New project file, added Aspire, moved security

This commit is contained in:
James Wampler
2026-06-03 18:44:48 -07:00
parent 4c6df1f037
commit d3b36956e4
78 changed files with 2786 additions and 21210 deletions

View File

@@ -0,0 +1,54 @@
using System.IdentityModel.Tokens.Jwt;
using MicCheck.Api.Data;
using MicCheck.Api.Organizations;
using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
namespace MicCheck.Api.Common.Security.Authorization;
public class ProjectPermissionRequirementHandler(
MicCheckDbContext db,
IHttpContextAccessor httpContextAccessor)
: AuthorizationHandler<ProjectPermissionRequirement>
{
protected override async Task HandleRequirementAsync(
AuthorizationHandlerContext context,
ProjectPermissionRequirement requirement)
{
var userIdClaim = context.User.FindFirst(JwtRegisteredClaimNames.Sub);
if (userIdClaim is null || !int.TryParse(userIdClaim.Value, out var userId))
{
context.Fail();
return;
}
if (context.User.HasClaim("OrganizationRole", OrganizationRole.Admin.ToString()))
{
context.Succeed(requirement);
return;
}
var httpContext = httpContextAccessor.HttpContext;
if (httpContext is null ||
!httpContext.Request.RouteValues.TryGetValue("projectId", out var projectIdValue) ||
!int.TryParse(projectIdValue?.ToString(), out var projectId))
{
context.Fail();
return;
}
var permission = await db.UserProjectPermissions
.FirstOrDefaultAsync(p => p.UserId == userId && p.ProjectId == projectId);
if (permission is null)
{
context.Fail();
return;
}
if (permission.IsAdmin || permission.Permissions.Contains(requirement.Permission))
context.Succeed(requirement);
else
context.Fail();
}
}