nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-17 07:30:59 -05:00
Code Activity

try IAuthorizationRequirementData

Browse Source
This commit is contained in:
Thomas Rittson
2025-03-21 12:05:35 +10:00
parent 1c697544b8
commit dd67c41ed7
3 changed files with 26 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/Core/AdminConsole/OrganizationFeatures/RoleAuthorizationHandler.cs
View File

@ -6,11 +6,25 @@ using Microsoft.AspNetCore.Routing;
namespace Bit.Core.AdminConsole.OrganizationFeatures;
public record RoleRequirement(OrganizationUserType Role) : IAuthorizationRequirement;
public class RoleAuthorizationHandler(ICurrentContext currentContext, IHttpContextAccessor httpContextAccessor) : AuthorizationHandler<RoleRequirement>
public class RoleRequirementAttribute
: AuthorizeAttribute, IAuthorizationRequirement, IAuthorizationRequirementData
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleRequirement requirement)
public OrganizationUserType Role { get; set; }
public RoleRequirementAttribute(OrganizationUserType type)
{
Role = type;
}
public IEnumerable<IAuthorizationRequirement> GetRequirements()
{
yield return this;
}
}
public class RoleAuthorizationHandler(ICurrentContext currentContext, IHttpContextAccessor httpContextAccessor) : AuthorizationHandler<RoleRequirementAttribute>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, RoleRequirementAttribute requirementAttribute)
{
if (httpContextAccessor.HttpContext is null)
{
@ -26,9 +40,9 @@ public class RoleAuthorizationHandler(ICurrentContext currentContext, IHttpConte
// This could be an extension method on ClaimsPrincipal
var orgClaims = currentContext.GetOrganization(orgId);
if (orgClaims?.Type == requirement.Role)
if (orgClaims?.Type == requirementAttribute.Role)
{
context.Succeed(requirement);
context.Succeed(requirementAttribute);
}
return Task.CompletedTask;