private async ValueTask HandleDeleteAsync( AuthorizationHandlerContext context, IQueryCollection query, CreatedByRequirement <T, TId, TCreatedBy> requirement) { var ids = query.Where(x => x.Key.StartsWith("ids[", InvariantCultureIgnoreCase) && x.Key.EndsWith("]", InvariantCultureIgnoreCase)); var converter = GetConverter(typeof(TId)); var keyValuePairs = ids.Select(id => (TId)converter.ConvertFromString(id.Value)).ToDictionary(id => id, id => default(T?)); await HandleKeyValuePairsAsync(context, keyValuePairs, requirement).ConfigureAwait(false); }
protected override Task HandleRequirementAsync( AuthorizationHandlerContext context, CreatedByRequirement <T, TId, TCreatedBy> requirement) { if (context == default) { throw new ArgumentNullException(nameof(context)); } if (requirement == default) { throw new ArgumentNullException(nameof(requirement)); } if (context.User.Identity?.IsAuthenticated != true) { return(CompletedTask); } if (requirement.AllowedRoles.Any(role => context.User.IsInRole(role))) { context.Succeed(requirement); return(CompletedTask); } if (!(context.Resource is ActionContext actionContext)) { return(CompletedTask); } if (actionContext.RouteData.Values.ContainsKey("id")) { return(HandleByIdAsync(context, actionContext.RouteData.Values, requirement).AsTask()); } if (IsPut(actionContext.HttpContext.Request.Method)) { return(HandlePutAsync(context, actionContext.HttpContext.Request, requirement).AsTask()); } if (IsDelete(actionContext.HttpContext.Request.Method)) { return(HandleDeleteAsync(context, actionContext.HttpContext.Request.Query, requirement).AsTask()); } return(CompletedTask); }
private async ValueTask HandlePutAsync( AuthorizationHandlerContext context, HttpRequest request, CreatedByRequirement <T, TId, TCreatedBy> requirement) { ICollection <T> models; request.EnableBuffering(); using (var reader = new StreamReader(request.Body, leaveOpen: true)) { var body = await reader.ReadToEndAsync().ConfigureAwait(false); models = Deserialize <ICollection <T> >(body, _jsonSerializerOptions); request.Body.Position = 0; } var keyValuePairs = models.ToDictionary(model => model.Key, model => default(T?)); await HandleKeyValuePairsAsync(context, keyValuePairs, requirement).ConfigureAwait(false); }
private async ValueTask HandleKeyValuePairsAsync( AuthorizationHandlerContext context, IDictionary <TId, T?> keyValuePairs, CreatedByRequirement <T, TId, TCreatedBy> requirement) { var userId = context.User.FindFirstValue(Sub); var allowed = await GetCachedModels(keyValuePairs, userId).ConfigureAwait(false); if (!allowed) { return; } allowed = await GetNonCachedModels(keyValuePairs, userId, requirement.Name).ConfigureAwait(false); if (!allowed) { return; } context.Succeed(requirement); }
private async ValueTask HandleByIdAsync( AuthorizationHandlerContext context, RouteValueDictionary routeValues, CreatedByRequirement <T, TId, TCreatedBy> requirement) { var key = (TId)routeValues["id"]; if (!_cache.TryGetValue(key, out T value)) { var redisValue = await _database.StringGetAsync(key.ToString()).ConfigureAwait(false); if (redisValue.IsNullOrEmpty) { var request = new GetRequest <T>(requirement.Name, new object[] { key }, _logger); value = await _mediator.Send(request).ConfigureAwait(false); if (value != default) { await _database.StringSetAsync(key.ToString(), Serialize(value), flags : FireAndForget).ConfigureAwait(false); } } else { value = Deserialize <T>(redisValue, _jsonSerializerOptions); } if (value != default) { _cache.SetCacheEntry(key, value, _memoryCacheEntryOptions); } } var userId = context.User.FindFirstValue(Sub); if (value == default || string.Equals(value.CreatedBy.ToString(), userId, InvariantCultureIgnoreCase)) { context.Succeed(requirement); } }