/// <inheritdoc /> protected override Task HandleRequirementAsync ( AuthorizationHandlerContext context, ResourceOwnerRequirement requirement, Picture picture ) { var userID = this.GetInvocationUserID(context); if ( // The invoking user is the same as the api parameter userID == picture.UserID && // The picture belongs to the invoking user (which is the same as the api parameter) picture.ID == default(Guid) || this.Repository.PictureBelongsToUser(picture.UserID, picture.ID).Result ) { context.Succeed(requirement); } else { context.Fail(); } return(Task.CompletedTask); }
/// <inheritdoc /> protected override Task HandleRequirementAsync ( AuthorizationHandlerContext context, ResourceOwnerRequirement requirement, Message message ) { var userID = this.GetInvocationUserID(context); if ( // The invoking user is the same as the api parameter userID == message.SenderID || userID == message.RecipientID && // The message belongs to the invoking user (which is the same as the api parameter) message.ID == default(Guid) && message.ID == default(Guid) || this.Repository.MessageBelongsToUser(userID, message.ID).Result) { context.Succeed(requirement); } else { context.Fail(); } return(Task.CompletedTask); }
/// <inheritdoc /> protected override Task HandleRequirementAsync ( AuthorizationHandlerContext context, ResourceOwnerRequirement requirement, User user ) { var userID = this.GetInvocationUserID(context); if (userID == user.ID) { context.Succeed(requirement); } else { context.Fail(); } return(Task.CompletedTask); }
/// <inheritdoc /> protected override Task HandleRequirementAsync ( AuthorizationHandlerContext context, ResourceOwnerRequirement requirement, User user ) { var userID = this.GetInvocationUserID(context); if (userID == user.ID || user.ID == default(Guid)) { context.Succeed(requirement); } else { context.Fail(); } return(Task.FromResult(0)); }