add authorization requirements
This commit is contained in:
parent
120963f3cc
commit
0508c89c2d
GPG Key ID:
0AA446880C766199
@ -22,9 +22,10 @@ public class AddAddressCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@ public class DeleteAddressCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class UpdateAddressCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetAddressQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetAddressesPageQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Aircrafts.Commands.AddAircraft;
|
||||
@ -9,23 +9,34 @@ public class AddAircraftCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<AddAircraftCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public AddAircraftCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public AddAircraftCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(AddAircraftCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Aircrafts.Commands.DeleteAircraft;
|
||||
@ -9,23 +9,34 @@ public class DeleteAircraftCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<DeleteAircraftCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public DeleteAircraftCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public DeleteAircraftCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(DeleteAircraftCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicel = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicel?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Aircrafts.Commands.UpdateAircraft;
|
||||
@ -9,23 +9,34 @@ public class UpdateAircraftCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<UpdateAircraftCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public UpdateAircraftCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public UpdateAircraftCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(UpdateAircraftCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Aircrafts.Queries.GetAircraft;
|
||||
@ -9,23 +9,34 @@ public class GetAircraftQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetAircraftQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetAircraftQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetAircraftQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetAircraftQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicel = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicel?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Aircrafts.Queries.GetAircraftsPage;
|
||||
@ -9,23 +9,34 @@ public class GetAircraftsPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetAircraftsPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetAircraftsPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetAircraftsPageQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetAircraftsPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
// using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Authenticaion.Commands.RenewAccessToken;
|
||||
@ -7,19 +6,8 @@ namespace cuqmbr.TravelGuide.Application.Authenticaion.Commands.RenewAccessToken
|
||||
public class RenewAccessTokenCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<RenewAccessTokenCommand>
|
||||
{
|
||||
// private readonly SessionUserService _sessionUserService;
|
||||
//
|
||||
// public RenewAccessTokenCommandAuthorizer(SessionUserService currentUserService)
|
||||
// {
|
||||
// _sessionUserService = currentUserService;
|
||||
// }
|
||||
|
||||
public override void BuildPolicy(RenewAccessTokenCommand request)
|
||||
{
|
||||
UseRequirement(new AllowAllRequirement());
|
||||
// UseRequirement(new MustBeAuthenticatedRequirement
|
||||
// {
|
||||
// IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
// });
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Authenticaion.Commands.RevokeRefreshToken;
|
||||
@ -6,8 +7,18 @@ namespace cuqmbr.TravelGuide.Application.Authenticaion.Commands.RevokeRefreshTok
|
||||
public class RevokeRefreshTokenCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<RevokeRefreshTokenCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
|
||||
public RevokeRefreshTokenCommandAuthorizer(SessionUserService currentUserService)
|
||||
{
|
||||
_sessionUserService = currentUserService;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(RevokeRefreshTokenCommand request)
|
||||
{
|
||||
UseRequirement(new AllowAllRequirement());
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Buses.Commands.AddBus;
|
||||
@ -9,23 +9,34 @@ public class AddBusCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<AddBusCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public AddBusCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public AddBusCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(AddBusCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Buses.Commands.DeleteBus;
|
||||
@ -9,23 +9,34 @@ public class DeleteBusCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<DeleteBusCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public DeleteBusCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public DeleteBusCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(DeleteBusCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicel = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicel?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Buses.Commands.UpdateBus;
|
||||
@ -9,23 +9,34 @@ public class UpdateBusCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<UpdateBusCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public UpdateBusCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public UpdateBusCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(UpdateBusCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Buses.Queries.GetBus;
|
||||
@ -9,23 +9,34 @@ public class GetBusQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetBusQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetBusQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetBusQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetBusQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicel = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicel?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Buses.Queries.GetBusesPage;
|
||||
@ -9,23 +9,34 @@ public class GetBusesPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetBusesPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetBusesPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetBusesPageQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetBusesPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@ public class AddCityCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class DeleteCityCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class UpdateCityCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetCitiesPageQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetCityQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -1,31 +1,22 @@
