static bool IsAdddressOwnerMethod(AuthorizationHandlerContext context)
{
Claim claim = null;
if (context.User.IsInRole(IdentityRoleNames.Employees))
{
claim = context.User.Claims.FirstOrDefault(c => c.Value == CustomerPermissionValues.ViewAddress);
if (claim == null)
{
return(false);
}
else
{
return(true);
}
}
else
{
AuthorizationFilterContext filterContext = (AuthorizationFilterContext)context.Resource;
IAddressRepository addressRepository = filterContext.HttpContext.RequestServices.GetRequiredService <IAddressRepository>();
var customerId = filterContext.RouteData.Values["customerId"].ToString();
var addressId = filterContext.RouteData.Values["addressId"].ToString();
return(addressRepository.CheckIfCustomerIsAddressOwner(int.Parse(customerId), int.Parse(addressId)));
}
}
