huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge remote-tracking branch 'ph1/Roles-PR' into dev

This commit is contained in:
Hao Kung 2016-01-04 13:13:40 -08:00
parent 5c33ecd895 9bf861307c
commit a8ef4df32a
2 changed files with 83 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Microsoft.AspNet.Authorization/AuthorizationPolicy.cs
View File

@ -88,7 +88,9 @@ namespace Microsoft.AspNet.Authorization
var rolesSplit = authorizeAttribute.Roles?.Split(',');
if (rolesSplit != null && rolesSplit.Any())
{
policyBuilder.RequireRole(rolesSplit);
var trimmedRolesSplit = rolesSplit.Where(r => !string.IsNullOrWhiteSpace(r)).Select(r => r.Trim());
policyBuilder.RequireRole(trimmedRolesSplit);
useDefaultPolicy = false;
}
var authTypesSplit = authorizeAttribute.ActiveAuthenticationSchemes?.Split(',');
@ -96,7 +98,10 @@ namespace Microsoft.AspNet.Authorization
{
foreach (var authType in authTypesSplit)
{
policyBuilder.AuthenticationSchemes.Add(authType);
if (!string.IsNullOrWhiteSpace(authType))
{
policyBuilder.AuthenticationSchemes.Add(authType.Trim());
}
}
}
if (useDefaultPolicy)

76
test/Microsoft.AspNet.Authorization.Test/AuthorizationPolicyFacts.cs
View File

@ -67,5 +67,81 @@ namespace Microsoft.AspNet.Authroization.Test
Assert.False(combined.Requirements.Any(r => r is DenyAnonymousAuthorizationRequirement));
Assert.Equal(2, combined.Requirements.OfType<ClaimsAuthorizationRequirement>().Count());
}
[Fact]
public void CombineMustTrimRoles()
{
// Arrange
var attributes = new AuthorizeAttribute[] {
new AuthorizeAttribute() { Roles = "r1 , r2" }
};
var options = new AuthorizationOptions();
// Act
var combined = AuthorizationPolicy.Combine(options, attributes);
// Assert
Assert.True(combined.Requirements.Any(r => r is RolesAuthorizationRequirement));
var rolesAuthorizationRequirement = combined.Requirements.OfType<RolesAuthorizationRequirement>().First();
Assert.Equal(2, rolesAuthorizationRequirement.AllowedRoles.Count());
Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r1")));
Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r2")));
}
[Fact]
public void CombineMustTrimAuthenticationScheme()
{
// Arrange
var attributes = new AuthorizeAttribute[] {
new AuthorizeAttribute() { ActiveAuthenticationSchemes = "a1 , a2" }
};
var options = new AuthorizationOptions();
// Act
var combined = AuthorizationPolicy.Combine(options, attributes);
// Assert
Assert.Equal(2, combined.AuthenticationSchemes.Count());
Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a1")));
Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a2")));
}
[Fact]
public void CombineMustIgnoreEmptyAuthenticationScheme()
{
// Arrange
var attributes = new AuthorizeAttribute[] {
new AuthorizeAttribute() { ActiveAuthenticationSchemes = "a1 , , ,,, a2" }
};
var options = new AuthorizationOptions();
// Act
var combined = AuthorizationPolicy.Combine(options, attributes);
// Assert
Assert.Equal(2, combined.AuthenticationSchemes.Count());
Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a1")));
Assert.True(combined.AuthenticationSchemes.Any(a => a.Equals("a2")));
}
[Fact]
public void CombineMustIgnoreEmptyRoles()
{
// Arrange
var attributes = new AuthorizeAttribute[] {
new AuthorizeAttribute() { Roles = "r1 , ,, , r2" }
};
var options = new AuthorizationOptions();
// Act
var combined = AuthorizationPolicy.Combine(options, attributes);
// Assert
Assert.True(combined.Requirements.Any(r => r is RolesAuthorizationRequirement));
var rolesAuthorizationRequirement = combined.Requirements.OfType<RolesAuthorizationRequirement>().First();
Assert.Equal(2, rolesAuthorizationRequirement.AllowedRoles.Count());
Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r1")));
Assert.True(rolesAuthorizationRequirement.AllowedRoles.Any(r => r.Equals("r2")));
}
}
}