|
||||
using MediatR.Behaviors.Authorization;
|
||||
using Microsoft.Extensions.Localization;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
|
||||
public class MustBeInRolesRequirement : IAuthorizationRequirement
|
||||
public class MustBeInAnyOfRolesRequirement : IAuthorizationRequirement
|
||||
{
|
||||
public ICollection<IdentityRole> UserRoles { get; init; }
|
||||
public ICollection<IdentityRole> RequiredRoles { get; init; }
|
||||
|
||||
class MustBeInRolesRequirementHandler :
|
||||
IAuthorizationHandler<MustBeInRolesRequirement>
|
||||
class MustBeInAnyOfRolesRequirementHandler :
|
||||
IAuthorizationHandler<MustBeInAnyOfRolesRequirement>
|
||||
{
|
||||
private readonly IStringLocalizer _localizer;
|
||||
|
||||
public MustBeInRolesRequirementHandler(IStringLocalizer localizer)
|
||||
{
|
||||
_localizer = localizer;
|
||||
}
|
||||
|
||||
public Task<AuthorizationResult> Handle(
|
||||
MustBeInRolesRequirement request,
|
||||
MustBeInAnyOfRolesRequirement request,
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
var isUserInRequiredRoles =
|
||||
request.UserRoles?.Any(ur => request.RequiredRoles.Contains(ur))
|
||||
?? false;
|
||||
var isUserInRequiredRoles = request.UserRoles
|
||||
.Any(ur => request.RequiredRoles.Contains(ur));
|
||||
|
||||
if (!isUserInRequiredRoles)
|
||||
{
|
||||
@ -0,0 +1,42 @@
|
||||
using MediatR.Behaviors.Authorization;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
|
||||
public class MustBeObjectOwnerOrAdminRequirement : IAuthorizationRequirement
|
||||
{
|
||||
public ICollection<IdentityRole>? UserRoles { get; init; }
|
||||
|
||||
public Guid? UserGuid { get; init; }
|
||||
public Guid? RequiredGuid { get; init; }
|
||||
|
||||
class MustBeObjectOwnerOrAdminRequirementHandler :
|
||||
IAuthorizationHandler<MustBeObjectOwnerOrAdminRequirement>
|
||||
{
|
||||
public Task<AuthorizationResult> Handle(
|
||||
MustBeObjectOwnerOrAdminRequirement request,
|
||||
CancellationToken cancellationToken)
|
||||
{
|
||||
var isAdmin = request?.UserRoles
|
||||
?.Any(ur => ur.Equals(IdentityRole.Administrator)) ??
|
||||
false;
|
||||
|
||||
if (isAdmin)
|
||||
{
|
||||
return Task.FromResult(AuthorizationResult.Succeed());
|
||||
}
|
||||
|
||||
if (request?.UserGuid == null || request?.RequiredGuid == null)
|
||||
{
|
||||
return Task.FromResult(AuthorizationResult.Fail());
|
||||
}
|
||||
|
||||
if (request.UserGuid == request.RequiredGuid)
|
||||
{
|
||||
return Task.FromResult(AuthorizationResult.Succeed());
|
||||
}
|
||||
|
||||
return Task.FromResult(AuthorizationResult.Fail());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -19,10 +19,10 @@ public class AddCompanyCommandAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -19,10 +19,10 @@ public class DeleteCompanyCommandAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Companies.Commands.UpdateCompany;
|
||||
@ -9,23 +9,34 @@ public class UpdateCompanyCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<UpdateCompanyCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public UpdateCompanyCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public UpdateCompanyCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(UpdateCompanyCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,4 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Companies.Queries.GetCompaniesPage;
|
||||
@ -8,24 +6,8 @@ namespace cuqmbr.TravelGuide.Application.Companies.Queries.GetCompaniesPage;
|
||||
public class GetCompaniesPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetCompaniesPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
|
||||
public GetCompaniesPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetCompaniesPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
UseRequirement(new AllowAllRequirement());
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,4 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Companies.Queries.GetCompany;
|
||||
@ -8,24 +6,8 @@ namespace cuqmbr.TravelGuide.Application.Companies.Queries.GetCompany;
|
||||
public class GetCompanyQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetCompanyQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
|
||||
public GetCompanyQueryAuthorizer(SessionUserService sessionUserService)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetCompanyQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
UseRequirement(new AllowAllRequirement());
|
||||
}
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@ public class AddCountryCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class DeleteCountryCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class UpdateCountryCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetCountriesPageQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetCountryQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Employees.Commands.AddEmployee;
|
||||
@ -9,23 +9,34 @@ public class AddEmployeeCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<AddEmployeeCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public AddEmployeeCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public AddEmployeeCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(AddEmployeeCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Employees.Commands.DeleteEmployee;
|
||||
@ -9,23 +9,34 @@ public class DeleteEmployeeCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<DeleteEmployeeCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public DeleteEmployeeCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public DeleteEmployeeCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(DeleteEmployeeCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var employee = _unitOfWork.EmployeeRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = employee?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Employees.Commands.UpdateEmployee;
|
||||
@ -9,23 +9,34 @@ public class UpdateEmployeeCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<UpdateEmployeeCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public UpdateEmployeeCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public UpdateEmployeeCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(UpdateEmployeeCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Employees.Queries.GetEmployee;
|
||||
