public static Task<bool> CheckAccessAsync(this HttpContextBase httpContext, IEnumerable<Claim> actions, IEnumerable<Claim> resources)
        {
            var cp = httpContext.User as ClaimsPrincipal;
            var authorizationContext = new ResourceAuthorizationContext(
                cp ?? Principal.Anonymous,
                actions,
                resources);

            return httpContext.CheckAccessAsync(authorizationContext);
        }
 public void Authenticated_Admin_Can_Edit_Album()
 {
     var ctx = new ResourceAuthorizationContext(User("test", "Admin"),
         ChinookResources.AlbumActions.Edit,
         ChinookResources.Album);
     Assert.IsTrue(subject.CheckAccessAsync(ctx).Result);
 }
 public void Authenticated_NonAdmin_Cannot_Edit_Track()
 {
     var ctx = new ResourceAuthorizationContext(User("test"),
         ChinookResources.TrackActions.Edit,
         ChinookResources.Track);
     Assert.IsFalse(subject.CheckAccessAsync(ctx).Result);
 }
 public void Anonymous_Cannot_Access_Track()
 {
     var ctx = new ResourceAuthorizationContext(Anonymous,
         ChinookResources.TrackActions.Edit,
         ChinookResources.Track);
     Assert.IsFalse(subject.CheckAccessAsync(ctx).Result);
 }
 public override Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
 {
     return this.Eval(
         this.currentPolicies.ContainsPolicy(
             context.Resource.First().Value,
             context.Action.First().Value,
             context.Principal.Claims.Where(x => x.Type.Equals(ClaimTypes.Role)).Select(x => x.Value).ToList()));
 }
 Task<bool> AuthorizeValues(ResourceAuthorizationContext context)
 {
     switch (context.Action.First().Value) {
         case "read":
             return Eval(context.Principal.HasClaim("role", "api-read"));
         default:
             return Nok();
     }
 }
        public Task<bool> CheckCartoonAccess(ResourceAuthorizationContext context)
        {
            if (!context.Principal.Identity.IsAuthenticated)
            {
                return Nok();
            }

            return Ok();
        }
        public static Task<bool> CheckAccessAsync(this HttpRequestMessage request, IEnumerable<Claim> actions, IEnumerable<Claim> resources)
        {
            var authorizationContext = new ResourceAuthorizationContext(
                request.GetOwinContext().Authentication.User ?? Principal.Anonymous,
                actions,
                resources);

            return request.CheckAccessAsync(authorizationContext);
        }
        public static Task<bool> CheckAccessAsync(this HttpRequestMessage request, string action, params string[] resources)
        {
            var authorizationContext = new ResourceAuthorizationContext(
                request.GetOwinContext().Authentication.User ?? Principal.Anonymous,
                action,
                resources);

            return request.CheckAccessAsync(authorizationContext);
        }
 public static Task<bool> CheckAccessAsync(this HttpRequestMessage request, string action, params string[] resources)
 {
     var user = request.GetRequestContext().Principal as ClaimsPrincipal;
     user = user ?? Principal.Anonymous;
     
     var ctx = new ResourceAuthorizationContext(user, action, resources);
     
     return request.CheckAccessAsync(ctx);
 }
 public override Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
 {
     switch (context.Resource.First().Value) {
         case "claims":
             return AuthorizeValues(context);
         default:
             return Nok();
     }
 }
        private Task<bool> CheckInformationAccess(ResourceAuthorizationContext context)
        {
            if (context.Principal.IsInRole("admin"))
            {
                return Ok();
            }

            return Nok();
        }
        private Task<bool> CheckAlbumEditAccessByIdAsync(ResourceAuthorizationContext context)
        {
            var id = context.Resource.Skip(1).Take(1).Single().Value;
            if (id == "1")
            {
                return Eval("bob".Equals(context.Principal.Identity.Name, StringComparison.OrdinalIgnoreCase));
            }

            return Ok();
        }
        public static Task<bool> CheckAccessAsync(this HttpContextBase httpContext, string action, params string[] resources)
        {
            var cp = httpContext.User as ClaimsPrincipal;
            var authorizationContext = new ResourceAuthorizationContext(
                cp ?? Principal.Anonymous,
                action,
                resources);

            return httpContext.CheckAccessAsync(authorizationContext);
        }
示例#15
0
        private async Task<bool> CheckUserEditAccessByRoleAsync(ResourceAuthorizationContext context)
        {
            var user = _uow.UserAccountRepository.Get(context.Principal.Identity.Name);
            if (user.Claims.Any(x => x.Type == System.Security.Claims.ClaimTypes.Role &&
                x.Value == "SystemAdmin"))
            {
                return await Ok();
            }

            return await Nok();
        }
        private Task<bool> CheckCharacterAccess(ResourceAuthorizationContext context)
        {
            var action = context.Action.First().Value;

