reactredux/src/WeatherForecast/Policies/ShopAuthorizationHandler.cs

using Core.Enumerations;
using DataProviders.Collections;
using DomainObjects.Documents;
using DomainObjects.Documents.Users;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Options;
using WeatherForecast.Policies.Abstractions;

namespace WeatherForecast.Policies {

    /// <summary>
    /// 
    /// </summary>
    public class ShopAuthorizationHandler : AuthorizationHandlerBase<ShopAuthorizationRequirement, List<ShopDocument>> {

    /// <summary>
    /// 
    /// </summary>
    /// <param name="configuration"></param>
    /// <param name="contextAccessor"></param>
    /// <param name="siteDataProvider"></param>
    /// <param name="userDataProvider"></param>
    public ShopAuthorizationHandler(
      IOptions<Configuration> configuration,
      IHttpContextAccessor contextAccessor,
      ISiteDataProvider siteDataProvider,
      IUserDataProvider userDataProvider
    ) : base(configuration, contextAccessor, siteDataProvider, userDataProvider) { }

    /// <summary>
    /// 
    /// </summary>
    /// <param name="context"></param>
    /// <param name="requirement"></param>
    /// <param name="resource"></param>
    /// <returns></returns>
    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ShopAuthorizationRequirement requirement, List<ShopDocument> resource) {
      
      var (site, user) = GetUser(context);
      if (site == null || user == null)
        return Task.CompletedTask;

      var userRole = GetRole(site, user);

      // Can Admin, Shop manager
      if (requirement.Action == CrudActions.Create
        && userRole != Roles.Admin
        && userRole != Roles.ShopManager)
        return Task.CompletedTask;

      // Can Admin, Shop manager
      if (requirement.Action == CrudActions.Read
        && userRole != Roles.Admin
        && userRole != Roles.ShopManager)
        return Task.CompletedTask;

      // Can Admin, Shop manager
      if (requirement.Action == CrudActions.Update
        && userRole != Roles.Admin
        && userRole != Roles.ShopManager)
        return Task.CompletedTask;

      // Can Admin, Shop manager
      if (requirement.Action == CrudActions.Delete
        && userRole != Roles.Admin
        && userRole != Roles.ShopManager)
        return Task.CompletedTask;


      context.Succeed(requirement);

      return Task.CompletedTask;
    }
  }

  /// <summary>
  /// 
  /// </summary>
  public class ShopAuthorizationRequirement : AuthorizationRequirementBase { }
}