PermissionsMiddlware Add ulimate admin? check by idUser == 1

This commit is contained in:
Фролов 2022-01-21 17:33:28 +05:00
parent 8633616481
commit c6bfeb4e04

View File

@ -34,39 +34,47 @@ namespace AsbCloudWebApi.Middlewares
return; return;
} }
var permissionName = permission.Name; bool isAuthorized;
if (string.IsNullOrEmpty(permissionName)) if (idUser == 1)
isAuthorized = true;
else
{ {
var controller = endpoint.Metadata var permissionName = permission.Name;
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>() if (string.IsNullOrEmpty(permissionName))
?.ControllerName;
var httpMethod = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Routing.HttpMethodMetadata>()
.HttpMethods[0]
.ToLower();
permissionName = httpMethod switch
{ {
"get" or "delete" => $"{controller}.{httpMethod}", var controller = endpoint.Metadata
"post" or "put" or "patch" => $"{controller}.edit", .GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
_ => throw new NotImplementedException(), ?.ControllerName;
};
PermissionAttribute.Registered.Add(permissionName); var httpMethod = endpoint.Metadata
} .GetMetadata<Microsoft.AspNetCore.Routing.HttpMethodMetadata>()
else if(permissionName.Contains("[controller]")) .HttpMethods[0]
{ .ToLower();
var controller = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>() permissionName = httpMethod switch
?.ControllerName; {
permissionName = permissionName.Replace("[controller]", controller); "get" or "delete" => $"{controller}.{httpMethod}",
PermissionAttribute.Registered.Add(permissionName); "post" or "put" or "patch" => $"{controller}.edit",
_ => throw new NotImplementedException(),
};
PermissionAttribute.Registered.Add(permissionName);
}
else if (permissionName.Contains("[controller]"))
{
var controller = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
?.ControllerName;
permissionName = permissionName.Replace("[controller]", controller);
PermissionAttribute.Registered.Add(permissionName);
}
var userService = context.RequestServices.GetRequiredService<IUserService>();
isAuthorized = userService.HasPermission((int)idUser, permissionName);
} }
var userService = context.RequestServices.GetRequiredService<IUserService>(); #warning Проверка прав отключена.
var isAuthorized = userService.HasPermission((int)idUser, permissionName); isAuthorized = true;
if (isAuthorized)
if(isAuthorized)
await next?.Invoke(context); await next?.Invoke(context);
else else
await context.ForbidAsync(); await context.ForbidAsync();