Added role based authorization base

2025-12-20 06:51:55 +00:00 · 2025-10-17 18:31:07 +02:00
parent 97e0d2523a
commit 724bb95809
5 changed files with 75 additions and 4 deletions
--- a/src/Controllers/HomeController.cs
+++ b/src/Controllers/HomeController.cs
@@ -113,6 +113,19 @@ public class HomeController : Controller
            [
                new(ClaimTypes.Name, username)
            ];
+            HashSet<string> roles = [];
+            foreach (string groupCn in authenticationResult.UserModel?.Description?.Groups ?? [])
+            {
+                GroupModel group = await _ldap.GetGroupByCnAsync(groupCn, _ldap.GroupsAttributes);
+                foreach (GroupPermission permission in group.Permissions)
+                {
+                    roles.Add(permission.ToString());
+                }
+            }
+            foreach (string role in roles)
+            {
+                claims.Add(new(ClaimTypes.Role, role));            
+            }

            var claimsIdentity = new ClaimsIdentity(
                claims,