using Manager.Interfaces.Models; using ManagerService.Data; using System.Collections.Generic; namespace ManagerService.Service { internal static class Security { public const string Scope = "Manager-api"; public static class Permissions { public const string SuperAdmin = "Manager.superadmin"; public const string InstanceAdmin = "Manager.instanceadmin"; public const string ContentEditor = "Manager.contenteditor"; public const string Viewer = "Manager.viewer"; public const string AppRead = "Manager.appread"; } public static class Policies { public const string SuperAdmin = "Manager.SuperAdministration"; public const string InstanceAdmin = "Manager.Administration"; public const string ContentEditor = "Manager.Content"; public const string Viewer = "Manager.ReadOnly"; public const string AppReadAccess = "Manager.AppReadAccess"; } public static readonly Dictionary RolePermissions = new() { [UserRole.SuperAdmin] = new[] { Permissions.SuperAdmin, Permissions.InstanceAdmin, Permissions.ContentEditor, Permissions.Viewer }, [UserRole.InstanceAdmin] = new[] { Permissions.InstanceAdmin, Permissions.ContentEditor, Permissions.Viewer }, [UserRole.ContentEditor] = new[] { Permissions.ContentEditor, Permissions.Viewer }, [UserRole.Viewer] = new[] { Permissions.Viewer }, }; public static class ClaimTypes { public const string Permission = "Permission"; public const string InstanceId = "InstanceId"; public const string AppType = "AppType"; } public static readonly Policy[] PoliciesConfiguration = new[] { new Policy { Name = Policies.SuperAdmin, Claims = new[] { Permissions.SuperAdmin } }, new Policy { Name = Policies.InstanceAdmin, Claims = new[] { Permissions.InstanceAdmin } }, new Policy { Name = Policies.ContentEditor, Claims = new[] { Permissions.ContentEditor } }, new Policy { Name = Policies.Viewer, Claims = new[] { Permissions.Viewer } }, }; } }