예제 #1
0
        protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, AbacRequirement requirement)
        {
            if (context.User.Identity.IsAuthenticated)
            {
                try
                {
                    var policy = await _runtimeAuthorizationServerStore
                                 .GetPolicyAsync(requirement.Name);

                    if (policy is object)
                    {
                        Log.AbacAuthorizationHandlerIsEvaluatingPolicy(_logger, policy.Name, policy.Content);

                        var abacContext = await _abacAuthorizationContextFactory.Create(context);

                        var abacPolicy = AbacAuthorizationPolicy.CreateFromGrammar(policy.Content, WellKnownGrammars.Bal);

                        if (abacPolicy.IsSatisfied(abacContext))
                        {
                            Log.AbacAuthorizationHandlerEvaluationSuccesss(_logger, policy.Name);
                            context.Succeed(requirement);
                            return;
                        }
                    }
                }
                catch (Exception ex)
                {
                    Log.AbacAuthorizationHandlerThrow(_logger, ex);
                }
            }

            context.Fail();
        }