Compare commits
2 Commits
eb35beee5a
...
6d0e3b6d6c
Author | SHA1 | Date |
---|---|---|
Nice | 6d0e3b6d6c | 3 years ago |
Nice | 9cadf88cc0 | 3 years ago |
13 changed files with 301 additions and 0 deletions
@ -0,0 +1,10 @@ |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Text; |
|||
using System.Threading.Tasks; |
|||
|
|||
namespace Easy.Authorization.Abstractions; |
|||
public interface IPermissionDefinitionContext |
|||
{ |
|||
} |
@ -0,0 +1,15 @@ |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Text; |
|||
using System.Threading.Tasks; |
|||
|
|||
namespace Easy.Authorization.Abstractions; |
|||
public interface IPermissionDefinitionProvider |
|||
{ |
|||
void PreDefine(IPermissionDefinitionContext context); |
|||
|
|||
void Define(IPermissionDefinitionContext context); |
|||
|
|||
void PostDefine(IPermissionDefinitionContext context); |
|||
} |
@ -0,0 +1,16 @@ |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Text; |
|||
using System.Threading.Tasks; |
|||
|
|||
namespace Easy.Authorization.Abstractions; |
|||
interface IPermissionValueProvider |
|||
{ |
|||
string Name { get; } |
|||
|
|||
//TODO: Rename to GetResult? (CheckAsync throws exception by naming convention)
|
|||
Task<PermissionGrantResult> CheckAsync(PermissionValueCheckContext context); |
|||
|
|||
Task<MultiplePermissionGrantResult> CheckAsync(PermissionValuesCheckContext context); |
|||
} |
@ -0,0 +1,17 @@ |
|||
using Easy.DI; |
|||
|
|||
namespace Easy.Authorization.Abstractions; |
|||
public abstract class PermissionDefinitionProvider : IPermissionDefinitionProvider, ITransientDependency |
|||
{ |
|||
public virtual void PreDefine(IPermissionDefinitionContext context) |
|||
{ |
|||
|
|||
} |
|||
|
|||
public abstract void Define(IPermissionDefinitionContext context); |
|||
|
|||
public virtual void PostDefine(IPermissionDefinitionContext context) |
|||
{ |
|||
|
|||
} |
|||
} |
@ -0,0 +1,19 @@ |
|||
using Easy.Authorization.Realizations; |
|||
using System.Security.Claims; |
|||
|
|||
namespace Easy.Authorization.Contexts; |
|||
|
|||
public class PermissionValueCheckContext |
|||
{ |
|||
public PermissionDefinition Permission { get; } |
|||
|
|||
public ClaimsPrincipal Principal { get; } |
|||
|
|||
public PermissionValueCheckContext( |
|||
PermissionDefinition permission, |
|||
ClaimsPrincipal principal) |
|||
{ |
|||
Permission = permission; |
|||
Principal = principal; |
|||
} |
|||
} |
@ -0,0 +1,17 @@ |
|||
<Project Sdk="Microsoft.NET.Sdk"> |
|||
|
|||
<PropertyGroup> |
|||
<TargetFramework>net6.0</TargetFramework> |
|||
<ImplicitUsings>enable</ImplicitUsings> |
|||
<!--<Nullable>enable</Nullable>--> |
|||
</PropertyGroup> |
|||
|
|||
<ItemGroup> |
|||
<PackageReference Include="Microsoft.AspNetCore.Authorization" Version="6.0.2" /> |
|||
</ItemGroup> |
|||
|
|||
<ItemGroup> |
|||
<ProjectReference Include="..\Easy.DI\Easy.DI.csproj" /> |
|||
</ItemGroup> |
|||
|
|||
</Project> |
@ -0,0 +1,22 @@ |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Text; |
|||
using System.Threading.Tasks; |
|||
|
|||
namespace Easy.Authorization.Enums; |
|||
public enum PermissionGrantResult |
|||
{ |
|||
/// <summary>
|
|||
/// 代表当前无法确定是否授予或禁止权限, 返回UnDefined由其他权限值提供程序检查权限.
