protected override async Task HandleDeleteAsync(AuthorizationHandlerContext context, DynamicEntityOperationAuthorizationRequirement requirement, DynamicEntityOperationInfoModel resource) { if (resource.ModelDefinition.PermissionSet.AnonymousDelete) { context.Succeed(requirement); return; } await SetSucceedIfHasPermissionAsync(resource.ModelDefinition.PermissionSet.Delete, context, requirement); }
protected virtual async Task SetSucceedIfHasPermissionAsync([CanBeNull] string permission, AuthorizationHandlerContext context, DynamicEntityOperationAuthorizationRequirement requirement) { if (!_currentPrincipalAccessor.Principal.Identity.IsAuthenticated) { return; } if (!permission.IsNullOrWhiteSpace() && !await _permissionChecker.IsGrantedAsync(permission)) { return; } context.Succeed(requirement); }