public void OnAuthorization(AuthorizationFilterContext context)
{
var optionsBuilder = new DbContextOptionsBuilder <FactFluxIdentity>();
optionsBuilder.UseSqlServer(Startup.staticConfig["ConnectionStrings:FactFluxConnection"]);
var newdbContext = new FactFluxIdentity(optionsBuilder.Options);
var userClaims = context.HttpContext.User.Identities.FirstOrDefault().Claims;
if (userClaims == null || userClaims.Count() == 0)
{
context.Result = new ForbidResult();
}
var userId = userClaims.FirstOrDefault().Value.ToString();
using (newdbContext)
{
var foundUser = newdbContext.Users.Where(x => x.Id == userId).FirstOrDefault();
if (foundUser == null)
{
context.Result = new ForbidResult();
}
var isAdmin = (from ur in newdbContext.UserRoles
join r in newdbContext.Roles on ur.RoleId equals r.Id
where r.Name == "Admin" && ur.UserId == userId
select ur).FirstOrDefault();
if (isAdmin == null)
{
context.Result = new ForbidResult();
}
}
}
public bool Authorize(DashboardContext context)
{
var optionsBuilder = new DbContextOptionsBuilder <FactFluxIdentity>();
optionsBuilder.UseSqlServer(Startup.staticConfig["ConnectionStrings:FactFluxConnection"]);
var newdbContext = new FactFluxIdentity(optionsBuilder.Options);
var userClaims = HttpContext.HttpContext.User.Identities.FirstOrDefault().Claims;
if (!userClaims.Any())
{
return(false);
}
var userId = userClaims.FirstOrDefault().Value.ToString();
using (newdbContext)
{
var foundUser = newdbContext.Users.Where(x => x.Id == userId).FirstOrDefault();
if (foundUser == null)
{
return(false);
}
var isAdmin = (from ur in newdbContext.UserRoles
join r in newdbContext.Roles on ur.RoleId equals r.Id
where r.Name == "Admin" && ur.UserId == userId
select ur).FirstOrDefault();
if (isAdmin == null)
{
return(false);
}
return(true);
}
}
public IdentityController(IHttpContextAccessor httpContext, UserManager <IdentityUser> userManager, FactFluxIdentity factFluxIdentity)
{
HttpContext = httpContext;
UserManager = userManager;
FactFluxIdentityContext = factFluxIdentity;
}
