Add custom authorization policies and minor Swagger fix

Introduce SenderOrReceiverFullyAuth and ReceiverFullyAuth policies for role-based authorization. Register these policies in Program.cs. Also, fix OpenApiReference type for Swagger security configuration.

EnvelopeGenerator.API/Program.cs

@@ -1,6 +1,7 @@
 using DigitalData.Core.API;
 using DigitalData.Core.Application;
 using EnvelopeGenerator.Infrastructure;
+using EnvelopeGenerator.Domain.Constants;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Localization;
 using Microsoft.EntityFrameworkCore;
@@ -93,7 +94,7 @@ try
             {
                 Reference = new OpenApiReference
                 {
-                    Type = ReferenceType.SecurityScheme,
+                    Type = Microsoft.OpenApi.Models.ReferenceType.SecurityScheme,
                     Id = "Bearer"
                 }
             },
@@ -176,6 +177,15 @@ try
         options.SlidingExpiration = true;
     });
 
+    builder.Services.AddAuthorization(options =>
+    {
+        options.AddPolicy(AuthorizationPolicies.SenderOrReceiverFullyAuth, policy =>
+            policy.RequireRole(Role.Sender, Role.Receiver.FullyAuth));
+
+        options.AddPolicy(AuthorizationPolicies.ReceiverFullyAuth, policy =>
+            policy.RequireRole(Role.Receiver.FullyAuth));
+    });
+
     // User manager
 #pragma warning disable CS0618 // Type or member is obsolete
     builder.Services.AddUserManager<EGDbContext>();

EnvelopeGenerator.Domain/Constants/AuthorizationPolicies.cs

@@ -0,0 +1,8 @@
+namespace EnvelopeGenerator.Domain.Constants
+{
+    public static class AuthorizationPolicies
+    {
+        public const string SenderOrReceiverFullyAuth = "SenderOrReceiverFullyAuth";
+        public const string ReceiverFullyAuth = "ReceiverFullyAuth";
+    }
+}