DD.WellWorkover.Cloud/AsbCloudWebApi/Middlewares/PermissionsMiddlware.cs

83 lines
2.7 KiB
C#
Raw Permalink Normal View History

using AsbCloudApp.Repositories;
using AsbCloudApp.Services;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Threading.Tasks;
2024-08-19 10:01:07 +05:00
namespace AsbCloudWebApi.Middlewares;
public class PermissionsMiddlware
{
2024-08-19 10:01:07 +05:00
private readonly RequestDelegate next;
private readonly UserConnectionsLimitMiddlware userConnectionsLimitMiddlware;
2023-05-19 16:51:41 +05:00
2024-08-19 10:01:07 +05:00
public PermissionsMiddlware(RequestDelegate next, IConfiguration configuration)
{
2024-08-19 10:01:07 +05:00
this.next = next;
userConnectionsLimitMiddlware = new UserConnectionsLimitMiddlware(next, configuration);
}
2024-08-19 10:01:07 +05:00
public async Task InvokeAsync(HttpContext context)
{
var endpoint = context.GetEndpoint();
var permission = endpoint?.Metadata.GetMetadata<PermissionAttribute>();
if (permission is null)
{
2024-08-19 10:01:07 +05:00
await next(context);
return;
}
2024-08-19 10:01:07 +05:00
var idUser = context.User.GetUserId();
if (idUser is null)
{
2024-08-19 10:01:07 +05:00
await context.ForbidAsync();
return;
}
2024-08-19 10:01:07 +05:00
var controllerName = endpoint!.Metadata
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
?.ControllerName;
2024-08-19 10:01:07 +05:00
bool isAuthorized;
if (idUser == 1)
isAuthorized = true;
else
{
var permissionName = permission.Name;
if (string.IsNullOrEmpty(permissionName))
{
2024-08-19 10:01:07 +05:00
var httpMethod = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Routing.HttpMethodMetadata>()
?.HttpMethods[0]
.ToLower();
2024-08-19 10:01:07 +05:00
permissionName = httpMethod switch
{
2024-08-19 10:01:07 +05:00
"get" or "delete" => $"{controllerName}.{httpMethod}",
"post" or "put" or "patch" => $"{controllerName}.edit",
_ => throw new NotImplementedException(),
};
PermissionAttribute.Registered.Add(permissionName);
}
else if (permissionName.Contains("[controller]"))
{
permissionName = permissionName.Replace("[controller]", controllerName);
PermissionAttribute.Registered.Add(permissionName);
}
2024-08-19 10:01:07 +05:00
var userService = context.RequestServices.GetRequiredService<IUserRepository>();
isAuthorized = userService.HasPermission(idUser.Value, permissionName);
}
2023-05-19 16:51:41 +05:00
2024-08-19 10:01:07 +05:00
if (isAuthorized)
await userConnectionsLimitMiddlware.InvokeAsync(context, idUser!.Value, controllerName!);
else
await context.ForbidAsync();
}
}