using Core.Enumerations;
using DataProviders.Collections;
using DomainObjects.Documents;
using DomainObjects.Documents.Users;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Options;
using WeatherForecast.Policies.Abstractions;
namespace WeatherForecast.Policies {
///
///
///
public class ShopAuthorizationHandler : AuthorizationHandlerBase> {
///
///
///
///
///
///
///
public ShopAuthorizationHandler(
IOptions configuration,
IHttpContextAccessor contextAccessor,
ISiteDataProvider siteDataProvider,
IUserDataProvider userDataProvider
) : base(configuration, contextAccessor, siteDataProvider, userDataProvider) { }
///
///
///
///
///
///
///
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ShopAuthorizationRequirement requirement, List resource) {
var (site, user) = GetUser(context);
if (site == null || user == null)
return Task.CompletedTask;
var userRole = GetRole(site, user);
// Can Admin, Shop manager
if (requirement.Action == CrudActions.Create
&& userRole != Roles.Admin
&& userRole != Roles.ShopManager)
return Task.CompletedTask;
// Can Admin, Shop manager
if (requirement.Action == CrudActions.Read
&& userRole != Roles.Admin
&& userRole != Roles.ShopManager)
return Task.CompletedTask;
// Can Admin, Shop manager
if (requirement.Action == CrudActions.Update
&& userRole != Roles.Admin
&& userRole != Roles.ShopManager)
return Task.CompletedTask;
// Can Admin, Shop manager
if (requirement.Action == CrudActions.Delete
&& userRole != Roles.Admin
&& userRole != Roles.ShopManager)
return Task.CompletedTask;
context.Succeed(requirement);
return Task.CompletedTask;
}
}
///
///
///
public class ShopAuthorizationRequirement : AuthorizationRequirementBase { }
}