.Action, Action, true) == 0)); } return(base.Equals(obj)); }