|
@@ -2,6 +2,7 @@
|
|
|
// Licensed under MIT license. See License.txt in the project root for license information.
|
|
// Licensed under MIT license. See License.txt in the project root for license information.
|
|
|
|
|
|
|
|
using System.Security.Claims;
|
|
using System.Security.Claims;
|
|
|
|
|
+using Hotline.SeedData;
|
|
|
using IdentityModel;
|
|
using IdentityModel;
|
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
|
|
|
|
|
@@ -33,11 +34,16 @@ namespace Hotline.Permissions
|
|
|
if (scops.Any(d => d == "hotline_api"))
|
|
if (scops.Any(d => d == "hotline_api"))
|
|
|
{
|
|
{
|
|
|
var roles = context.User.Claims.Where(d => d.Type == ClaimTypes.Role).Select(d => d.Value).ToList();
|
|
var roles = context.User.Claims.Where(d => d.Type == ClaimTypes.Role).Select(d => d.Value).ToList();
|
|
|
- var permissions = _permissionManager.RolesToPermissions(roles);
|
|
|
|
|
-
|
|
|
|
|
-
|
|
|
|
|
- if (permissions.Any(d => requirement.PermissionName == d))
|
|
|
|
|
|
|
+ if (roles.Exists(d => d == RoleSeedData.AdminRole))
|
|
|
|
|
+ {
|
|
|
context.Succeed(requirement);
|
|
context.Succeed(requirement);
|
|
|
|
|
+ }
|
|
|
|
|
+ else
|
|
|
|
|
+ {
|
|
|
|
|
+ var permissions = _permissionManager.RolesToPermissions(roles);
|
|
|
|
|
+ if (permissions.Any(d => requirement.PermissionName == d))
|
|
|
|
|
+ context.Succeed(requirement);
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
return Task.CompletedTask;
|
|
return Task.CompletedTask;
|
xf