34 lines
945 B
Plaintext
34 lines
945 B
Plaintext
@using HopFrame.Security.Authorization
|
|
@using HopFrame.Security.Claims
|
|
@using Microsoft.AspNetCore.Http
|
|
|
|
@if (IsAuthorized()) {
|
|
@ChildContent
|
|
}
|
|
|
|
@inject ITokenContext Auth
|
|
@inject IHttpContextAccessor HttpAccessor
|
|
|
|
@code {
|
|
[Parameter]
|
|
public string[] Permissions { get; set; }
|
|
|
|
[Parameter]
|
|
public string Permission { get; set; }
|
|
|
|
[Parameter]
|
|
public RenderFragment ChildContent { get; set; }
|
|
|
|
private bool IsAuthorized() {
|
|
if (!Auth.IsAuthenticated) return false;
|
|
if (Permissions.Length == 0 && string.IsNullOrEmpty(Permission)) return true;
|
|
|
|
var perms = new List<string>(Permissions);
|
|
if (!string.IsNullOrEmpty(Permission)) perms.Add(Permission);
|
|
|
|
var permissions = HttpAccessor.HttpContext?.User.GetPermissions();
|
|
if (!perms.All(perm => PermissionValidator.IncludesPermission(perm, permissions))) return false;
|
|
|
|
return true;
|
|
}
|
|
} |