auth improvements related to multi-tenancy

Oqtane.Shared/Security/UserSecurity.cs

@@ -1,6 +1,7 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
+using System.Security.Claims;
 using System.Text.Json;
 using Oqtane.Models;
 using Oqtane.Shared;
@@ -114,5 +115,42 @@ namespace Oqtane.Security
             }
             return false;
         }
+
+        public static ClaimsIdentity CreateClaimsIdentity(Alias alias, User user, List<UserRole> userroles)
+        {
+            user.Roles = "";
+            foreach (UserRole userrole in userroles)
+            {
+                user.Roles += userrole.Role.Name + ";";
+            }
+            if (user.Roles != "") user.Roles = ";" + user.Roles;
+            return CreateClaimsIdentity(alias, user);
+        }
+
+        public static ClaimsIdentity CreateClaimsIdentity(Alias alias, User user)
+        {
+            ClaimsIdentity identity = new ClaimsIdentity(Constants.AuthenticationScheme);
+            if (alias != null && user != null && !user.IsDeleted)
+            {
+                identity.AddClaim(new Claim(ClaimTypes.Name, user.Username));
+                identity.AddClaim(new Claim(ClaimTypes.PrimarySid, user.UserId.ToString()));
+                identity.AddClaim(new Claim(ClaimTypes.GroupSid, alias.AliasId.ToString()));
+                if (user.Roles.Contains(RoleNames.Host))
+                {
+                    // host users are site admins by default
+                    identity.AddClaim(new Claim(ClaimTypes.Role, RoleNames.Host));
+                    identity.AddClaim(new Claim(ClaimTypes.Role, RoleNames.Admin));
+                    identity.AddClaim(new Claim(ClaimTypes.Role, RoleNames.Registered));
+                }
+                foreach (string role in user.Roles.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries))
+                {
+                    if (!identity.Claims.Any(item => item.Type == ClaimTypes.Role && item.Value == role))
+                    {
+                        identity.AddClaim(new Claim(ClaimTypes.Role, role));
+                    }
+                }
+            }
+            return identity;
+        }
     }
 }

Oqtane.Shared/Shared/Constants.cs

@@ -1,5 +1,4 @@
 using System;
-using System.Globalization;
 
 namespace Oqtane.Shared {
 
@@ -72,5 +71,7 @@ namespace Oqtane.Shared {
         public static readonly string SatelliteAssemblyExtension = ".resources.dll";
 
         public static readonly string DefaultCulture = "en";
+
+        public static readonly string AuthenticationScheme = "Identity.Application";
     }
 }

Oqtane.Shared/Shared/Utilities.cs

@@ -108,6 +108,11 @@ namespace Oqtane.Shared
             return $"{aliasUrl}{Constants.ContentUrl}{fileId}{method}";
         }
 
+        public static string TenantUrl(Alias alias, string url)
+        {
+            url = (!url.StartsWith("/")) ? "/" + url : url; 
+            return (alias != null && !string.IsNullOrEmpty(alias.Path)) ? "/" + alias.Path + url : url;
+        }
         public static string GetTypeName(string fullyqualifiedtypename)
         {
             if (fullyqualifiedtypename.Contains(","))