public static TOut Execute(IAuthorizeInput <TData, AppUser> input, AuthorizeFunction function)
        {
            if (!Authorize(input, function))
            {
                var attributes = Attribute.GetCustomAttributes(function.GetMethodInfo(), typeof(AppAuthorizeAttribute));
                IEnumerable <AppRoleEnum> requiredRoles = from AppAuthorizeAttribute a in attributes select a.Role;
                throw new AppUserNotAuthorizedException(input.Claims, requiredRoles);
            }
            var output = function(input.Data);

            return(output);
        }
        public static bool Authorize(IAuthorizeInput <TData, AppUser> input, AuthorizeFunction function)
        {
            var attributes = Attribute.GetCustomAttributes(function.GetMethodInfo(), typeof(AppAuthorizeAttribute));
            IEnumerable <AppRoleEnum> requiredRoles;

            if (attributes == null || attributes.Count() == 0)
            {
                requiredRoles = new List <AppRoleEnum> {
                    AppRoleEnum.Administrator
                };
            }
            else
            {
                requiredRoles = from AppAuthorizeAttribute a in attributes select a.Role;
            }
            if (input == null || input.Claims == null)
            {
                return(false);
            }
            if (!input.Claims.IsAuthenticated)
            {
                return(false);
            }
            if (input.Claims.IsInRole(AppRoleEnum.Administrator))
            {
                return(true);
            }
            foreach (var role in requiredRoles)
            {
                if (input.Claims.IsInRole(role))
                {
                    return(true);
                }
            }
            if (typeof(Project).IsAssignableFrom(input.Data.GetType()))
            {
                var            project     = input.Data as Project;
                bool           flag        = false;
                List <AppUser> managerlist = project.Managers;
                foreach (AppUser manager in managerlist)
                {
                    if (manager.AccountName == input.Claims.User.AccountName)
                    {
                        flag = true;
                    }
                }
                return(flag);
            }
            return(false);
        }