public virtual bool IsGrantedByDefault(Permission permission)
{
return(GrantAllPermissionsByDefault || GrantedPermissions.Contains(permission.Name));
}
public async ValueTask <OperationResult> RequirePermissionsAsync(
IReadOnlyCollection <int> permissionIds,
CancellationToken cancellationToken)
{
AuthorizationLogMessages.PermissionsRequired(_logger, permissionIds);
var authenticationResult = RequireAuthentication();
if (authenticationResult.IsFailure)
{
return(authenticationResult);
}
var missingPermissionIds = permissionIds
.Where(id => !_authenticationService.CurrentTicket !.GrantedPermissions
.ContainsKey(id))
.ToHashSet();
if (!missingPermissionIds.Any())
{
AuthorizationLogMessages.RequiredPermissionsFound(_logger);
return(OperationResult.Success);
}
AuthorizationLogMessages.RequiredPermissionsNotFound(_logger, missingPermissionIds);
var missingPermissions = (await _permissionsService
.GetIdentitiesAsync(cancellationToken))
.Where(x => missingPermissionIds.Contains(x.Id))
.ToDictionary(x => x.Id, x => x.Name);
AuthorizationLogMessages.MissingPermissionsFetched(_logger, missingPermissions);
return(new InsufficientPermissionsError(missingPermissions));
}
