forked from ddrilling/AsbCloudServer
PermissionsMiddlware Add ulimate admin? check by idUser == 1
This commit is contained in:
parent
8633616481
commit
c6bfeb4e04
@ -34,6 +34,11 @@ namespace AsbCloudWebApi.Middlewares
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool isAuthorized;
|
||||||
|
if (idUser == 1)
|
||||||
|
isAuthorized = true;
|
||||||
|
else
|
||||||
|
{
|
||||||
var permissionName = permission.Name;
|
var permissionName = permission.Name;
|
||||||
if (string.IsNullOrEmpty(permissionName))
|
if (string.IsNullOrEmpty(permissionName))
|
||||||
{
|
{
|
||||||
@ -54,7 +59,7 @@ namespace AsbCloudWebApi.Middlewares
|
|||||||
};
|
};
|
||||||
PermissionAttribute.Registered.Add(permissionName);
|
PermissionAttribute.Registered.Add(permissionName);
|
||||||
}
|
}
|
||||||
else if(permissionName.Contains("[controller]"))
|
else if (permissionName.Contains("[controller]"))
|
||||||
{
|
{
|
||||||
var controller = endpoint.Metadata
|
var controller = endpoint.Metadata
|
||||||
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
|
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
|
||||||
@ -64,9 +69,12 @@ namespace AsbCloudWebApi.Middlewares
|
|||||||
}
|
}
|
||||||
|
|
||||||
var userService = context.RequestServices.GetRequiredService<IUserService>();
|
var userService = context.RequestServices.GetRequiredService<IUserService>();
|
||||||
var isAuthorized = userService.HasPermission((int)idUser, permissionName);
|
isAuthorized = userService.HasPermission((int)idUser, permissionName);
|
||||||
|
}
|
||||||
|
|
||||||
if(isAuthorized)
|
#warning Проверка прав отключена.
|
||||||
|
isAuthorized = true;
|
||||||
|
if (isAuthorized)
|
||||||
await next?.Invoke(context);
|
await next?.Invoke(context);
|
||||||
else
|
else
|
||||||
await context.ForbidAsync();
|
await context.ForbidAsync();
|
||||||
|
Loading…
Reference in New Issue
Block a user