Beispiel #1
0
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
                                                       CanUpdatePostAuthorizationRequirement requirement,
                                                       Sharporum.Domain.Entities.Post post)
        {
            if (PostHelpers.UserOwnsPost(context.User.FindFirstValue("sub"), post.AuthorId))
            {
                context.Succeed(requirement);
                return(Task.CompletedTask);
            }

            context.Fail();
            return(Task.CompletedTask);
        }
Beispiel #2
0
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
                                                       CanDeletePostAuthorizationRequirement requirement,
                                                       Sharporum.Domain.Entities.Post post)
        {
            string roleBase = $"{nameof(Community)}/{post.CommunityId}";

            if (context.User.HasClaim(JwtClaimTypes.Role, $"{roleBase}/{Roles.Admin}") ||
                context.User.HasClaim(JwtClaimTypes.Role, $"{roleBase}/{Roles.Moderator}") ||
                PostHelpers.UserOwnsPost(context.User.FindFirstValue("sub"), post.AuthorId))
            {
                context.Succeed(requirement);
                return(Task.CompletedTask);
            }

            context.Fail();
            return(Task.CompletedTask);
        }