Skip to content

Instantly share code, notes, and snippets.

@Lutando
Created March 20, 2017 19:43
Show Gist options
  • Save Lutando/11a67b0bdc14fba0f4f433e1fa5815d8 to your computer and use it in GitHub Desktop.
Save Lutando/11a67b0bdc14fba0f4f433e1fa5815d8 to your computer and use it in GitHub Desktop.
using System.Threading.Tasks;
using Formum.Api.Authorization.Models;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Authorization.Infrastructure;
namespace Formum.Api.Authorization.Handlers
{
public class PostAuthorizationHandler : AuthorizationHandler<OperationAuthorizationRequirement, PostAuthorizationModel>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, OperationAuthorizationRequirement requirement,
PostAuthorizationModel resource)
{
var noOp = Task.CompletedTask;
if (requirement.Name == "PostEdit")
{
//sub claim is typically the subject claim which is also normally the user id of the caller
if (context.User.HasClaim("sub", resource.OwnerId.ToString()))
{
context.Succeed(requirement);
return noOp;
}
}
if (requirement.Name == "PostDelete")
{
if (context.User.HasClaim("sub", resource.OwnerId.ToString()))
{
context.Succeed(requirement);
return noOp;
}
}
return noOp;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment