public async Task <ActionResult <ChatGroupDTO> > GetChatGroupByUuid(Guid chatGroupUuid) { string userEmail = User.FindFirstValue(ClaimTypes.Email); User user = await _userManager.FindByEmailAsync(userEmail); if (user == null) { return(Forbid()); } ChatGroupUser chatGroupUser = await _chatGroupUserService.GetByUserAndChatGroupAsync( user.Id, chatGroupUuid); // Check if user is authorized to read users for the chat group AuthorizationResult isAuthorized = await _authorizationService.AuthorizeAsync( User, chatGroupUser, Operations.Create); if (!isAuthorized.Succeeded) { return(Forbid()); } return(Ok(await _chatGroupService.GetByUuidAsync(chatGroupUuid))); }
/// <summary> /// Authorize a user creating a chat message for a chat group using the Signalr ChatHub /// </summary> /// <param name="context"></param> /// <param name="requirement"></param> /// <param name="resource"></param> /// <returns></returns> protected override async Task <Task> HandleRequirementAsync(AuthorizationHandlerContext context, UserCanCreateChatMessageRequirement requirement, HubInvocationContext resource) { if (context.User == null) { return(Task.CompletedTask); } Claim userEmail = resource.Context.User.FindFirst(ClaimTypes.Email); User user = await _userManager.FindByEmailAsync(userEmail.Value.ToString()); if (user == null) { return(Task.CompletedTask); } if (resource.HubMethodArguments.Count == 0) { return(Task.CompletedTask); } CreateChatMessageDTO chatMessageDTO = resource.HubMethodArguments[0] as CreateChatMessageDTO; ChatGroupUser chatGroupUser = await _chatGroupUserService.GetByUserAndChatGroupAsync( user.Id, chatMessageDTO.ChatGroupUuid); if (user != null && chatGroupUser != null && chatGroupUser.UserId.Equals(user.Id)) { //User is chat group member context.Succeed(requirement); } return(Task.CompletedTask); }
public async Task <ActionResult <ChatMessageResponse> > CreateChatMessage([FromBody] CreateChatMessageDTO chatMessageDTO) { string userEmail = User.FindFirstValue(ClaimTypes.Email); User user = await _userManager.FindByEmailAsync(userEmail); if (user == null) { return(NotFound(new ChatMessageResponse { Success = false, ErrorMessage = "User does not exist" })); } ChatGroupUser chatGroupUser = await _chatGroupUserService.GetByUserAndChatGroupAsync( user.Id, chatMessageDTO.ChatGroupUuid); // Check if user is authorized to create chat messages for the chat group AuthorizationResult isAuthorized = await _authorizationService.AuthorizeAsync( User, chatGroupUser, Operations.Create); if (!isAuthorized.Succeeded) { return(Forbid()); } CreateChatMessage chatMessage = new CreateChatMessage { User = user, Message = chatMessageDTO.Message, ChatGroupUuid = chatMessageDTO.ChatGroupUuid }; ChatMessageResponse createRes = await _chatMessageService.CreateChatMessageAsync(chatMessage); // Broadcast message to only clients who are members of the chat group await _chatHubContext.Clients.Group(chatMessageDTO.ChatGroupUuid.ToString()).SendAsync("ReceiveMessage", createRes); return(createRes); }