protected override Task HandleRequirementAsync( AuthorizationHandlerContext context, UserMustBeTourManagerRequirement requirement) { if (_userInfoService.Role == requirement.Role) { context.Succeed(requirement); return(Task.FromResult(0)); } var filterContext = context.Resource as AuthorizationFilterContext; if (filterContext == null) { context.Fail(); return(Task.FromResult(0)); } var tourId = filterContext.RouteData.Values["tourId"].ToString(); if (!Guid.TryParse(tourId, out Guid tourIdAsGuid)) { context.Fail(); return(Task.FromResult(0)); } if (!Guid.TryParse(_userInfoService.UserId, out Guid userIdAsGuid)) { context.Fail(); return(Task.FromResult(0)); } if (!_tourManagementRepository.IsTourManager(tourIdAsGuid, userIdAsGuid).Result) { context.Fail(); return(Task.FromResult(0)); } context.Succeed(requirement); return(Task.FromResult(0)); }
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleAuthorizationRequirement requirement) { if (_userInfoService.Role == requirement.Role) { context.Succeed(requirement); return(Task.FromResult(0)); } if (Guid.TryParse(context.Resource.ToString(), out Guid tourManagerId)) { if (Guid.TryParse(_userInfoService.UserId, out Guid userId)) { if (tourManagerId == userId) { context.Succeed(requirement); return(Task.FromResult(0)); } } context.Fail(); return(Task.FromResult(0)); } var requestContext = context.Resource as AuthorizationFilterContext; if (requestContext == null) { context.Fail(); return(Task.FromResult(0)); } var tourParam = requestContext.RouteData.Values["tourId"] as string; if (tourParam == null) { context.Fail(); return(Task.FromResult(0)); } if (!Guid.TryParse(tourParam, out Guid tourId)) { context.Fail(); return(Task.FromResult(0)); } /* if (!Guid.TryParse(_userInfoService.UserId, out userId)) * { * context.Fail(); * return Task.FromResult(0); * } */ bool isCurrentUserTourManager = _tourManagementRepository.IsTourManager(tourId, Guid.Parse(_userInfoService.UserId)).Result; if (!isCurrentUserTourManager) { context.Fail(); return(Task.FromResult(0)); } context.Succeed(requirement); return(Task.FromResult(0)); }