kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2aa6eb90e2
oqtane.framework/Oqtane.Server/Security/AuthorizationPolicyProvider.cs
Shaun Walker 2aa6eb90e2 add support for dynamic authorization policies
2022-11-04 08:08:10 -04:00

55 lines
1.9 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Options;
using Oqtane.Shared;
using System.Threading.Tasks;
namespace Oqtane.Security
{
public class AuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
{
private readonly AuthorizationOptions _options;
private readonly IConfiguration _configuration;
public AuthorizationPolicyProvider(IOptions<AuthorizationOptions> options, IConfiguration configuration) : base(options)
{
_options = options.Value;
_configuration = configuration;
}
public override async Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
{
// check static policies first
policyName = GetPolicyName(policyName);
var policy = await base.GetPolicyAsync(policyName);
if (policy == null)
{
// policy names must be in the form of "Entity:Permission" ie. "User:Read"
if (policyName.Contains(":"))
{
var entityName = policyName.Split(':')[0];
var permissionName = policyName.Split(':')[1];
policy = new AuthorizationPolicyBuilder()
.AddRequirements(new PermissionRequirement(entityName, permissionName))
.Build();
// add policy to the AuthorizationOptions
_options.AddPolicy(policyName, policy);
}
}
return policy;
}
private string GetPolicyName(string policyName)
{
// backward compatibility for legacy static policy names
if (policyName == PolicyNames.ViewModule) policyName = "Module:View";
if (policyName == PolicyNames.EditModule) policyName = "Module:Edit";
return policyName;
}
}
}
Reference in New Issue View Git Blame Copy Permalink