protected virtual async Task BasicCheckAsync(string permissionName, AuthorizationHandlerContext context,
OperationAuthorizationRequirement requirement, FileOperationInfoModel resource)
{
await SetFailIfUserDoesNotHavePermissionAsync(permissionName, context);
await SetSucceedIfUserIsManagerAsync(context, requirement);
var configuration = _configurationProvider.Get(resource.FileContainerName);
await SetFailIfUserIsNotPersonalContainerOwnerAsync(configuration, context, resource);
}
protected virtual Task SetFailIfUserIsNotPersonalContainerOwnerAsync(FileContainerConfiguration configuration,
AuthorizationHandlerContext context, FileOperationInfoModel resource)
{
if (configuration.FileContainerType == FileContainerType.Private &&
resource.OwnerUserId != context.User.FindUserId())
{
context.Fail();
}
return(Task.CompletedTask);
}
protected override async Task HandleDeleteAsync(AuthorizationHandlerContext context,
OperationAuthorizationRequirement requirement, FileOperationInfoModel resource)
{
await BasicCheckAsync(FileManagementPermissions.File.Delete, context, requirement, resource);
}
