tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Headless CMS and Content Managment Hub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5431 Commits
10 Branches
150 Tags
122 MiB
 
 
 
 
 
Tree: cc1db76e23
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cc1db76e23'
${ noResults }
squidex/backend/src/Squidex.Domain.Apps.Entities/Contents/DomainObject/Guards/SecurityExtensions.cs

41 lines
1.4 KiB
Raw Blame History

// ==========================================================================
// Squidex Headless CMS
// ==========================================================================
// Copyright (c) Squidex UG (haftungsbeschraenkt)
// All rights reserved. Licensed under the MIT license.
// ==========================================================================
using Squidex.Infrastructure;
using Squidex.Infrastructure.Translations;
using Squidex.Shared;
using Squidex.Shared.Identity;
namespace Squidex.Domain.Apps.Entities.Contents.DomainObject.Guards
{
public static class SecurityExtensions
{
public static void MustHavePermission(this ContentOperation context, string permissionId)
{
var content = context.Snapshot;
if (Equals(content.CreatedBy, context.Actor) || context.User == null)
{
return;
}
var permissions = context.User?.Claims.Permissions();
if (permissions == null)
{
throw new DomainForbiddenException(T.Get("common.errorNoPermission"));
}
var permission = PermissionIds.ForApp(permissionId, context.App.Name, context.Schema.SchemaDef.Name);
if (!permissions.Allows(permission))
{
throw new DomainForbiddenException(T.Get("common.errorNoPermission"));
}
}
}
}