public virtual async Task <bool> AuthorizeAsync <TResource>(RouteInfo route, RouteValueDictionary values, LinkCondition <TResource> condition) { if (route == null) { throw new ArgumentNullException(nameof(route)); } if (values == null) { throw new ArgumentNullException(nameof(values)); } if (condition == null) { throw new ArgumentNullException(nameof(condition)); } var authContext = new LinkAuthorizationContext <TResource>( condition.RequiresRouteAuthorization, condition.AuthorizationRequirements, condition.AuthorizationPolicyNames, route, values, (TResource)this.Resource, this.User); return(await authService.AuthorizeLink(authContext)); }
public async Task <bool> AuthorizeLink <TResource>(LinkAuthorizationContext <TResource> context) { if (!(context.User?.Identity?.IsAuthenticated ?? false)) { return(false); } if (context.ShouldAuthorizeRoute) { var authAttrs = context.RouteInfo.AuthorizeAttributes; foreach (var authAttr in authAttrs) { if (!await AuthorizeData(authAttr, context.User, context.RouteValues)) { return(false); } } } if (context.AuthorizationRequirements.Any()) { if (!(await authService.AuthorizeAsync(context.User, context.Resource, context.AuthorizationRequirements)).Succeeded) { return(false); } } if (context.AuthorizationPolicyNames.Any()) { var tasks = context.AuthorizationPolicyNames.Select(policyName => authService.AuthorizeAsync(context.User, context.Resource, policyName)).ToList(); await Task.WhenAll(tasks); if (!tasks.All(x => x.Result.Succeeded)) { return(false); } } return(true); }