/// <summary>
/// Authorizes current user for given permission or permissions,
/// throws <see cref="AbpAuthorizationException" /> if not authorized.
/// </summary>
/// <typeparam name="TUserId">The type of UserId</typeparam>
/// <typeparam name="TTenantId">The type of TenantId</typeparam>
/// <param name="permissionChecker">Permission checker</param>
/// <param name="abpAuthorizeAttribute">Abp authorization attributes.</param>
/// <returns></returns>
public static async Task AuthorizeAsync <TTenantId, TUserId>(
this IPermissionChecker <TTenantId, TUserId> permissionChecker,
IAbpAuthorizeAttribute abpAuthorizeAttribute)
where TTenantId : struct
where TUserId : struct
{
var moduleCode = abpAuthorizeAttribute.ModuleCode;
var permissions = abpAuthorizeAttribute.Permissions;
var requireAll = abpAuthorizeAttribute.RequireAllPermissions;
if (permissions.IsNullOrEmpty())
{
return;
}
if (string.IsNullOrEmpty(moduleCode))
{
await permissionChecker.AuthorizeAsync(requireAll, permissions);
return;
}
if (requireAll)
{
foreach (var permissionName in permissions)
{
if (!(await permissionChecker.IsGrantedAsync(moduleCode, permissionName)))
{
throw new AbpAuthorizationException(
"Required permissions of " + moduleCode +
" are not granted. All of these permissions must be granted: " +
string.Join(", ", permissions)
);
}
}
}
else
{
foreach (var permissionName in permissions)
{
if (await permissionChecker.IsGrantedAsync(moduleCode, permissionName))
{
return;
}
}
throw new AbpAuthorizationException(
"Required permissions of " + moduleCode +
" are not granted. At least one of these permissions must be granted: " +
string.Join(", ", permissions)
);
}
}
public void Authorize(IAbpAuthorizeAttribute authorizeAttribute)
{
Authorize(new[] { authorizeAttribute });
}
public async Task AuthorizeAsync(IAbpAuthorizeAttribute authorizeAttribute)
{
await AuthorizeAsync(new[] { authorizeAttribute });
}
public static async Task AuthorizeAsync(this IAuthorizationHelper authorizationHelper, IAbpAuthorizeAttribute authorizeAttribute)
{
await authorizationHelper.AuthorizeAsync(new[] { authorizeAttribute });
}
public static void Authorize(this IAuthorizationHelper authorizationHelper, IAbpAuthorizeAttribute authorizeAttribute)
{
authorizationHelper.Authorize(new[] { authorizeAttribute });
}
public void Authorize(IAbpAuthorizeAttribute authorizeAttribute)
{
Authorize(new[] { authorizeAttribute });
}
public static async Task AuthorizeAsync(this IAuthorizationHelper authorizationHelper, IAbpAuthorizeAttribute authorizeAttribute)
{
await authorizationHelper.AuthorizeAsync(new[] { authorizeAttribute });
}
public static void Authorize(this IAuthorizationHelper authorizationHelper, IAbpAuthorizeAttribute authorizeAttribute)
{
authorizationHelper.Authorize(new[] { authorizeAttribute });
}
/// <summary>
/// 授权-异步
/// </summary>
/// <param name="authorizeAttribute">授权自定义属性</param>
/// <returns></returns>
public async Task AuthorizeAsync(IAbpAuthorizeAttribute authorizeAttribute)
{
await AuthorizeAsync(new[] { authorizeAttribute });
}
