classlib/ExpenseTracker.Application/Accounts/Queries/GetWithPagination/GetAccountsWithPaginationQueryAuthorizer.cs
2024-08-07 21:12:02 +03:00

34 lines
1.1 KiB
C#

using MediatR.Behaviors.Authorization;
using ExpenseTracker.Application.Common.Authorization;
using ExpenseTracker.Application.Common.Interfaces.Services;
using ExpenseTracker.Application.Common.Models;
namespace ExpenseTracker.Application.Accounts.Queries.GetWithPagination;
public class GetAccountsWithPaginationQueryAuthorizer : AbstractRequestAuthorizer<GetAccountsWithPaginationQuery>
{
private readonly ISessionUserService _sessionUserService;
public GetAccountsWithPaginationQueryAuthorizer(ISessionUserService currentUserService)
{
_sessionUserService = currentUserService;
}
public override void BuildPolicy(GetAccountsWithPaginationQuery request)
{
UseRequirement(new MustBeAuthenticatedRequirement
{
IsAuthenticated = _sessionUserService.IsAuthenticated
});
if (request.GetAll)
{
UseRequirement(new MustBeInRolesRequirement
{
UserRoles = _sessionUserService.Roles,
RequiredRoles = new[] { IdentityRoles.Administrator.ToString() }
});
}
}
}