protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, DynamicPermissionRequirement requirement) { var mvcContext = context.Resource as AuthorizationFilterContext; if (mvcContext == null) { return(Task.CompletedTask); } var actionDescriptor = mvcContext.ActionDescriptor; var controller = actionDescriptor.RouteValues["controller"]; var action = actionDescriptor.RouteValues["action"]; var user = mvcContext.HttpContext.User; if (user == null) { context.Fail(); return(Task.CompletedTask); } var roleClaim = user.Claims.FirstOrDefault(x => x.Type == ClaimTypes.Role); if (roleClaim == null) { context.Fail(); return(Task.CompletedTask); } if (_permissionService.CanCurrentUserAccess(controller, action, roleClaim.Value).Result) { context.Succeed(requirement); return(Task.CompletedTask); } else { context.Fail(); return(Task.CompletedTask); } }