43 lines
1.3 KiB
C#
43 lines
1.3 KiB
C#
using cuqmbr.TravelGuide.Application.Common.Authorization;
|
|
using cuqmbr.TravelGuide.Application.Common.Persistence;
|
|
using cuqmbr.TravelGuide.Application.Common.Services;
|
|
using MediatR.Behaviors.Authorization;
|
|
|
|
namespace cuqmbr.TravelGuide.Application.Buses.Queries.GetBusesPage;
|
|
|
|
public class GetBusesPageQueryAuthorizer :
|
|
AbstractRequestAuthorizer<GetBusesPageQuery>
|
|
{
|
|
private readonly SessionUserService _sessionUserService;
|
|
private readonly UnitOfWork _unitOfWork;
|
|
|
|
public GetBusesPageQueryAuthorizer(
|
|
SessionUserService sessionUserService,
|
|
UnitOfWork unitOfWork)
|
|
{
|
|
_sessionUserService = sessionUserService;
|
|
_unitOfWork = unitOfWork;
|
|
}
|
|
|
|
public override void BuildPolicy(GetBusesPageQuery request)
|
|
{
|
|
UseRequirement(new MustBeAuthenticatedRequirement
|
|
{
|
|
IsAuthenticated = _sessionUserService.IsAuthenticated
|
|
});
|
|
|
|
var company = _unitOfWork.CompanyRepository
|
|
.GetOneAsync(
|
|
e => e.Guid == request.CompanyGuid, e => e.Account,
|
|
CancellationToken.None)
|
|
.Result;
|
|
|
|
UseRequirement(new MustBeObjectOwnerOrAdminRequirement
|
|
{
|
|
UserRoles = _sessionUserService.Roles,
|
|
RequiredGuid = company?.Account.Guid,
|
|
UserGuid = _sessionUserService.Guid
|
|
});
|
|
}
|
|
}
|