|
|||
/// </summary>
|
|||
Undefined, |
|||
/// <summary>
|
|||
/// 授予用户权限,如果没有其他的授权值提供程序返回 Prohibited, 那么最后会返回 Granted.
|
|||
/// </summary>
|
|||
Granted, |
|||
/// <summary>
|
|||
/// 禁止授权用户,任何一个授权值提供程序返回了 Prohibited, 那么其他的提供程序返回的值都不再重要.
|
|||
/// </summary>
|
|||
Prohibited |
|||
} |
@ -0,0 +1,30 @@ |
|||
using Easy.Authorization.Contexts; |
|||
using Easy.Authorization.Enums; |
|||
using System.Security.Claims; |
|||
|
|||
namespace Easy.Authorization.PermissionValueProviders; |
|||
public class RolePermissionValueProvider |
|||
{ |
|||
public const string ProviderName = "R"; |
|||
|
|||
|
|||
public override async Task<PermissionGrantResult> CheckAsync(PermissionValueCheckContext context) |
|||
{ |
|||
var roles = context.Principal?.FindAll(ClaimTypes.Role).Select(c => c.Value).ToArray(); |
|||
|
|||
if (roles == null || !roles.Any()) |
|||
{ |
|||
return PermissionGrantResult.Undefined; |
|||
} |
|||
|
|||
foreach (var role in roles.Distinct()) |
|||
{ |
|||
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, role)) |
|||
{ |
|||
return PermissionGrantResult.Granted; |
|||
} |
|||
} |
|||
|
|||
return PermissionGrantResult.Undefined; |
|||
} |
|||
} |
@ -0,0 +1,27 @@ |
|||
using Microsoft.AspNetCore.Authorization; |
|||
using Microsoft.Extensions.Options; |
|||
|
|||
namespace Easy.Authorization.Realizations; |
|||
public class CustomAuthorizationPolicyProvider : DefaultAuthorizationPolicyProvider |
|||
{ |
|||
public CustomAuthorizationPolicyProvider(IOptions<AuthorizationOptions> options) : base(options) |
|||
{ |
|||
} |
|||
|
|||
public override async Task<AuthorizationPolicy> GetPolicyAsync(string policyName) |
|||
{ |
|||
var policy = await base.GetPolicyAsync(policyName); |
|||
if (policy != null) |
|||
{ |
|||
return policy; |
|||
} |
|||
|
|||
//TODO: Optimize & Cache!
|
|||
var policyBuilder = new AuthorizationPolicyBuilder(Array.Empty<string>()); |
|||
policyBuilder.Requirements.Add(new PermissionRequirement(policyName)); |
|||
return policyBuilder.Build(); |
|||
|
|||
//return null;
|
|||
} |
|||
|
|||
} |
@ -0,0 +1,4 @@ |
|||
namespace Easy.Authorization.Realizations; |
|||
public class PermissionDefinition |
|||
{ |
|||
} |
@ -0,0 +1,29 @@ |
|||
using Easy.Authorization.Abstractions; |
|||
using System; |
|||
using System.Collections.Generic; |
|||
using System.Linq; |
|||
using System.Text; |
|||
using System.Threading.Tasks; |
|||
|
|||
namespace Easy.Authorization.Realizations; |
|||
public class PermissionDefinitionContext : IPermissionDefinitionContext |
|||
{ |
|||
|
|||
} |
|||
public class PermissionGroupDefinition |
|||
{ |
|||
public Dictionary<string, PermissionDefinition> Groups { get; } |
|||
|
|||
} |
|||
|
|||
public class PermissionDefinition |
|||
{ |
|||
/// <summary>
|
|||
/// 权限名称
|
|||
/// </summary>
|
|||
public string Name { get; set; } |
|||
/// <summary>
|
|||
/// 显示名称
|
|||
/// </summary>
|
|||
public string DisplayName { get; set; } |
|||
} |
@ -0,0 +1,17 @@ |
|||
using Microsoft.AspNetCore.Authorization; |
|||
|
|||
namespace Easy.Authorization.Realizations; |
|||
