Diplomarbeit-Absolventenverein/oqtane.framework
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

enhance dynamic authorization policies to support default role specification

Browse Source
This commit is contained in:
Shaun Walker
2022-12-02 07:34:06 -05:00
parent a1aab62cea
commit b09a3ccdae
7 changed files with 72 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
Oqtane.Server/Security/PermissionHandler.cs
View File

@ -33,30 +33,33 @@ namespace Oqtane.Security
siteId = ctx.GetAlias().SiteId;
}
// get entityid from querystring based on a parameter format of auth{entityname}id (ie. authmoduleid )
int entityId = -1;
if (ctx.Request.Query.ContainsKey("auth" + requirement.EntityName.ToLower() + "id"))
if (requirement.RequireEntityId)
{
if (!int.TryParse(ctx.Request.Query["auth" + requirement.EntityName.ToLower() + "id"], out entityId))
// get entityid from querystring based on a parameter format of auth{entityname}id (ie. authmoduleid )
if (ctx.Request.Query.ContainsKey("auth" + requirement.EntityName.ToLower() + "id"))
{
entityId = -1;
}
}
// legacy support for deprecated CreateAuthorizationPolicyUrl(string url, int entityId)
if (entityId == -1)
{
if (ctx.Request.Query.ContainsKey("entityid"))
{
if (!int.TryParse(ctx.Request.Query["entityid"], out entityId))
if (!int.TryParse(ctx.Request.Query["auth" + requirement.EntityName.ToLower() + "id"], out entityId))
{
entityId = -1;
}
}
// legacy support for deprecated CreateAuthorizationPolicyUrl(string url, int entityId)
if (entityId == -1)
{
if (ctx.Request.Query.ContainsKey("entityid"))
{
if (!int.TryParse(ctx.Request.Query["entityid"], out entityId))
{
entityId = -1;
}
}
}
}
// validate permissions
if (_userPermissions.IsAuthorized(context.User, siteId, requirement.EntityName, entityId, requirement.PermissionName))
if (_userPermissions.IsAuthorized(context.User, siteId, requirement.EntityName, entityId, requirement.PermissionName, requirement.Roles))
{
context.Succeed(requirement);
}