33 lines
1.1 KiB
C#
33 lines
1.1 KiB
C#
using Microsoft.AspNetCore.Authorization;
|
|
|
|
namespace TrafagSalesExporter.Security;
|
|
|
|
public static class SecurityPolicyFactory
|
|
{
|
|
public static AuthorizationPolicy BuildAccessPolicy(SecurityOptions settings, bool useDevelopmentAuthentication)
|
|
{
|
|
var builder = new AuthorizationPolicyBuilder()
|
|
.RequireAuthenticatedUser();
|
|
|
|
if (!useDevelopmentAuthentication && settings.AccessGroups.Count > 0)
|
|
{
|
|
builder.RequireAssertion(context =>
|
|
settings.AccessGroups.Any(group => context.User.IsInRole(group)));
|
|
}
|
|
|
|
return builder.Build();
|
|
}
|
|
|
|
public static AuthorizationPolicy BuildAdminPolicy(SecurityOptions settings, bool useDevelopmentAuthentication)
|
|
{
|
|
var builder = new AuthorizationPolicyBuilder()
|
|
.RequireAuthenticatedUser();
|
|
|
|
builder.RequireAssertion(context =>
|
|
useDevelopmentAuthentication && context.User.HasClaim(DevelopmentAuthenticationHandler.AdminClaimType, "true") ||
|
|
settings.AdminGroups.Any(group => context.User.IsInRole(group)));
|
|
|
|
return builder.Build();
|
|
}
|
|
}
|