Allow value type resources for AuthZ

2016-01-04 13:30:40 -08:00 · 2016-01-04 13:30:40 -08:00 · f195ed3bab
parent d38fb1e49d
commit f195ed3bab
2 changed files with 35 additions and 5 deletions
--- a/src/Microsoft.AspNet.Authorization/AuthorizationHandler.cs
+++ b/src/Microsoft.AspNet.Authorization/AuthorizationHandler.cs
@ -35,7 +35,6 @@ namespace Microsoft.AspNet.Authorization
    }

    public abstract class AuthorizationHandler<TRequirement, TResource> : IAuthorizationHandler
-        where TResource : class
        where TRequirement : IAuthorizationRequirement
    {
        public virtual async Task HandleAsync(AuthorizationContext context)
@ -57,13 +56,11 @@ namespace Microsoft.AspNet.Authorization

        public virtual void Handle(AuthorizationContext context)
        {
-            var resource = context.Resource as TResource;
-            // REVIEW: should we allow null resources?
-            if (resource != null)
+            if (context.Resource is TResource)
            {
                foreach (var req in context.Requirements.OfType<TRequirement>())
                {
-                    Handle(context, req, resource);
+                    Handle(context, req, (TResource)context.Resource);
                }
            }
        }
--- a/test/Microsoft.AspNet.Authorization.Test/DefaultAuthorizationServiceTests.cs
+++ b/test/Microsoft.AspNet.Authorization.Test/DefaultAuthorizationServiceTests.cs
@ -817,6 +817,39 @@ namespace Microsoft.AspNet.Authorization.Test
            }
        }

+        public class EvenHandler : AuthorizationHandler<OperationAuthorizationRequirement, int>
+        {
+            protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, int id)
+            {
+                if (id % 2 == 0)
+                {
+                    context.Succeed(requirement);
+                }
+            }
+        }
+
+        [Fact]
+        public async Task CanUseValueTypeResource()
+        {
+            // Arrange
+            var authorizationService = BuildAuthorizationService(services =>
+            {
+                services.AddTransient<IAuthorizationHandler, EvenHandler>();
+            });
+            var user = new ClaimsPrincipal(
+                new ClaimsIdentity(
+                    new Claim[] {
+                    },
+                    "AuthType")
+                );
+
+            // Act
+            // Assert
+            Assert.False(await authorizationService.AuthorizeAsync(user, 1, Operations.Edit));
+            Assert.True(await authorizationService.AuthorizeAsync(user, 2, Operations.Edit));
+        }
+
+
        [Fact]
        public async Task DoesNotCallHandlerWithWrongResourceType()
        {