public class PermissionRequirement : IAuthorizationRequirement |
|||
{ |
|||
public string PermissionName { get; } |
|||
|
|||
public PermissionRequirement(string permissionName) |
|||
{ |
|||
PermissionName = permissionName; |
|||
} |
|||
|
|||
public override string ToString() |
|||
{ |
|||
return $"PermissionRequirement: {PermissionName}"; |
|||
} |
|||
} |
@ -0,0 +1,78 @@ |
|||
using AutoMapper; |
|||
using Easy.Result.Common; |
|||
|
|||
namespace Easy.Result.Extensions; |
|||
|
|||
public static class ApiResultExtensions |
|||
{ |
|||
/// <summary>
|
|||
/// 是成功
|
|||
/// </summary>
|
|||
static public bool IsSuccess<TSource>(this TSource source) |
|||
where TSource : ApiResult |
|||
{ |
|||
return source.Status.Equals(ApiResultConsts.SUCCESS); |
|||
} |
|||
/// <summary>
|
|||
/// 是重试
|
|||
/// </summary>
|
|||
static public bool IsRETRY<TSource>(this TSource source) |
|||
where TSource : ApiResult |
|||
{ |
|||
return source.Status.Equals(ApiResultConsts.RETRY); |
|||
} |
|||
/// <summary>
|
|||
/// 成功
|
|||
/// </summary>
|
|||
static public TSource SUCCESS<TSource>(this TSource source, string message = null) |
|||
where TSource : ApiResult |
|||
{ |
|||
return source.CustomStatusMessage("SUCCESS", message ?? "操作成功"); |
|||
} |
|||
/// <summary>
|
|||
/// 重试
|
|||
/// </summary>
|
|||
static public TSource RETRY<TSource>(this TSource source, string message = null) |
|||
where TSource : ApiResult |
|||
{ |
|||
return source.CustomStatusMessage("RETRY", message ?? "出错了,请稍后再试。"); |
|||
} |
|||
/// <summary>
|
|||
/// 自定义状态消息
|
|||
/// </summary>
|
|||
static public TSource CustomStatusMessage<TSource>(this TSource source, string status, string message) |
|||
where TSource : ApiResult |
|||
{ |
|||
source.Message = message; |
|||
source.Status = status; |
|||
return source; |
|||
} |
|||
static public TEntity ToEntity<TEntity>(this IModel model) |
|||
where TEntity : IEntity, new() |
|||
{ |
|||
return new Mapper(AutoMapReadonly.ConfigurationProvider).Map<TEntity>(model); |
|||
} |
|||
static public List<TEntity> ToEntities<TEntity>(this IModel models) |
|||
where TEntity : IEntity, new() |
|||
{ |
|||
return new Mapper(AutoMapReadonly.ConfigurationProvider).Map<List<TEntity>>(models); |
|||
} |
|||
static public ApiResultValue<TModel> ToModel<TModel>(this IEntity entity) |
|||
where TModel : IModel, new() |
|||
{ |
|||
return ApiResult.Value(new Mapper(AutoMapReadonly.ConfigurationProvider).Map<TModel>(entity) ?? new()); |
|||
} |
|||
static public ApiResultValues<TModel> ToModels<TModel>(this IEntities entities) |
|||
{ |
|||
return ApiResult.Value(new Mapper(AutoMapReadonly.ConfigurationProvider).Map<List<TModel>>(entities.Data) ?? new()); |
|||
} |
|||
static public ApiResultPaged<TModel> ToPagedModel<TModel>(this IPaged paged) |
|||
{ |
|||
return new ApiResultPaged<TModel>() |
|||
{ |
|||
Data = new Mapper(AutoMapReadonly.ConfigurationProvider).Map<List<TModel>>(paged.Data) ?? new(), |
|||
PageSize = paged.PageSize, |
|||
PageCount = paged.PageCount |
|||
}; |
|||
} |
|||
} |
Loading…
Reference in new issue