protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, BankAccountOperationsAuthorizationPolicyRequirement requirement) { var mvcContext = context.Resource as Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext; string idParam = mvcContext.HttpContext.Request.Path.Value.Split(new char[] { '/' }).Last(); var id = mvcContext.ActionDescriptor.Id; BankAccountRepository bankAccountRepo = new BankAccountRepository((int)UserEnum.SystemUser); int accountOwnerUserID = bankAccountRepo.GetBankAccountOwnerId(Int32.Parse(idParam)); if (accountOwnerUserID == ClaimHelpers.GetUserIDClaimValue((ClaimsIdentity)context.User.Identity)) { context.Succeed(requirement); } if (context.User.Claims.Any(c => c.Value == requirement.RoleName)) { context.Succeed(requirement); } return(Task.CompletedTask); }