Menu
I am creating a web application using Asp.Net Core 1.1.1 and its Authorization/Authentication system.
In my startup.cs file I have configured the various policies I need:
public void ConfigureServices(IServiceCollection services)
{
servizi.AddAuthorization(options =>
{
options.AddPolicy("Insert", policyBuilder => policyBuilder .RequireClaim("AllowInsert"));
options.AddPolicy("Update", policyBuilder => policyBuilder .RequireClaim("AllowUpdate"));
options.AddPolicy("Delete", policyBuilder => policyBuilder .RequireClaim("AllowDelete"));
});
}
Then in a controller I have assigned the claims to a role (the Administrator role):
public async Task<IActionResult> AssignClaimstoAdminRole()
{
await _roleManager.AddClaimAsync(await _roleManager.FindByNameAsync("Administrator"), new Claim("AllowInsert", "true"));
await _roleManager.AddClaimAsync(await _roleManager.FindByNameAsync("Administrator"), new Claim("AllowUpdate", "true"));
await _roleManager.AddClaimAsync(await _roleManager.FindByNameAsync("Administrator"), new Claim("AllowDelete", "true"));
await _loginManager.RefreshSignInAsync(await _userManager.FindByNameAsync(User.Identity.Name));
return RedirectToAction("SomeAction", "MyController");
}
and finally I have protected my views injecting the Authorization Service:
@using Microsoft.AspNetCore.Authorization
@inject IAuthorizationService AuthorizationService
@if (await AuthorizationService.AuthorizeAsync(User, "Insert"))
{
<i role="submit" class="fa fa-floppy-o fa-2x"></i>
}
My question is: I would like to retrieve the list of the policies created in startup.cs, so that eventually I can build a page to add other users/roles assigning them one or more policies already present in the system.
Is there an object which exposes the collection of previously added policies? Thanks in advance!
270
In ASP.NET Core, the policy-based authorization framework is designed to decouple authorization and application logic. Simply put, a policy is an entity devised as a collection of requirements, which themselves are conditions that the current user must meet.
SignInAsync(HttpContext, String, ClaimsPrincipal, AuthenticationProperties) Sign in a principal for the specified scheme.
ASP.NET supports Forms Authentication, Passport Authentication, and Windows authentication providers. The mode is set to one of the authentication modes: Windows, Forms, Passport, or None. The default is Windows.
The CookieAuthenticationDefaults. AuthenticationScheme GitHub Source shows it's set to "Cookies" . The authentication cookie's IsEssential property is set to true by default. Authentication cookies are allowed when a site visitor hasn't consented to data collection.
Better rely on claims. You always has access to the list of claims.
I'm currently working on this, where application's controllers use policies to grant access, and my menu builder uses claims to add or skip menu item.
I've thought that I can use the same string for claim value and policy name, thus easier to manage.
I've found an interesting article too, about complex filtering, policies and claims: https://andrewlock.net/custom-authorisation-policies-and-requirements-in-asp-net-core/
106
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
