public async Task <bool> IsHaveAccess(ActionExecutingContext context) { IServiceProvider serviceProvider = context.HttpContext.RequestServices; IItemLookup itemLookup = serviceProvider.GetService(itemLookupServiceType) as IItemLookup; IUserProvider userIdProvider = serviceProvider.GetService <IUserProvider>(); string currentUserId = userIdProvider.GetCurrentUserId(context.HttpContext); bool isCurrentUserAdmin = await userIdProvider.IsInRoleAsync(currentUserId, RoleConstants.Administrator); if (isCurrentUserAdmin) // admin has access to everything { return(true); } //Find the relevant item id from the request string resourceId = GetPropertyValue(idArgumentName, (Dictionary <string, object>)context.ActionArguments); if (resourceId != null) { string itemOwnerId = await itemLookup.GetOwnerId(resourceId); return(currentUserId == itemOwnerId); } return(false); }
public Checkout(IItemLookup itemLookup, ICheckoutMessagePrinter checkoutMessagePrinter) { _itemLookup = itemLookup; _checkoutMessagePrinter = checkoutMessagePrinter; }
public Checkout(IItemLookup itemLookup, ISpecialOfferLookup getSpecialOffers) { _itemLookup = itemLookup; _getSpecialOffers = getSpecialOffers; }