public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context) { var roles = context.Principal?.FindAll(JwtClaimTypes.Role) .Where(c => !string.IsNullOrWhiteSpace(c.Value)) .Select(c => new Role(c.Value)) .ToArray(); if (!string.IsNullOrWhiteSpace(context.ScopeId)) { roles = roles?.Where(r => r.ScopeId == context.ScopeId) .ToArray(); } if (roles == null || !roles.Any()) { return(PermissionGrantResult.Undefined); } foreach (var role in roles) { if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, role.Name, role.ScopeId, context.TenantId)) { return(PermissionGrantResult.Granted); } } return(PermissionGrantResult.Undefined); }
public async Task <bool> IsGrantedAsync(ClaimsPrincipal claimsPrincipal, string name, string scope = null) { if (string.IsNullOrWhiteSpace(name)) { throw new ArgumentException("Value cannot be null or whitespace.", nameof(name)); } var permission = PermissionDefinitionManager.Get(name); var isGranted = false; var context = new PermissionValueCheckContext(permission, claimsPrincipal, scope); foreach (var provider in PermissionValueProviderManager.ValueProviders) { var result = await provider.CheckAsync(context); if (result == PermissionGrantResult.Granted) { isGranted = true; } else if (result == PermissionGrantResult.Prohibited) { return(false); } } return(isGranted); }
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context) { var userId = context.UserId; var tenantId = context.TenantId; if (userId == null) { return(PermissionGrantResult.Undefined); } return(await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, userId, context.ScopeId, tenantId) ? PermissionGrantResult.Granted : PermissionGrantResult.Undefined); }
public abstract Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context);