public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var clientId = context.Principal?.FindFirst(PlusClaimTypes.ClientId)?.Value;
if (clientId == null)
{
return(PermissionGrantResult.Undefined);
}
return(await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, clientId)
? PermissionGrantResult.Granted
: PermissionGrantResult.Undefined);
}
public virtual async Task <bool> IsGrantedAsync(
ClaimsPrincipal claimsPrincipal,
string name)
{
Check.NotNull(name, nameof(name));
var permission = PermissionDefinitionManager.Get(name);
if (!permission.IsEnabled)
{
return(false);
}
var multiTenancySide = claimsPrincipal?.GetMultiTenancySide()
?? CurrentTenant.GetMultiTenancySide();
if (!permission.MultiTenancySide.HasFlag(multiTenancySide))
{
return(false);
}
var isGranted = false;
var context = new PermissionValueCheckContext(permission, claimsPrincipal);
foreach (var provider in PermissionValueProviderManager.ValueProviders)
{
if (context.Permission.Providers.Any() &&
!context.Permission.Providers.Contains(provider.Name))
{
continue;
}
var result = await provider.CheckAsync(context);
if (result == PermissionGrantResult.Granted)
{
isGranted = true;
}
else if (result == PermissionGrantResult.Prohibited)
{
return(false);
}
}
return(isGranted);
}
public override async Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context)
{
var roles = context.Principal?.FindAll(PlusClaimTypes.Role).Select(c => c.Value).ToArray();
if (roles == null || !roles.Any())
{
return(PermissionGrantResult.Undefined);
}
foreach (var role in roles)
{
if (await PermissionStore.IsGrantedAsync(context.Permission.Name, Name, role))
{
return(PermissionGrantResult.Granted);
}
}
return(PermissionGrantResult.Undefined);
}
public abstract Task <PermissionGrantResult> CheckAsync(PermissionValueCheckContext context);