public async Task <bool> HasUserAccessToCourseAsync(string userId, string courseId, CourseRoleType minCourseRoleType) { var user = await usersRepo.FindUserByIdAsync(userId).ConfigureAwait(false); if (usersRepo.IsSystemAdministrator(user)) { return(true); } return(await db.CourseRoles.Where(r => r.UserId == userId && r.CourseId == courseId && r.Role <= minCourseRoleType).AnyAsync().ConfigureAwait(false)); }
public async Task <bool> HasUserAccessToCourseAsync(string userId, string courseId, CourseRoleType minCourseRoleType) { var user = await usersRepo.FindUserByIdAsync(userId).ConfigureAwait(false); if (usersRepo.IsSystemAdministrator(user)) { return(true); } return((await Internal_GetActualUserRoles(userId)).Any(r => string.Equals(r.CourseId, courseId, StringComparison.OrdinalIgnoreCase) && r.Role <= minCourseRoleType)); }
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, CourseAccessRequirement requirement) { /* Get MVC context. See https://docs.microsoft.com/en-US/aspnet/core/security/authorization/policies#accessing-mvc-request-context-in-handlers */ if (!(context.Resource is AuthorizationFilterContext mvcContext)) { logger.Error("Can't get MVC context in CourseRoleAuthenticationHandler"); context.Fail(); return; } var routeData = mvcContext.RouteData; if (!(routeData.Values["courseId"] is string courseId)) { logger.Error("Can't find `courseId` parameter in route data for checking course access requirement."); context.Fail(); return; } if (!context.User.Identity.IsAuthenticated) { context.Fail(); return; } var userId = context.User.GetUserId(); var user = await usersRepo.FindUserByIdAsync(userId).ConfigureAwait(false); if (user == null) { context.Fail(); return; } if (usersRepo.IsSystemAdministrator(user)) { context.Succeed(requirement); return; } var isCourseAdmin = await courseRolesRepo.HasUserAccessToCourseAsync(userId, courseId, CourseRoleType.CourseAdmin).ConfigureAwait(false); if (isCourseAdmin || await coursesRepo.HasCourseAccessAsync(userId, courseId, requirement.CourseAccessType).ConfigureAwait(false)) { context.Succeed(requirement); } else { context.Fail(); } }
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, CourseRoleRequirement requirement) { /* Get MVC context. See https://docs.microsoft.com/en-US/aspnet/core/security/authorization/policies#accessing-mvc-request-context-in-handlers */ if (!(context.Resource is AuthorizationFilterContext mvcContext)) { log.Error("Can't get MVC context in CourseRoleAuthenticationHandler"); context.Fail(); return; } var courseId = GetCourseIdFromRequestAsync(mvcContext); if (string.IsNullOrEmpty(courseId)) { context.Fail(); return; } if (!context.User.Identity.IsAuthenticated) { context.Fail(); return; } var userId = context.User.GetUserId(); var user = await usersRepo.FindUserByIdAsync(userId).ConfigureAwait(false); if (user == null) { context.Fail(); return; } if (usersRepo.IsSystemAdministrator(user)) { context.Succeed(requirement); return; } if (await courseRolesRepo.HasUserAccessToCourseAsync(userId, courseId, requirement.minCourseRoleType).ConfigureAwait(false)) { context.Succeed(requirement); } else { context.Fail(); } }
protected async Task <bool> IsSystemAdministratorAsync() { var user = await usersRepo.FindUserByIdAsync(UserId).ConfigureAwait(false); return(usersRepo.IsSystemAdministrator(user)); }