WIP

2017-01-19 12:59:49 +01:00
parent 3118b2b14e
commit 8f0a2439b7
60 changed files with 874 additions and 209 deletions
--- a/Yavsc/ViewModels/Auth/Handlers/PostUserFileHandler.cs
+++ b/Yavsc/ViewModels/Auth/Handlers/PostUserFileHandler.cs
@ -0,0 +1,21 @@
+using System.Security.Claims;
+using Microsoft.AspNet.Authorization;
+
+namespace Yavsc.ViewModels.Auth.Handlers
+{
+    public class PostUserFileHandler : AuthorizationHandler<EditRequirement, FileSpotInfo>
+    {
+        protected override void Handle(AuthorizationContext context, EditRequirement requirement, FileSpotInfo resource)
+        {
+            if (context.User.IsInRole(Constants.BlogModeratorGroupName)
+            || context.User.IsInRole(Constants.AdminGroupName))
+                context.Succeed(requirement);
+            if (!context.User.Identity.IsAuthenticated)
+                context.Fail();
+            if (resource.AuthorId == context.User.GetUserId())
+                context.Succeed(requirement);
+            else context.Fail();
+        }
+
+    }
+}