winter-software/Wave
winter-software/Wave
1
0
Fork 0
Code Issues Wiki Activity

Added Role Policies

Browse source
This commit is contained in:
Mia Rose Winter 2024-01-16 13:52:24 +01:00
parent ff6bb53689
commit 424cb19b54
Signed by: miawinter
GPG key ID: 4B6F6A83178F595E
4 changed files with 15 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Wave/Components/Layout/NavMenu.razor
View file

@ -69,7 +69,7 @@
<NavLink ActiveClass="tab-active" class="tab" href="" Match="NavLinkMatch.All">Home</NavLink>
<NavLink ActiveClass="tab-active" class="tab" href="weather">Weather</NavLink>
<NavLink ActiveClass="tab-active" class="tab" href="auth">Auth Required</NavLink>
<AuthorizeView>
<AuthorizeView Policy="ArticleEditPermissions">
<Authorized>
<NavLink ActiveClass="tab-active" class="tab" href="article/new">New Article</NavLink>
</Authorized>

2
Wave/Components/Pages/ArticleEditor.razor
View file

@ -7,7 +7,7 @@
@using Microsoft.AspNetCore.Authorization
@using Microsoft.AspNetCore.Identity
@attribute [Authorize]
@attribute [Authorize(Policy = "ArticleEditPermissions")]
@inject IDbContextFactory<ApplicationDbContext> ContextFactory;
@inject NavigationManager Navigation
@inject UserManager<ApplicationUser> UserManager

2
Wave/Components/Pages/ArticleView.razor
View file

@ -10,7 +10,7 @@
<PageTitle>Wave - @Article.Title</PageTitle>
<h1 class="text-3xl lg:text-5xl font-light">@Article.Title</h1>
<AuthorizeView>
<AuthorizeView Policy="ArticleEditPermissions">
<Authorized>
<a class="btn btn-info my-3" href="article/@Article.Id/edit">Edit</a>
</Authorized>

17
Wave/Program.cs
View file

@ -1,4 +1,5 @@
using Microsoft.AspNetCore.Components.Authorization;
using Microsoft.AspNetCore.Components.Forms;
using Microsoft.AspNetCore.Components.Server;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
@ -20,13 +21,19 @@
builder.Services.AddScoped<IdentityRedirectManager>();
builder.Services.AddScoped<AuthenticationStateProvider, ServerAuthenticationStateProvider>();
builder.Services.AddAuthorization();
builder.Services.AddAuthentication(options =>
{
// Authors: Can create Articles, require them to be reviewed
// Reviewers: Can review Articles, but cannot create them themselves
// Moderators: Can delete Articles / take them Offline
// Admins: Can do anything, and assign roles to other users
builder.Services.AddAuthorizationBuilder()
.AddPolicy("ArticleEditPermissions", p => p.RequireRole("Author", "Admin"))
.AddPolicy("ArticleReviewPermissions", p => p.RequireRole("Reviewer", "Admin"))
.AddPolicy("ArticleDeletePermissions", p => p.RequireRole("Moderator", "Admin"))
.AddPolicy("RoleAssignPermissions", p => p.RequireRole("Admin"));
builder.Services.AddAuthentication(options => {
options.DefaultScheme = IdentityConstants.ApplicationScheme;
options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
})
.AddIdentityCookies();
}).AddIdentityCookies();
#endregion