Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

add support for dynamic authorization policies

Browse Source
This commit is contained in:
Shaun Walker
2022-11-04 08:08:10 -04:00
parent 23d1dd23d1
commit 2aa6eb90e2
4 changed files with 57 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
Oqtane.Server/Security/AuthorizationPolicyProvider.cs Normal file
View File

@ -0,0 +1,54 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Options;
using Oqtane.Shared;
using System.Threading.Tasks;
namespace Oqtane.Security
{
public class AuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
{
private readonly AuthorizationOptions _options;
private readonly IConfiguration _configuration;
public AuthorizationPolicyProvider(IOptions<AuthorizationOptions> options, IConfiguration configuration) : base(options)
{
_options = options.Value;
_configuration = configuration;
}
public override async Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
{
// check static policies first
policyName = GetPolicyName(policyName);
var policy = await base.GetPolicyAsync(policyName);
if (policy == null)
{
// policy names must be in the form of "Entity:Permission" ie. "User:Read"
if (policyName.Contains(":"))
{
var entityName = policyName.Split(':')[0];
var permissionName = policyName.Split(':')[1];
policy = new AuthorizationPolicyBuilder()
.AddRequirements(new PermissionRequirement(entityName, permissionName))
.Build();
// add policy to the AuthorizationOptions
_options.AddPolicy(policyName, policy);
}
}
return policy;
}
private string GetPolicyName(string policyName)
{
// backward compatibility for legacy static policy names
if (policyName == PolicyNames.ViewModule) policyName = "Module:View";
if (policyName == PolicyNames.EditModule) policyName = "Module:Edit";
return policyName;
}
}
}