            if (context.Principal.HasClaim(action))
            {
                return Ok();
            }

            return Nok();
        }
 public override Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
 {
     var claim = context.Principal.Claims.FirstOrDefault(c => c.Type == "role");
     if (claim != null)
     {
         if (claim.Value == "Administrator")
         {
             return Task.FromResult(true);
         }
     }
     return Task.FromResult(false);
 }
 private Task<bool> AuthorizeContactDetails(ResourceAuthorizationContext context)
 {
     switch (context.Action.First().Value)
     {
         case "Read":
             return Eval(context.Principal.HasClaim("role", "Geek"));
         case "Write":
             return Eval(context.Principal.HasClaim("role", "Operator"));
         default:
             return Nok();
     }
 }
示例#19
0
 Task<bool> AuthorizeMember(ResourceAuthorizationContext context)
 {
     switch (context.Action.First().Value)
     {
         case "Read":
             return Eval(context.Principal.HasClaim("role", "Member"));
         case "Write":
             return Eval(context.Principal.HasClaim("role", "PrimaryMember"));
         default:
             return Nok();
     }
 }
示例#20
0
 private Task<bool> AuthorizationExpenseGroup(ResourceAuthorizationContext context)
 {
     switch (context.Action.First().Value)
     {
         case "Read":
             return Eval(context.Principal.HasClaim("role", "WebReaderUser"));
         case "Write":
             return Eval(context.Principal.HasClaim("role", "WebWriterUser"));
         default:
             return Nok();
     }
 }
示例#21
0
 public override Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
 {
     //switch (context.Resource.First().Value)
     //{
     //    case "PrimaryMember":
     //        return AuthorizeMember(context);
     //    case "FamilyMember":
     //    default:
     //        return Nok();
     //}
     return Nok();
 }
示例#22
0
        public override async Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
        {
            var resource = context.Resource.First().Value;

            if(resource == "User")
            {
                return await CheckUserAccessAsync(context);
            
            }

            return await Nok();
        }
        public ResourceAuthorizeAttributeControllerAndActionTests()
        {
            _context = null;

            CheckAccessDelegate = c =>
            {
                _context = c;

                return Task.FromResult(true);
            };

            _response = Client.GetAsync("/api/default").Result;

        }
        public ResourceAuthorizationAttributeActionParametersTests()
        {
            _context = null;

            CheckAccessDelegate = c =>
            {
                _context = c;

                return Task.FromResult(true);
            };

            _response = Client.GetAsync("/api/protected/firstvalue/secondvalue").Result;

        }
        private Task<bool> CheckAlbumEditAccessAsync(ResourceAuthorizationContext context)
        {
            if (!context.Principal.IsInRole("Admin") && !context.Principal.IsInRole("Manager"))
            {
                return Nok();
            }

            if (context.Resource.Count() == 2)
            {
                return CheckAlbumEditAccessByIdAsync(context);
            }

            return Ok();
        }
        public ResourceAuthorizeAttributeTests()
        {
            _context = null;

            CheckAccessDelegate = c =>
            {
                _context = c;

                return Task.FromResult(true);
            };

            _response = Client.GetAsync("/api/protected").Result;

        }
示例#27
0
        private async Task<bool> CheckUserAccessAsync(ResourceAuthorizationContext context)
        {
            if (!context.Principal.Identity.IsAuthenticated)
            {
                return await Nok();
            }

            if (context.Action.Any(x => x.Value == "Edit"))
            {
                return await CheckUserEditAccessByRoleAsync(context);
            }

            return await Ok();
        }
示例#28
0
        private Task<bool> AuthorizeExpenseGroup(ResourceAuthorizationContext context)
        {
            switch (context.Action.First().Value)
            {
                case "Read":
                    // to be able to read an expensegroups from the API, the user must be in the
                    // WebReadUser role or MobileReadUser role
                    return
                        Eval(context.Principal.HasClaim("role", "MobileReadUser")
                        || (context.Principal.HasClaim("role", "WebReadUser")));

                default:
                    return Nok();
            }
        }
        private Task<bool> CheckAlbumAccessAsync(ResourceAuthorizationContext context)
        {
            if (!context.Principal.Identity.IsAuthenticated)
            {
                return Nok();
            }

            var action = context.Action.First().Value;
            if (action == ChinookResources.AlbumActions.Edit)
            {
                return CheckAlbumEditAccessAsync(context);
            }

            return Ok();
        }
        public override Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
        {
            // check access credentials here
            if (context.Principal.Identity.IsAuthenticated)
            {
                var resource = context.Resource.First();
                var action = context.Action.First();

                if (context.Principal.HasClaim(c => c.Type == resource.Value && c.Value == action.Value))
                {
                    return Ok();
                }
            }
            return Nok();
        }
示例#31
0
 public virtual Task <bool> CheckAccessAsync(ResourceAuthorizationContext context)
 {
     throw new NotImplementedException();
 }