on.nemtina/DD.WellWorkover.Cloud
1
0
Fork 0
forked from ddrilling/AsbCloudServer
Code Pull Requests Activity
c6bfeb4e04
DD.WellWorkover.Cloud/AsbCloudWebApi/Middlewares/PermissionsMiddlware.cs

84 lines
2.9 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

using AsbCloudApp.Services;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Threading.Tasks;
namespace AsbCloudWebApi.Middlewares
{
public class PermissionsMiddlware
{
private readonly RequestDelegate next;
public PermissionsMiddlware(RequestDelegate next)
{
this.next = next;
}
public async Task InvokeAsync(HttpContext context)
{
var endpoint = context.GetEndpoint();
var permission = endpoint?.Metadata.GetMetadata<PermissionAttribute>();
if (permission is null)
{
await next(context);
return;
}
var idUser = context.User.GetUserId();
if (idUser is null)
{
context.User = null;
await context.ForbidAsync();
return;
}
bool isAuthorized;
if (idUser == 1)
isAuthorized = true;
else
{
var permissionName = permission.Name;
if (string.IsNullOrEmpty(permissionName))
{
var controller = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
?.ControllerName;
var httpMethod = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Routing.HttpMethodMetadata>()
.HttpMethods[0]
.ToLower();
permissionName = httpMethod switch
{
"get" or "delete" => $"{controller}.{httpMethod}",
"post" or "put" or "patch" => $"{controller}.edit",
_ => throw new NotImplementedException(),
};
PermissionAttribute.Registered.Add(permissionName);
}
else if (permissionName.Contains("[controller]"))
{
var controller = endpoint.Metadata
.GetMetadata<Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor>()
?.ControllerName;
permissionName = permissionName.Replace("[controller]", controller);
PermissionAttribute.Registered.Add(permissionName);
}
var userService = context.RequestServices.GetRequiredService<IUserService>();
isAuthorized = userService.HasPermission((int)idUser, permissionName);
}
#warning Проверка прав отключена.
isAuthorized = true;
if (isAuthorized)
await next?.Invoke(context);
else
await context.ForbidAsync();
}
}
}
View Git Blame Copy Permalink