public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var roles = context.Principal?.FindAll(JwtClaimTypes.Role)
.Where(c => !string.IsNullOrWhiteSpace(c.Value))
.Select(c => new Role(c.Value))
.ToArray();
if (!string.IsNullOrWhiteSpace(context.ScopeId))
{
roles = roles?.Where(r => r.ScopeId == context.ScopeId)
.ToArray();
}
if (roles == null || !roles.Any())
{
return(PermissionGrantResult.Undefined);
}
foreach (var role in roles)
{
if (await PermissionStore.IsGrantedAsync(context.Permission.Name,
Name,
role.Name,
role.ScopeId,
context.TenantId))
{
return(PermissionGrantResult.Granted);
}
}
return(PermissionGrantResult.Undefined);
}
public async Task <bool> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string name, string scope = null)
{
if (string.IsNullOrWhiteSpace(name))
{
throw new ArgumentException("Value cannot be null or whitespace.", nameof(name));
}
var permission = PermissionDefinitionManager.Get(name);
var isGranted = false;
var context = new PermissionValueCheckContext(permission, claimsPrincipal, scope);
foreach (var provider in PermissionValueProviderManager.ValueProviders)
{
var result = await provider.CheckAsync(context);
if (result == PermissionGrantResult.Granted)
{
isGranted = true;
}
else if (result == PermissionGrantResult.Prohibited)
{
return(false);
}
}
return(isGranted);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var userId = context.UserId;
var tenantId = context.TenantId;
if (userId == null)
{
return(PermissionGrantResult.Undefined);
}
return(await PermissionStore.IsGrantedAsync(context.Permission.Name,
Name,
userId,
context.ScopeId,
tenantId)
? PermissionGrantResult.Granted
: PermissionGrantResult.Undefined);
}
public abstract Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context);
