Diplomarbeit-Absolventenverein/oqtane.framework
6
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

Permission-based authorization utilizing Policies

Browse Source
This commit is contained in:
Shaun Walker
2019-08-27 17:14:41 -04:00
parent f037898c6e
commit 3ce7f1a227
54 changed files with 1104 additions and 388 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Oqtane.Client/Modules/Controls/ActionLink.razor
View File

@ -2,6 +2,7 @@
@using Oqtane.Modules
@using Oqtane.Services
@using Oqtane.Shared
@using Oqtane.Security
@inherits ModuleBase
@inject IUserService UserService
@ -70,19 +71,16 @@
authorized = true;
break;
case SecurityAccessLevel.View:
authorized = UserService.IsAuthorized(PageState.User, ModuleState.ViewPermissions);
authorized = UserSecurity.IsAuthorized(PageState.User, "View", ModuleState.Permissions);
break;
case SecurityAccessLevel.Edit:
authorized = UserService.IsAuthorized(PageState.User, ModuleState.EditPermissions);
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", ModuleState.Permissions);
break;
case SecurityAccessLevel.Admin:
authorized = UserService.IsAuthorized(PageState.User, Constants.AdminRole);
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.AdminRole));
break;
case SecurityAccessLevel.Host:
if (PageState.User != null)
{
authorized = PageState.User.IsSuperUser;
}
authorized = UserSecurity.IsAuthorized(PageState.User, "Edit", UserSecurity.SetPermissions("Edit", Constants.HostRole));
break;
}
}

20
Oqtane.Client/Modules/Controls/ModuleMessage.razor
View File

@ -1,30 +1,22 @@
@using Oqtane.Modules
@inherits ModuleBase
@if (authorized)
@if (Message != "")
{
<div class="@type">
@Message
</div>
<div class="@type">@Message</div><br /><br />
}
@code {
[Parameter]
public MessageType Type { get; set; }
[Parameter]
public string Message { get; set; }
string type = "alert alert-success"; // optional
bool authorized = false;
[Parameter]
public MessageType Type { get; set; }
string type = "alert alert-danger";
protected override void OnInitialized()
{
if (PageState.User != null)
{
authorized = PageState.User.IsSuperUser;
}
switch (Type)
{
case MessageType.Success: