Skip to main content

defaulteqauthprovider-class

The default implementation of the Korzh.EasyQuery.Services.IEqAuthProvider interface. Contains several methods which allow to mark some EasyQuery actions as "anonymous" (so they can be accessed by any user) and to restrict the access to them depening on user role.

public class Korzh.EasyQuery.Services.DefaultEqAuthProvider
: IEqAuthProvider

Assembly: Korzh.EasyQuery.AspNetCore.dll

Constructors

NameTypeDescription
DefaultEqAuthProvider(IServiceProvider services)voidInitializes a new instance of the Korzh.EasyQuery.Services.DefaultEqAuthProvider class.

Fields

NameTypeDescription
ActionGuardsDictionary<string, Func<CancellationToken, Task<bool>>>Contains the dictionary of action guards. Each EasyQuery action has a function (guard) which return true if this action can be accessed by the current user
AuthServiceIAuthorizationServiceThe authorization service for policy
UserClaimsPrincipalThe current user

Methods

NameTypeDescription
AllowAnonymous(String[] actions)DefaultEqAuthProviderSets anonymous access for the actions specified in the parameter.
FillDefaultActionGuards()voidFills the Korzh.EasyQuery.Services.DefaultEqAuthProvider.ActionGuards list with the default guards. The default setup includes the following 2 rules: 1. All actions requires authorization. 2. NewQuery, SaveQuery and RemoveQuery actions requires also the "EasyQuery Manager" (eqmanager) role.
GetAuthorizedGuard()Func<CancellationToken, Task<bool>>Gets the guard functions which returnc true only if the current user is authenticated.
GetGrantAccessForPolicyGuard(string policy)Func<CancellationToken, Task<bool>>Gets the guard functions which returnc true only if the current user with specified policy.
GetGrantAccessForRolesGuard(String[] roles)Func<CancellationToken, Task<bool>>Gets the guard functions which grants access only for users with the specifeid roles.
GrantAccessForRoles(string action, String[] roles)DefaultEqAuthProviderGrants the access to specified action for one more roles passed in the second parameter.
IsAuthorizedAsync(EasyQueryManager eqManager, string action, CancellationToken ct = null)Task<bool>Determines whether the current user can get access to the the specified action.
RequireAuthorization(String[] actions)DefaultEqAuthProviderSets the restricted access for the specified actions (only authorized users can access them).
RequirePolicy(string policy, String[] actions)DefaultEqAuthProviderRestricts the access to the actions specified in the second parameter by the user policy passed in the first parameter.
RequireRole(string role, String[] actions)DefaultEqAuthProviderRestricts the access to the actions specified in the second parameter by the user role passed in the first parameter.

Static Fields

NameTypeDescription
EqManagerRolestringThe default ID for "EasyQuery Manager" role The user with this role can access the actions which modify queries in the storage.