Ejemplo n.º 1
0
        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context,
                                                             OperationRequirement requirement, Mod resource)
        {
            if (CheckSuperUser(context, requirement))
            {
                return;
            }

            var methodInfo = GetHandler(requirement);

            if (methodInfo == null)
            {
                return;
            }

            var userId = context.User.FindFirstValue(ClaimTypes.NameIdentifier);

            var membership =
                await _dbContext.OrgMembers.SingleOrDefaultAsync(
                    m => m.OrgId == resource.OwnerId && m.User.Id == userId);

            var authorized = (bool)methodInfo.Invoke(null, new object[] { membership });

            if (authorized)
            {
                context.Succeed(requirement);
            }
        }
Ejemplo n.º 2
0
        protected MethodInfo GetHandler(OperationRequirement requirement)
        {
            var name = $"{requirement.Operation.ToString()}Op";
            var type = GetType();

            return(type.GetMethod(name, BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Static));
        }
Ejemplo n.º 3
0
        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
                                                       OperationRequirement requirement,
                                                       Org resource)
        {
            _logger.LogDebug($"Handling OperationRequirement: {requirement.Operation.ToString()}");

            if (CheckSuperUser(context, requirement))
            {
                return(Task.CompletedTask);
            }

            var userId     = context.User.FindFirstValue(ClaimTypes.NameIdentifier);
            var membership = _dbContext.OrgMembers.SingleOrDefault(m => m.Org == resource && m.User.Id == userId);
            var methodInfo = GetHandler(requirement);

            if (methodInfo != null)
            {
                var authorized = (bool)methodInfo.Invoke(null, new object[] { membership });

                if (authorized)
                {
                    context.Succeed(requirement);
                }
            }

            return(Task.CompletedTask);
        }
Ejemplo n.º 4
0
        protected bool CheckSuperUser(AuthorizationHandlerContext context, OperationRequirement requirement)
        {
            if (!context.User.IsInRole(UserRoles.Admin.ToString()))
            {
                return(false);
            }

            context.Succeed(requirement);
            return(true);
        }