public async Task <IActionResult> NursesOnly()
{
// can also use the client library imperatively
var isNurse = await _client.IsInRoleAsync(User, "nurse");
return(View("Success"));
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, MedicationRequirement requirement)
{
var user = context.User; var allowed = false;
if (await _client.HasPermissionAsync(user, "PrescribeMedication"))
{
if (requirement.Amount <= 10)
{
allowed = true;
}
else
{
allowed = await _client.IsInRoleAsync(user, "doctor");
}
if (allowed || requirement.MedicationName == "placebo")
{
context.Succeed(requirement);
}
}
}