// Copyright (c) Umbraco.
// See LICENSE for more details.
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
namespace Umbraco.Cms.Web.BackOffice.Authorization
{
///
/// Abstract handler that must satisfy the requirement so Succeed or Fail will be called no matter what.
///
/// Authorization requirement.
///
/// aspnetcore Authz handlers are not required to satisfy the requirement and generally don't explicitly call Fail when the requirement
/// isn't satisfied, however in many simple cases explicitly calling Succeed or Fail is what we want which is what this class is used for.
///
public abstract class MustSatisfyRequirementAuthorizationHandler : AuthorizationHandler
where T : IAuthorizationRequirement
{
///
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, T requirement)
{
var isAuth = await IsAuthorized(context, requirement);
if (isAuth)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
///
/// Return true if the requirement is succeeded or ignored, return false if the requirement is explicitly not met
///
/// The authorization context.
/// The authorization requirement.
/// True if request is authorized, false if not.
protected abstract Task IsAuthorized(AuthorizationHandlerContext context, T requirement);
}
///
/// Abstract handler that must satisfy the requirement so Succeed or Fail will be called no matter what.
///
/// Authorization requirement.
/// Resource to authorize access to.
///
/// aspnetcore Authz handlers are not required to satisfy the requirement and generally don't explicitly call Fail when the requirement
/// isn't satisfied, however in many simple cases explicitly calling Succeed or Fail is what we want which is what this class is used for.
///
public abstract class MustSatisfyRequirementAuthorizationHandler : AuthorizationHandler
where T : IAuthorizationRequirement
{
///
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, T requirement, TResource resource)
{
var isAuth = await IsAuthorized(context, requirement, resource);
if (isAuth)
{
context.Succeed(requirement);
}
else
{
context.Fail();
}
}
///
/// Return true if the requirement is succeeded or ignored, return false if the requirement is explicitly not met
///
/// The authorization context.
/// The authorization requirement.
/// The resource to authorize access to.
/// True if request is authorized, false if not.
protected abstract Task IsAuthorized(AuthorizationHandlerContext context, T requirement, TResource resource);
}
}