// Copyright (c) Umbraco.
// See LICENSE for more details.
using Microsoft.AspNetCore.Authorization;
using Umbraco.Cms.Core.Security;
namespace Umbraco.Cms.Web.BackOffice.Authorization;
///
/// Ensures that the current user has access to the section
///
///
/// The user only needs access to one of the sections specified, not all of the sections.
///
public class SectionHandler : MustSatisfyRequirementAuthorizationHandler
{
private readonly IBackOfficeSecurityAccessor _backOfficeSecurityAccessor;
///
/// Initializes a new instance of the class.
///
/// Accessor for back-office security.
public SectionHandler(IBackOfficeSecurityAccessor backOfficeSecurityAccessor) =>
_backOfficeSecurityAccessor = backOfficeSecurityAccessor;
///
protected override Task IsAuthorized(AuthorizationHandlerContext context, SectionRequirement requirement)
{
var authorized = _backOfficeSecurityAccessor.BackOfficeSecurity?.CurrentUser != null &&
requirement.SectionAliases
.Any(app => _backOfficeSecurityAccessor.BackOfficeSecurity.UserHasSectionAccess(
app, _backOfficeSecurityAccessor.BackOfficeSecurity.CurrentUser));
return Task.FromResult(authorized);
}
}