protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
CanUpdateCommentAuthorizationRequirement requirement,
Sharporum.Domain.Entities.Comment comment)
{
if (CommentHelpers.UserOwnsComment(context.User.FindFirstValue("sub"), comment.AuthorId))
{
context.Succeed(requirement);
return(Task.CompletedTask);
}
context.Fail();
return(Task.CompletedTask);
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
CanDeleteCommentAuthorizationRequirement requirement,
Sharporum.Domain.Entities.Comment comment)
{
string roleBase = $"{nameof(Community)}/{comment.Post.CommunityId}";
if (context.User.HasClaim(JwtClaimTypes.Role, $"{roleBase}/{Roles.Admin}") ||
context.User.HasClaim(JwtClaimTypes.Role, $"{roleBase}/{Roles.Moderator}") ||
CommentHelpers.UserOwnsComment(context.User.FindFirstValue("sub"), comment.AuthorId))
{
context.Succeed(requirement);
return(Task.CompletedTask);
}
context.Fail();
return(Task.CompletedTask);
}
