private async Task <bool> HasDeletePermission(AuthorizationHandlerContext context, Post resource)
{
if (resource.CreatorId != null && resource.CreatorId == context.User.FindUserId())
{
return(true);
}
var result = await _permissionChecker.GetResultAsync(context.User, BloggingPermissions.Posts.Delete);
if (result?.GrantType == PermissionGrantType.Granted)
{
return(true);
}
return(false);
}
protected override async Task HandleRequirementAsync(
AuthorizationHandlerContext context,
PermissionRequirement requirement)
{
var result = await _permissionChecker.GetResultAsync(context.User, requirement.PermissionName);
if (result.GrantType == PermissionGrantType.Granted)
{
context.Succeed(requirement);
}
}