暂时提交

Easy.sln

@@ -9,6 +9,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Easy.DI", "src\Easy.DI\Easy
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Easy.Result", "src\Easy.Result\Easy.Result.csproj", "{82677F0B-E9CF-4491-8B04-9BF9B04B1534}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Easy.Authorization", "src\Easy.Authorization\Easy.Authorization.csproj", "{1053FAA9-D1E5-4130-91EF-82868C5C2CA0}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -27,6 +29,10 @@ Global
 		{82677F0B-E9CF-4491-8B04-9BF9B04B1534}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{82677F0B-E9CF-4491-8B04-9BF9B04B1534}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{82677F0B-E9CF-4491-8B04-9BF9B04B1534}.Release|Any CPU.Build.0 = Release|Any CPU
+		{1053FAA9-D1E5-4130-91EF-82868C5C2CA0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{1053FAA9-D1E5-4130-91EF-82868C5C2CA0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{1053FAA9-D1E5-4130-91EF-82868C5C2CA0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{1053FAA9-D1E5-4130-91EF-82868C5C2CA0}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

src/Easy.Authorization/Abstractions/IPermissionDefinitionContext.cs

@@ -0,0 +1,10 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Easy.Authorization.Abstractions;
+public interface IPermissionDefinitionContext
+{
+}

src/Easy.Authorization/Abstractions/IPermissionDefinitionProvider.cs

@@ -0,0 +1,15 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Easy.Authorization.Abstractions;
+public interface IPermissionDefinitionProvider
+{
+    void PreDefine(IPermissionDefinitionContext context);
+
+    void Define(IPermissionDefinitionContext context);
+
+    void PostDefine(IPermissionDefinitionContext context);
+}

src/Easy.Authorization/Abstractions/IPermissionValueProvider.cs

@@ -0,0 +1,16 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Easy.Authorization.Abstractions;
+interface IPermissionValueProvider
+{
+    string Name { get; }
+
+    //TODO: Rename to GetResult? (CheckAsync throws exception by naming convention)
+    Task<PermissionGrantResult> CheckAsync(PermissionValueCheckContext context);
+
+    Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context);
+}

src/Easy.Authorization/Abstractions/PermissionDefinitionProvider.cs

@@ -0,0 +1,17 @@
+using Easy.DI;
+
+namespace Easy.Authorization.Abstractions;
+public abstract class PermissionDefinitionProvider : IPermissionDefinitionProvider, ITransientDependency
+{
+    public virtual void PreDefine(IPermissionDefinitionContext context)
+    {
+
+    }
+
+    public abstract void Define(IPermissionDefinitionContext context);
+
+    public virtual void PostDefine(IPermissionDefinitionContext context)
+    {
+
+    }
+}

src/Easy.Authorization/Contexts/PermissionValueCheckContext.cs

@@ -0,0 +1,19 @@
+using Easy.Authorization.Realizations;
+using System.Security.Claims;
+
+namespace Easy.Authorization.Contexts;
+
+public class PermissionValueCheckContext
+{
+    public PermissionDefinition Permission { get; }
+
+    public ClaimsPrincipal Principal { get; }
+
+    public PermissionValueCheckContext(
+        PermissionDefinition permission,
+        ClaimsPrincipal principal)
+    {
+        Permission = permission;
+        Principal = principal;
+    }
+}

src/Easy.Authorization/Easy.Authorization.csproj

@@ -0,0 +1,17 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <!--<Nullable>enable</Nullable>-->
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="6.0.2" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\Easy.DI\Easy.DI.csproj" />
+  </ItemGroup>
+
+</Project>

src/Easy.Authorization/Enums/PermissionGrantResult.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Easy.Authorization.Enums;
+public enum PermissionGrantResult
+{
+    /// <summary>
+    /// 代表当前无法确定是否授予或禁止权限, 返回UnDefined由其他权限值提供程序检查权限.
+    /// </summary>
+    Undefined,
+    /// <summary>
+    /// 授予用户权限,如果没有其他的授权值提供程序返回 Prohibited, 那么最后会返回 Granted.
+    /// </summary>
+    Granted,
+    /// <summary>
+    /// 禁止授权用户,任何一个授权值提供程序返回了 Prohibited, 那么其他的提供程序返回的值都不再重要.
+    /// </summary>
+    Prohibited
+}

src/Easy.Authorization/PermissionValueProviders/RolePermissionValueProvider.cs

@@ -0,0 +1,30 @@
+using Easy.Authorization.Contexts;
+using Easy.Authorization.Enums;
+using System.Security.Claims;
+
+namespace Easy.Authorization.PermissionValueProviders;
+public class RolePermissionValueProvider
+{
+    public const string ProviderName = "R";
+
+
+    public override async Task<PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
+    {
+        var roles = context.Principal?.FindAll(ClaimTypes.Role).Select(c => c.Value).ToArray();
+
+        if (roles == null || !roles.Any())
+        {
+            return PermissionGrantResult.Undefined;
+        }
+
+        foreach (var role in roles.Distinct())
+        {
+            if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, role))
+            {
+                return PermissionGrantResult.Granted;
+            }
+        }
+
+        return PermissionGrantResult.Undefined;
+    }
+}

src/Easy.Authorization/Realizations/AuthorizationPolicyProvider.cs

@@ -0,0 +1,27 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.Extensions.Options;
+
+namespace Easy.Authorization.Realizations;
+public class CustomAuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider
+{
+    public CustomAuthorizationPolicyProvider(IOptions<AuthorizationOptions> options) : base(options)
+    {
+    }
+
+    public override async Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
+    {
+        var policy = await base.GetPolicyAsync(policyName);
+        if (policy != null)
+        {
+            return policy;
+        }
+
+        //TODO: Optimize & Cache!
+        var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty<string>());
+        policyBuilder.Requirements.Add(new PermissionRequirement(policyName));
+        return policyBuilder.Build();
+
+        //return null;
+    }
+    
+}

src/Easy.Authorization/Realizations/PermissionDefinition.cs

@@ -0,0 +1,4 @@
+namespace Easy.Authorization.Realizations;
+public class PermissionDefinition
+{
+}

src/Easy.Authorization/Realizations/PermissionGroupDefinition.cs

@@ -0,0 +1,29 @@
+using Easy.Authorization.Abstractions;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Easy.Authorization.Realizations;
+public class PermissionDefinitionContext : IPermissionDefinitionContext
+{
+     
+}
+public class PermissionGroupDefinition
+{
+    public Dictionary<string, PermissionDefinition> Groups { get; }
+
+}
+
+public class PermissionDefinition
+{
+    /// <summary>
+    /// 权限名称
+    /// </summary>
+    public string Name { get; set; }
+    /// <summary>
+    /// 显示名称
+    /// </summary>
+    public string DisplayName { get; set; }
+}

src/Easy.Authorization/Realizations/PermissionRequirement.cs

@@ -0,0 +1,17 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace Easy.Authorization.Realizations;
+public class PermissionRequirement : IAuthorizationRequirement
+{
+    public string PermissionName { get; }
+
+    public PermissionRequirement(string permissionName)
+    {
+        PermissionName = permissionName;
+    }
+
+    public override string ToString()
+    {
+        return $"PermissionRequirement: {PermissionName}";
+    }
+}

src/Easy.Result/Extensions/ApiResultExtensions.cs

@@ -39,7 +39,7 @@ public static class ApiResultExtensions
     }
     /// <summary>
     /// 自定义状态消息
-    /// </summary>
+    /// </summary> 
     static public TSource CustomStatusMessage<TSource>(this TSource source, string status, string message)
         where TSource : ApiResult
     {