public async Task <IActionResult> OnPostMoveUpAsync(int id, string category)
{
if (await _permissionManager.MoveUpAsync(id, category))
{
var permission = await _permissionManager.GetPermissionAsync(id);
Log($"上移了权限“{permission.Text}”的位置!");
return(Success());
}
return(Error("上移权限失败!"));
}
/// <summary>
/// 验证当前权限的合法性。
/// </summary>
/// <param name="context">验证上下文。</param>
/// <param name="requirement">权限实例。</param>
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, OperationAuthorizationRequirement requirement)
{
var permissioName = requirement?.Name;
if (permissioName == null && context.Resource is ControllerActionDescriptor resource)
{
if (resource.RouteValues.TryGetValue("area", out string area))
{
permissioName = area + ".";
}
permissioName += $"{resource.ControllerName}.{resource.ActionName}";
}
if (permissioName == null)
{
context.Fail();
return;
}
var id = context.User.GetUserId();
if (id > 0)
{
var permission = await _permissionManager.GetPermissionAsync(id, permissioName);
if (permission == PermissionValue.Allow)
{
context.Succeed(requirement);
}
}
context.Fail();
}
