protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement) { if (context.HasSucceeded) { // This handler is not revoking any pre-existing grants. return; } // If we are not evaluating a ContentItem then return. if (context.Resource == null) { return; } var contentItem = context.Resource as ContentItem; Permission permission = null; if (contentItem != null) { var ownerVariation = GetOwnerVariation(requirement.Permission); if (OwnerVariationExists(requirement.Permission) && HasOwnership(context.User, contentItem)) { permission = ownerVariation; } } var contentTypePermission = ContentTypePermissionsHelper.ConvertToDynamicPermission(permission ?? requirement.Permission); if (contentTypePermission != null) { // The resource can be a content type name var contentType = contentItem != null ? contentItem.ContentType : context.Resource.ToString() ; if (!String.IsNullOrEmpty(contentType)) { permission = ContentTypePermissionsHelper.CreateDynamicPermission(contentTypePermission, contentType); } } if (permission == null) { return; } // Lazy load to prevent circular dependencies _authorizationService ??= _serviceProvider.GetService <IAuthorizationService>(); if (await _authorizationService.AuthorizeAsync(context.User, permission)) { context.Succeed(requirement); } }
public Task <IEnumerable <Permission> > GetPermissionsAsync() { // manage rights only for Securable types var securableTypes = _contentDefinitionManager.ListTypeDefinitions() .Where(ctd => ctd.GetSettings <ContentTypeSettings>().Securable); var result = new List <Permission>(); foreach (var typeDefinition in securableTypes) { foreach (var permissionTemplate in ContentTypePermissionsHelper.PermissionTemplates.Values) { result.Add(ContentTypePermissionsHelper.CreateDynamicPermission(permissionTemplate, typeDefinition)); } } return(Task.FromResult(result.AsEnumerable())); }