public async Task <PolicyResult> Authorize(PostAlterCommand action) { // Check if user owns Post if (await postService.IsOwner(action.PostId, action.User.Username)) { return(PolicyResult.Authorized()); } // Is the user an admin? if (await roleService.IsUserAdmin(action.User.Username)) { return(PolicyResult.Authorized()); } // Is the user a moderator? Space?space = await spaceService.FindByPost(action.PostId); if (space == null) { throw new InvalidOperationException(); } if (await roleService.IsUserModerator(action.User.Username, space.Name)) { return(PolicyResult.Authorized()); } return(PolicyResult.Unauthorized()); }
public async Task <PolicyResult> Authorize(RemoveAdminCommand action) { if (await roleService.IsUserAdmin(action.User.Username)) { return(PolicyResult.Authorized()); } else { return(PolicyResult.Unauthorized()); } }
public async Task <PolicyResult> Authorize(RemoveModeratorFromSpaceCommand action) { if (await roleService.IsUserModerator(action.User.Username, action.Space)) { return(PolicyResult.Authorized()); } else { return(PolicyResult.Unauthorized()); } }
#pragma warning disable 1998 #region Publics public async Task <PolicyResult> Authorize(UserAlterCommand action) { if (action.Username == action.User.Username) { return(PolicyResult.Authorized()); } else { return(PolicyResult.Unauthorized()); } }
public async Task <PolicyResult> Authorize(SpaceAlterCommand action) { if (await roleService.IsUserAdmin(action.User.Username)) { return(PolicyResult.Authorized()); } if (await roleService.IsUserModerator(action.User.Username, action.Space)) { return(PolicyResult.Authorized()); } return(PolicyResult.Unauthorized()); }