Document finance workflow and security toggle

This commit is contained in:
2026-05-19 14:26:04 +02:00
parent b23f73ecd6
commit 383796df87
7 changed files with 358 additions and 3 deletions
@@ -4,6 +4,7 @@ public sealed class SecurityOptions
{
public const string SectionName = "Security";
public bool Enabled { get; set; } = true;
public bool DevelopmentBypass { get; set; }
public bool DevelopmentUserIsAdmin { get; set; }
public string DevelopmentUserName { get; set; } = "DEV\\TrafagDeveloper";
@@ -6,10 +6,18 @@ public static class SecurityPolicyFactory
{
public static AuthorizationPolicy BuildAccessPolicy(SecurityOptions settings, bool useDevelopmentAuthentication)
{
if (!settings.Enabled)
{
return new AuthorizationPolicyBuilder()
.RequireAssertion(_ => true)
.Build();
}
var builder = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser();
if (!useDevelopmentAuthentication && settings.AccessGroups.Count > 0)
if (!useDevelopmentAuthentication &&
settings.AccessGroups.Count > 0)
{
builder.RequireAssertion(context =>
settings.AccessGroups.Any(group => context.User.IsInRole(group)));
@@ -20,6 +28,13 @@ public static class SecurityPolicyFactory
public static AuthorizationPolicy BuildAdminPolicy(SecurityOptions settings, bool useDevelopmentAuthentication)
{
if (!settings.Enabled)
{
return new AuthorizationPolicyBuilder()
.RequireAssertion(_ => true)
.Build();
}
var builder = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser();