yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36b3a2b62a90bec2b98b276f4d7d6596b527fcfa
Umbraco-CMS/src/Umbraco.Web.BackOffice/Authorization/ContentPermissionsResourceHandler.cs
Shannon 36b3a2b62a fixes media authz resource policies
2020-11-30 19:38:55 +11:00

42 lines
1.9 KiB
C#
Raw Blame History

using Microsoft.AspNetCore.Authorization;
using System.Threading.Tasks;
using Umbraco.Core.Models;
using Umbraco.Core.Security;
using Umbraco.Core.Services;
namespace Umbraco.Web.BackOffice.Authorization
{
/// <summary>
/// Used to authorize if the user has the correct permission access to the content for the <see cref="IContent"/> specified
/// </summary>
public class ContentPermissionsResourceHandler : MustSatisfyRequirementAuthorizationHandler<ContentPermissionsResourceRequirement, ContentPermissionsResource>
{
private readonly IBackOfficeSecurityAccessor _backofficeSecurityAccessor;
private readonly ContentPermissions _contentPermissions;
public ContentPermissionsResourceHandler(
IBackOfficeSecurityAccessor backofficeSecurityAccessor,
ContentPermissions contentPermissions)
{
_backofficeSecurityAccessor = backofficeSecurityAccessor;
_contentPermissions = contentPermissions;
}
protected override Task<bool> IsAuthorized(AuthorizationHandlerContext context, ContentPermissionsResourceRequirement requirement, ContentPermissionsResource resource)
{
var permissionResult = resource.NodeId.HasValue
? _contentPermissions.CheckPermissions(
resource.NodeId.Value,
_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
out IContent _,
resource.PermissionsToCheck)
: _contentPermissions.CheckPermissions(
resource.Content,
_backofficeSecurityAccessor.BackOfficeSecurity.CurrentUser,
resource.PermissionsToCheck);
return Task.FromResult(permissionResult != ContentPermissions.ContentAccess.Denied);
}
}
}
Reference in New Issue View Git Blame Copy Permalink