public Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (permissionIds.Length > 0) { var set = new PermissionSet( context.HttpContext.User.FindAll(SquidexClaimTypes.Permissions) .Select(x => x.Value) .Select(x => new Permission(x))); var hasPermission = false; foreach (var permissionId in permissionIds) { var id = permissionId; foreach (var routeParam in context.RouteData.Values) { id = id.Replace($"{{{routeParam.Key}}}", routeParam.Value?.ToString()); } hasPermission |= set.Allows(new Permission(id)); } if (!hasPermission) { context.Result = new StatusCodeResult(403); return(TaskHelper.Done); } } return(next()); }
private static bool HasPermission(PermissionSet permissions, ISchemaEntity schema) { var permission = Permissions.ForApp(Permissions.AppContentsRead, schema.AppId.Name, schema.SchemaDef.Name); return(permissions.Allows(permission)); }
public static bool HasPermission(this HttpContext httpContext, Permission permission, PermissionSet?additional = null) { return(httpContext.Permissions().Allows(permission) || additional?.Allows(permission) == true); }
public static bool HasPermission(this ApiController controller, Permission permission, PermissionSet?additional = null) { return(controller.HttpContext.HasPermission(permission) || additional?.Allows(permission) == true); }
public static bool Allows(this PermissionSet permissions, string id, string app = Permission.Any, string schema = Permission.Any) { var permission = ForApp(id, app, schema); return(permissions.Allows(permission)); }