protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
if (context.HasSucceeded)
{
// This handler is not revoking any pre-existing grants.
return;
}
if (requirement.Permission.Name != Permissions.ManageMediaFolder.Name)
{
return;
}
if (context.Resource == null)
{
return;
}
_pathSeparator = _fileStore.Combine("a", "b").Contains('/') ? '/' : '\\';
// ensure end trailing slash
_mediaFieldsFolder = _fileStore.NormalizePath(_attachedMediaFieldFileService.MediaFieldsFolder)
.TrimEnd(_pathSeparator) + _pathSeparator;
_usersFolder = _fileStore.NormalizePath(_mediaOptions.AssetsUsersFolder)
.TrimEnd(_pathSeparator) + _pathSeparator;
var path = context.Resource as string;
string userOwnFolder = _fileStore.NormalizePath(
_fileStore.Combine(_usersFolder, _userAssetFolderNameProvider.GetUserAssetFolderName(context.User)))
.TrimEnd(_pathSeparator) + _pathSeparator;
Permission permission = Permissions.ManageMedia;
// handle attached media field folder
if (IsAuthorizedFolder(_mediaFieldsFolder, path) || IsDescendantOfauthorizedFolder(_mediaFieldsFolder, path))
{
permission = Permissions.ManageAttachedMediaFieldsFolder;
}
if (IsAuthorizedFolder(_usersFolder, path) || IsAuthorizedFolder(userOwnFolder, path) || IsDescendantOfauthorizedFolder(userOwnFolder, path))
{
permission = Permissions.ManageOwnMedia;
}
if (IsDescendantOfauthorizedFolder(_usersFolder, path) && !IsAuthorizedFolder(userOwnFolder, path) && !IsDescendantOfauthorizedFolder(userOwnFolder, path))
{
permission = Permissions.ManageOthersMedia;
}
// Lazy load to prevent circular dependencies
var authorizationService = _serviceProvider.GetService <IAuthorizationService>();
if (await authorizationService.AuthorizeAsync(context.User, permission))
{
context.Succeed(requirement);
}
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
{
if (context.HasSucceeded)
{
// This handler is not revoking any pre-existing grants.
return;
}
if (requirement.Permission.Name != Permissions.ManageAttachedMediaFieldsFolder.Name)
{
return;
}
if (context.Resource == null)
{
return;
}
_pathSeparator = _fileStore.Combine("a", "b").Contains("/") ? "/" : "\\";
// ensure end trailing slash
_mediaFieldsFolder = _fileStore.NormalizePath(_attachedMediaFieldFileService.MediaFieldsFolder)
.TrimEnd(_pathSeparator.ToCharArray()) + _pathSeparator;
var path = context.Resource as string;
if (!IsMediaFieldsFolder(path) && !IsDescendantOfMediaFieldsFolder(path))
{
context.Succeed(requirement);
}
// If we get to here, the path is on the media fields folder and the user must have the ManageMediaFieldsFolder permission.
// Lazy load to prevent circular dependencies
var authorizationService = _serviceProvider.GetService <IAuthorizationService>();
if (await authorizationService.AuthorizeAsync(context.User, Permissions.ManageAttachedMediaFieldsFolder))
{
context.Succeed(requirement);
}
}
