网站首页 网站源码
website
站点相关全部源代码,隐藏了一些关于服务器的信息
using System.Security.Claims;
using Dpz.Core.EnumLibrary;
using Dpz.Core.Service.RepositoryService;
using Microsoft.AspNetCore.Authorization;

namespace Dpz.Core.Auth.Security;

internal class PermissionHandler(IAccountService accountService)
    : AuthorizationHandler<PermissionRequirement>
{
    protected override async Task HandleRequirementAsync(
        AuthorizationHandlerContext context,
        PermissionRequirement requirement
    )
    {
        var account = context.User.NameIdentifier;
        if (string.IsNullOrEmpty(account))
        {
            context.Fail();
            return;
        }

        var user = await accountService.GetOneUserAsync(account);
        if (user?.Permissions == null)
        {
            context.Fail();
            return;
        }

        if (Enum.TryParse<Permissions>(requirement.Permission, out var requiredPermission))
        {
            if (user.Permissions.Value.HasFlag(requiredPermission))
            {
                context.Succeed(requirement);
                return;
            }
        }

        context.Fail();
    }
}
loading