- جائیکه قرار است Roles یا Claims با هم «And» شوند از روش متداول استفاده کنید:
options.AddPolicy("ElevatedRights",
policyBuilder => policyBuilder.RequireRole("Administrator", "PowerUser", "BackupAdministrator")); policyBuilder => policyBuilder
.RequireClaim("VIPNumber")
.RequireClaim("EmployeeNumber")
.RequireRole("CEO")); services.AddAuthorization(options =>
{
options.AddPolicy(
"CanAccessVIPArea",
policyBuilder => policyBuilder.RequireAssertion(
context => context.User.HasClaim(claim =>
claim.Type == "VIPNumber"
|| claim.Type == "EmployeeNumber")
|| context.User.IsInRole("CEO"))
);
}); 
