43 lines
1.3 KiB
C#
43 lines
1.3 KiB
C#
using MediatR.Behaviors.Authorization;
|
|
using cuqmbr.TravelGuide.Domain.Enums;
|
|
|
|
namespace cuqmbr.TravelGuide.Application.Common.Authorization;
|
|
|
|
public class MustBeObjectOwnerOrAdminRequirement : IAuthorizationRequirement
|
|
{
|
|
public ICollection<IdentityRole>? UserRoles { get; init; }
|
|
|
|
public Guid? UserGuid { get; init; }
|
|
public Guid? RequiredGuid { get; init; }
|
|
|
|
class MustBeObjectOwnerOrAdminRequirementHandler :
|
|
IAuthorizationHandler<MustBeObjectOwnerOrAdminRequirement>
|
|
{
|
|
public Task<AuthorizationResult> Handle(
|
|
MustBeObjectOwnerOrAdminRequirement request,
|
|
CancellationToken cancellationToken)
|
|
{
|
|
var isAdmin = request?.UserRoles
|
|
?.Any(ur => ur.Equals(IdentityRole.Administrator)) ??
|
|
false;
|
|
|
|
if (isAdmin)
|
|
{
|
|
return Task.FromResult(AuthorizationResult.Succeed());
|
|
}
|
|
|
|
if (request?.UserGuid == null || request?.RequiredGuid == null)
|
|
{
|
|
return Task.FromResult(AuthorizationResult.Fail());
|
|
}
|
|
|
|
if (request.UserGuid == request.RequiredGuid)
|
|
{
|
|
return Task.FromResult(AuthorizationResult.Succeed());
|
|
}
|
|
|
|
return Task.FromResult(AuthorizationResult.Fail());
|
|
}
|
|
}
|
|
}
|