Skip to content

Commit 98ae691

Browse files
replaysMikereplaysMike
committed
Adds a quick patch for missing controller policy definitions
1 parent faefca6 commit 98ae691

File tree

1 file changed

+13
-0
lines changed

1 file changed

+13
-0
lines changed

‎Binner/Binner.Web/WebHost/Startup.cs‎

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -101,6 +101,19 @@ public void ConfigureServices(IServiceCollection services)
101101
policy.RequireAuthenticatedUser();
102102
policy.RequireClaim(JwtClaimTypes.CanLogin, true.ToString());
103103
});
104+
// add subscription access policies, a pro can access all Maker authorizations, as well as pro
105+
// note: these just limit access to the controllers, but the underlying security comes from LicensedProvider.
106+
// removing the restrictions will not give access to functionality.
107+
options.AddPolicy(AuthorizationPolicies.MakerSubscription, policy =>
108+
{
109+
policy.RequireAuthenticatedUser();
110+
policy.RequireClaim(JwtClaimTypes.SubscriptionLevel, SubscriptionLevel.Maker.ToString(), SubscriptionLevel.Professional.ToString(), SubscriptionLevel.Enterprise.ToString());
111+
});
112+
options.AddPolicy(AuthorizationPolicies.ProfessionalSubscription, policy =>
113+
{
114+
policy.RequireAuthenticatedUser();
115+
policy.RequireClaim(JwtClaimTypes.SubscriptionLevel, SubscriptionLevel.Professional.ToString(), SubscriptionLevel.Enterprise.ToString());
116+
});
104117
});
105118

106119
services.AddLogging(logging =>

0 commit comments

Comments
 (0)