parse all available .access in the path

src/Yavsc/Services/FileSystemAuthManager.cs

@@ -57,11 +57,15 @@ namespace Yavsc.Services
                 _logger.LogInformation("Serving file to owner.");
                 return FileAccessRight.Read | FileAccessRight.Write;
             }
-            var aclfi = new FileInfo(Path.Combine(Environment.CurrentDirectory, fileDir, aclfileName));
-            // TODO default user scoped file access policy
-            if (!aclfi.Exists) return FileAccessRight.Read;
             ruleSetParser.Reset();
-            ruleSetParser.ParseFile(aclfi.FullName);
+            for (int dirlevel = parts.Length - 1; dirlevel>0; dirlevel--)
+            {
+                var aclfi = new FileInfo(Path.Combine(Environment.CurrentDirectory, fileDir, aclfileName));
+                if (!aclfi.Exists) continue;
+                ruleSetParser.ParseFile(aclfi.FullName);
+            }
+            // TODO default user scoped file access policy
+           
             if (ruleSetParser.Rules.Allow(user.GetUserName()))
                 return FileAccessRight.Read;
 

src/Yavsc/Startup/Startup.OAuthHelpers.cs

@@ -105,9 +105,11 @@ namespace Yavsc
 
                 var claims = new List<Claim>(
                         context.Scope.Select(x => new Claim("urn:oauth:scope", x))
-                );
+                )
-                claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id));
+                {
-                claims.Add(new Claim(ClaimTypes.Email, user.Email));
+                    new Claim(ClaimTypes.NameIdentifier, user.Id),
+                    new Claim(ClaimTypes.Email, user.Email)
+                };
                 claims.AddRange((await _usermanager.GetRolesAsync(user)).Select(
                     r => new Claim(ClaimTypes.Role, r)
                     ));