public async Task <PolicyResult> Authorize(PostAlterCommand action)
{
// Check if user owns Post
if (await postService.IsOwner(action.PostId, action.User.Username))
{
return(PolicyResult.Authorized());
}
// Is the user an admin?
if (await roleService.IsUserAdmin(action.User.Username))
{
return(PolicyResult.Authorized());
}
// Is the user a moderator?
Space?space = await spaceService.FindByPost(action.PostId);
if (space == null)
{
throw new InvalidOperationException();
}
if (await roleService.IsUserModerator(action.User.Username, space.Name))
{
return(PolicyResult.Authorized());
}
return(PolicyResult.Unauthorized());
}
public async Task <PolicyResult> Authorize(RemoveAdminCommand action)
{
if (await roleService.IsUserAdmin(action.User.Username))
{
return(PolicyResult.Authorized());
}
else
{
return(PolicyResult.Unauthorized());
}
}
public async Task <PolicyResult> Authorize(RemoveModeratorFromSpaceCommand action)
{
if (await roleService.IsUserModerator(action.User.Username, action.Space))
{
return(PolicyResult.Authorized());
}
else
{
return(PolicyResult.Unauthorized());
}
}
#pragma warning disable 1998
#region Publics
public async Task <PolicyResult> Authorize(UserAlterCommand action)
{
if (action.Username == action.User.Username)
{
return(PolicyResult.Authorized());
}
else
{
return(PolicyResult.Unauthorized());
}
}
public async Task <PolicyResult> Authorize(SpaceAlterCommand action)
{
if (await roleService.IsUserAdmin(action.User.Username))
{
return(PolicyResult.Authorized());
}
if (await roleService.IsUserModerator(action.User.Username, action.Space))
{
return(PolicyResult.Authorized());
}
return(PolicyResult.Unauthorized());
}
