private bool TokenGrantsPermissionForCommand(Command command, CommandData data, Entity target, Permission permission)
{
var header = data.Headers;
if (header == null)
{
return(false);
}
var token = header.Token;
if (token != null && TokenManager.Instance.IsTokenValid(token, target, data.SenderId) &&
(target as Core.IHasScopes).AvailableScopes
.IsAllowedToExecute(token.Scopes, command.Slug))
{
// the token allows us to execute this, but is the token issuer authorized?
var temp = new CommandData(data);
temp.SenderId = token.Issuer;
return(permission.CheckPermission(data, target));
}
return(false);
}
public override bool CheckPermission(CommandData data, Entity target)
{
return(firstPermission.CheckPermission(data, target) || secondPermission.CheckPermission(data, target));
}
