网站首页 网站源码
站点相关全部源代码,隐藏了一些关于服务器的信息
using Dpz.Core.WebApi.Service;
namespace Dpz.Core.WebApi.Security;
internal class PermissionHandler(ICurrentUserService currentUserService)
: AuthorizationHandler<PermissionRequirement>
{
protected override async Task HandleRequirementAsync(
AuthorizationHandlerContext context,
PermissionRequirement requirement
)
{
if (string.IsNullOrEmpty(currentUserService.Account))
{
context.Fail();
return;
}
var user = await currentUserService.GetIdentityAsync();
if (user?.Permissions == null)
{
context.Fail();
return;
}
if (Enum.TryParse<Permissions>(requirement.Permission, out var requiredPermission))
{
if (user.Permissions.Value.HasFlag(requiredPermission))
{
context.Succeed(requirement);
return;
}
}
context.Fail();
}
}
