public HospitalsController(ApplicationDbContext context,
Microsoft.AspNetCore.Authorization.IAuthorizationService authorizationService,
UserManager <ApplicationUser> userManager, IConfiguration configuration)
: base(context, authorizationService, userManager)
{
_configuration = configuration;
}
public async Task <IActionResult> Get(int id, [FromServices] Microsoft.AspNetCore.Authorization.IAuthorizationService authorizationService)
{
Order order = orderService.Get(id);
var authorizationResult = await authorizationService.AuthorizeAsync(User, order, new TheSameAuthorRequirement());
if (authorizationResult.Succeeded)
{
return(Ok(order));
}
else if (User.Identity.IsAuthenticated)
{
return(Forbid());
}
else
{
return(Challenge());
}
}
