/// <summary>
/// Evaluates whether a user meets the requirements for this authorization policy.
/// </summary>
/// <param name="evaluationContext">An <see cref="T:System.IdentityModel.Policy.EvaluationContext"/> that contains the claim set that the authorization policy evaluates.</param>
/// <param name="state">A <see cref="T:System.Object"/>, passed by reference that represents the custom state for this authorization policy.</param>
/// <returns>
/// false if the <see cref="M:System.IdentityModel.Policy.IAuthorizationPolicy.Evaluate(System.IdentityModel.Policy.EvaluationContext,System.Object@)"/> method for this authorization policy must be called if additional claims are added by other authorization policies to <paramref name="evaluationContext"/>; otherwise, true to state no additional evaluation is required by this authorization policy.
/// </returns>
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
const String IdentitiesKey = "Identities";
// Check if the properties of the context has the identities list
if (evaluationContext.Properties.Count == 0 ||
evaluationContext.Properties.ContainsKey(IdentitiesKey) == false ||
evaluationContext.Properties[IdentitiesKey] == null)
{
return(false);
}
// Get the identities list
List <IIdentity> identities = evaluationContext.Properties[IdentitiesKey] as List <IIdentity>;
// Validate that the identities list is valid
if (identities == null)
{
return(false);
}
// Get the current identity
IIdentity currentIdentity =
identities.Find(
identityMatch =>
identityMatch is GenericIdentity &&
String.Equals(identityMatch.Name, UserName, StringComparison.OrdinalIgnoreCase));
// Check if an identity was found
if (currentIdentity == null)
{
return(false);
}
// Create new identity
PersonnelIdentity newIdentity = new PersonnelIdentity(
UserName, Password, currentIdentity.IsAuthenticated, currentIdentity.AuthenticationType);
const String PrimaryIdentityKey = "PrimaryIdentity";
// Update the list and the context with the new identity
identities.Remove(currentIdentity);
identities.Add(newIdentity);
evaluationContext.Properties[PrimaryIdentityKey] = newIdentity;
// Create a new principal for this identity
PersonnelPrincipal newPrincipal = new PersonnelPrincipal(newIdentity, null);
const String PrincipalKey = "Principal";
// Store the new principal in the context
evaluationContext.Properties[PrincipalKey] = newPrincipal;
// This policy has successfully been evaluated and doesn't need to be called again
return(true);
}
/// <summary>
/// Initializes a new instance of the <see cref="PersonnelPrincipal"/> class.
/// </summary>
/// <param name="identity">The identity.</param>
/// <param name="roles">The roles.</param>
public PersonnelPrincipal(PersonnelIdentity identity, String[] roles)
: base(identity, roles)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="PersonnelPrincipal"/> class.
/// </summary>
/// <param name="identity">The identity.</param>
/// <param name="roles">The roles.</param>
public PersonnelPrincipal(PersonnelIdentity identity, String[] roles)
: base(identity, roles)
{
}
/// <summary>
/// Evaluates whether a user meets the requirements for this authorization policy.
/// </summary>
/// <param name="evaluationContext">An <see cref="T:System.IdentityModel.Policy.EvaluationContext"/> that contains the claim set that the authorization policy evaluates.</param>
/// <param name="state">A <see cref="T:System.Object"/>, passed by reference that represents the custom state for this authorization policy.</param>
/// <returns>
/// false if the <see cref="M:System.IdentityModel.Policy.IAuthorizationPolicy.Evaluate(System.IdentityModel.Policy.EvaluationContext,System.Object@)"/> method for this authorization policy must be called if additional claims are added by other authorization policies to <paramref name="evaluationContext"/>; otherwise, true to state no additional evaluation is required by this authorization policy.
/// </returns>
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
const String IdentitiesKey = "Identities";
// Check if the properties of the context has the identities list
if (evaluationContext.Properties.Count == 0
|| evaluationContext.Properties.ContainsKey(IdentitiesKey) == false
|| evaluationContext.Properties[IdentitiesKey] == null)
{
return false;
}
// Get the identities list
List<IIdentity> identities = evaluationContext.Properties[IdentitiesKey] as List<IIdentity>;
// Validate that the identities list is valid
if (identities == null)
{
return false;
}
// Get the current identity
IIdentity currentIdentity =
identities.Find(
identityMatch =>
identityMatch is GenericIdentity
&& String.Equals(identityMatch.Name, UserName, StringComparison.OrdinalIgnoreCase));
// Check if an identity was found
if (currentIdentity == null)
{
return false;
}
// Create new identity
PersonnelIdentity newIdentity = new PersonnelIdentity(
UserName, Password, currentIdentity.IsAuthenticated, currentIdentity.AuthenticationType);
const String PrimaryIdentityKey = "PrimaryIdentity";
// Update the list and the context with the new identity
identities.Remove(currentIdentity);
identities.Add(newIdentity);
evaluationContext.Properties[PrimaryIdentityKey] = newIdentity;
// Create a new principal for this identity
PersonnelPrincipal newPrincipal = new PersonnelPrincipal(newIdentity, null);
const String PrincipalKey = "Principal";
// Store the new principal in the context
evaluationContext.Properties[PrincipalKey] = newPrincipal;
// This policy has successfully been evaluated and doesn't need to be called again
return true;
}