Skip to content

Commit 2c2884b

Browse files
committed
minimize diff
1 parent 34ee24e commit 2c2884b

2 files changed

Lines changed: 14 additions & 14 deletions

File tree

src/ServiceControl.Hosting/Auth/PermissionVerbHandler.cs

Lines changed: 1 addition & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ protected override Task HandleRequirementAsync(
4242
var roles = context.User.FindAll(ClaimTypes.Role).Select(claim => claim.Value).ToArray();
4343
var permission = requirement.Permission;
4444

45-
if (IsGranted(roles, permission))
45+
if (RolePermissions.IsGranted(roles, permission))
4646
{
4747
auditLog.Decision(
4848
subjectId,
@@ -71,17 +71,4 @@ protected override Task HandleRequirementAsync(
7171
// Leave the requirement unmet → the framework forbids (403).
7272
return Task.CompletedTask;
7373
}
74-
75-
static bool IsGranted(string[] roles, string permission)
76-
{
77-
foreach (var role in roles)
78-
{
79-
if (RolePermissions.Roles.TryGetValue(role, out var granted) && granted.Contains(permission))
80-
{
81-
return true;
82-
}
83-
}
84-
85-
return false;
86-
}
8774
}

src/ServiceControl.Infrastructure/Auth/RolePermissions.cs

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,4 +74,17 @@ public static class RolePermissions
7474
}.ToFrozenDictionary(StringComparer.OrdinalIgnoreCase);
7575

7676
static FrozenSet<string> ToSet(string[] permissions) => permissions.ToFrozenSet(StringComparer.Ordinal);
77+
78+
public static bool IsGranted(string[] roles, string permission)
79+
{
80+
foreach (var role in roles)
81+
{
82+
if (Roles.TryGetValue(role, out var granted) && granted.Contains(permission))
83+
{
84+
return true;
85+
}
86+
}
87+
88+
return false;
89+
}
7790
}

0 commit comments

Comments
 (0)