protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleRequirement requirement)
{
if (!context.User.HasClaim(c => c.Type == InssClaimTypes.Organisation))
{
return;
}
var userEmail = context.User.GetNormalisedEmail();
var authorisedOrgIds = context.User.GetOrganisationIds();
var doesRoleUserExist = await _identityManagementRepository.CheckRoleUserExistsByEmailAsync(
userEmail,
requirement.RoleTypes,
authorisedOrgIds);
if (doesRoleUserExist)
{
context.Succeed(requirement);
}
return;
}
