public async Task <IActionResult?> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "families/{familyId}")] HttpRequest req, string familyId) { _logger.LogInformation("C# HTTP trigger function processed a request."); var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync(); if (!authenticationStatus) { return(authenticationResponse); } var userId = Guid.Parse(req.HttpContext.User.GetNameIdentifierId() ?? ""); if (!_authz.VerifyUserPermission(userId.ToString(), familyId, Resources.Family, Actions.Read)) { return(new UnauthorizedResult()); } var family = await _familyService.GetFamilyDetailsAsync(Guid.Parse(familyId)); return(new OkObjectResult(family)); }
public bool Authorize(string userId, string familyId, string resource, string action) { return(_authzRepository.VerifyUserPermission(userId, familyId, resource, action)); }