search

Xabaril / Balea

Balea is an authorization framework for ASP.NET Core developers.
Apache License 2.0
246 stars 37 forks source link

UserProperty fails when multiple claims of the same type (permissions) #43

Closed lurumad closed 3 years ago

lurumad commented 3 years ago

When configuring UserPropertyBag ClaimMapping:

UserPropertyBag.ClaimMapping.Add("Permission", new[] { BaleaClaims.Permission });

and create a new policy like this:

"policies": [
  {
    "name": "MultiplePermissions",
    "content": "policy MultiplePermissions begin\r\n rule A (PERMIT) begin\r\n Subject.Permission = \"internalproducts.read\" OR Subject.Permission = \"internalproducts.readandwrite\" \r\n end \r\n end"
  }
]

The policy is not satisficed because returns the first claim value of the permissions and maybe it's not the correct value.

unaizorrilla commented 3 years ago

I don't remember well, but, can you use CONTAINS on BAL language

lurumad commented 3 years ago

You are right @unaizorrilla