@ -9,23 +9,34 @@ public class GetEmployeeQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetEmployeeQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetEmployeeQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetEmployeeQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetEmployeeQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var employee = _unitOfWork.EmployeeRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = employee?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Employees.Queries.GetEmployeesPage;
|
||||
@ -9,23 +9,34 @@ public class GetEmployeesPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetEmployeesPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetEmployeesPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetEmployeesPageQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetEmployeesPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -23,7 +23,7 @@ public class AddAccountCommandAuthorizer :
|
||||
IsAuthenticated= _sessionAccountService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionAccountService.Roles
|
||||
|
||||
@ -23,7 +23,7 @@ public class DeleteAccountCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class UpdateAccountCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class GetAccountQueryAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class GetAccountsPageQueryAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class GetRolesPageQueryAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class AddRegionCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class DeleteRegionCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class UpdateRegionCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,9 +22,10 @@ public class GetRegionQueryAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -22,9 +22,10 @@ public class GetRegionsPageQueryAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -19,12 +19,13 @@ public class AddRouteCommandAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@ public class DeleteRouteCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -22,7 +22,7 @@ public class UpdateRouteCommandAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -19,12 +19,13 @@ public class GetRouteQueryAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -22,9 +22,10 @@ public class GetRoutesPageQueryAuthorizer :
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
RequiredRoles =
|
||||
[IdentityRole.Administrator, IdentityRole.CompanyOwner],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
}
|
||||
|
||||
@ -19,10 +19,10 @@ public class AddTicketGroupCommandAuthorizer :
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
UseRequirement(new MustBeInAnyOfRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.TicketGroups.Queries.GetTicketGroup;
|
||||
@ -9,23 +9,34 @@ public class GetTicketGroupQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetTicketGroupQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetTicketGroupQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetTicketGroupQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetTicketGroupQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var ticketGroup = _unitOfWork.TicketGroupRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Account!,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = ticketGroup?.Account?.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.TicketGroups.Queries.GetTicketGroupsPage;
|
||||
@ -9,23 +9,33 @@ public class GetTicketGroupsPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetTicketGroupsPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetTicketGroupsPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetTicketGroupsPageQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetTicketGroupsPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var account = _unitOfWork.AccountRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.AccountGuid, CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = account?.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Trains.Commands.AddTrain;
|
||||
@ -9,23 +9,34 @@ public class AddTrainCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<AddTrainCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public AddTrainCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public AddTrainCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(AddTrainCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Trains.Commands.DeleteTrain;
|
||||
@ -9,23 +9,34 @@ public class DeleteTrainCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<DeleteTrainCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public DeleteTrainCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public DeleteTrainCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(DeleteTrainCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicel = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicel?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Trains.Commands.UpdateTrain;
|
||||
@ -9,23 +9,34 @@ public class UpdateTrainCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<UpdateTrainCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public UpdateTrainCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public UpdateTrainCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(UpdateTrainCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Trains.Queries.GetTrain;
|
||||
@ -9,23 +9,34 @@ public class GetTrainQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetTrainQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetTrainQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetTrainQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetTrainQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicel = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicel?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.Trains.Queries.GetTrainsPage;
|
||||
@ -9,23 +9,34 @@ public class GetTrainsPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetTrainsPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetTrainsPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetTrainsPageQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetTrainsPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var company = _unitOfWork.CompanyRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.CompanyGuid, e => e.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = company?.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,4 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application
|
||||
@ -9,25 +7,8 @@ namespace cuqmbr.TravelGuide.Application
|
||||
public class SearchAllQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<SearchAllQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
|
||||
public SearchAllQueryAuthorizer(
|
||||
SessionUserService sessionUserService)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(SearchAllQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
UseRequirement(new AllowAllRequirement());
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,4 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application
|
||||
@ -9,25 +7,8 @@ namespace cuqmbr.TravelGuide.Application
|
||||
public class SearchShortestQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<SearchShortestQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
|
||||
public SearchShortestQueryAuthorizer(
|
||||
SessionUserService sessionUserService)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(SearchShortestQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
});
|
||||
UseRequirement(new AllowAllRequirement());
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.VehicleEnrollments
|
||||
@ -10,23 +10,51 @@ public class AddVehicleEnrollmentCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<AddVehicleEnrollmentCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public AddVehicleEnrollmentCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public AddVehicleEnrollmentCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(AddVehicleEnrollmentCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicle = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.VehicleGuid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
var employees = _unitOfWork.EmployeeRepository
|
||||
.GetPageAsync(
|
||||
e => request.EmployeeGuids.Contains(e.Guid),
|
||||
e => e.Company.Account,
|
||||
1, request.EmployeeGuids.Count, CancellationToken.None)
|
||||
.Result.Items;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicle?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
|
||||
foreach (var employee in employees)
|
||||
{
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = employee.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.VehicleEnrollments.Commands.DeleteVehicleEnrollment;
|
||||
@ -9,23 +9,34 @@ public class DeleteVehicleEnrollmentCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<DeleteVehicleEnrollmentCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public DeleteVehicleEnrollmentCommandAuthorizer(SessionUserService sessionUserService)
|
||||
public DeleteVehicleEnrollmentCommandAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(DeleteVehicleEnrollmentCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicelEnrollment = _unitOfWork.VehicleEnrollmentRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Vehicle.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicelEnrollment?.Vehicle.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.VehicleEnrollments
|
||||
@ -10,24 +10,51 @@ public class UpdateVehicleEnrollmentCommandAuthorizer :
|
||||
AbstractRequestAuthorizer<UpdateVehicleEnrollmentCommand>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public UpdateVehicleEnrollmentCommandAuthorizer(
|
||||
SessionUserService sessionUserService)
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(UpdateVehicleEnrollmentCommand request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicleEnrollment = _unitOfWork.VehicleEnrollmentRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Vehicle.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
var employees = _unitOfWork.EmployeeRepository
|
||||
.GetPageAsync(
|
||||
e => request.EmployeeGuids.Contains(e.Guid),
|
||||
e => e.Company.Account,
|
||||
1, request.EmployeeGuids.Count, CancellationToken.None)
|
||||
.Result.Items;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicleEnrollment?.Vehicle.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
|
||||
foreach (var employee in employees)
|
||||
{
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = employee.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.VehicleEnrollments
|
||||
@ -10,23 +10,34 @@ public class GetVehicleEnrollmentQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetVehicleEnrollmentQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetVehicleEnrollmentQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetVehicleEnrollmentQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetVehicleEnrollmentQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicelEnrollment = _unitOfWork.VehicleEnrollmentRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.Guid, e => e.Vehicle.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicelEnrollment?.Vehicle.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
||||
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
||||
using cuqmbr.TravelGuide.Application.Common.Services;
|
||||
using cuqmbr.TravelGuide.Domain.Enums;
|
||||
using MediatR.Behaviors.Authorization;
|
||||
|
||||
namespace cuqmbr.TravelGuide.Application.VehicleEnrollments.Queries.GetVehicleEnrollmentsPage;
|
||||
@ -9,23 +9,34 @@ public class GetVehicleEnrollmentsPageQueryAuthorizer :
|
||||
AbstractRequestAuthorizer<GetVehicleEnrollmentsPageQuery>
|
||||
{
|
||||
private readonly SessionUserService _sessionUserService;
|
||||
private readonly UnitOfWork _unitOfWork;
|
||||
|
||||
public GetVehicleEnrollmentsPageQueryAuthorizer(SessionUserService sessionUserService)
|
||||
public GetVehicleEnrollmentsPageQueryAuthorizer(
|
||||
SessionUserService sessionUserService,
|
||||
UnitOfWork unitOfWork)
|
||||
{
|
||||
_sessionUserService = sessionUserService;
|
||||
_unitOfWork = unitOfWork;
|
||||
}
|
||||
|
||||
public override void BuildPolicy(GetVehicleEnrollmentsPageQuery request)
|
||||
{
|
||||
UseRequirement(new MustBeAuthenticatedRequirement
|
||||
{
|
||||
IsAuthenticated= _sessionUserService.IsAuthenticated
|
||||
IsAuthenticated = _sessionUserService.IsAuthenticated
|
||||
});
|
||||
|
||||
UseRequirement(new MustBeInRolesRequirement
|
||||
var vehicles = _unitOfWork.VehicleRepository
|
||||
.GetOneAsync(
|
||||
e => e.Guid == request.VehicleGuid, e => e.Company.Account,
|
||||
CancellationToken.None)
|
||||
.Result;
|
||||
|
||||
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
||||
{
|
||||
RequiredRoles = [IdentityRole.Administrator],
|
||||
UserRoles = _sessionUserService.Roles
|
||||
UserRoles = _sessionUserService.Roles,
|
||||
RequiredGuid = vehicles?.Company.Account.Guid,
|
||||
UserGuid = _sessionUserService.Guid
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user