Allow value type resources for AuthZ

2016-01-04 13:30:40 -08:00 · 2016-01-04 13:30:40 -08:00 · f195ed3bab
parent d38fb1e49d
commit f195ed3bab
2 changed files with 35 additions and 5 deletions
--- a/src/Microsoft.AspNet.Authorization/AuthorizationHandler.cs
+++ b/src/Microsoft.AspNet.Authorization/AuthorizationHandler.cs
@ -35,7 +35,6 @@ namespace Microsoft.AspNet.Authorization
    }
    public abstract class AuthorizationHandler<TRequirement, TResource> : IAuthorizationHandler
        where TResource : class
        where TRequirement : IAuthorizationRequirement
    {
        public virtual async Task HandleAsync(AuthorizationContext context)
@ -57,13 +56,11 @@ namespace Microsoft.AspNet.Authorization
        public virtual void Handle(AuthorizationContext context)
        {
-            var resource = context.Resource as TResource;
+            if (context.Resource is TResource)
            // REVIEW: should we allow null resources?
            if (resource != null)
            {
                foreach (var req in context.Requirements.OfType<TRequirement>())
                {
-                    Handle(context, req, resource);
+                    Handle(context, req, (TResource)context.Resource);
                }
            }
        }
--- a/test/Microsoft.AspNet.Authorization.Test/DefaultAuthorizationServiceTests.cs
+++ b/test/Microsoft.AspNet.Authorization.Test/DefaultAuthorizationServiceTests.cs
@ -817,6 +817,39 @@ namespace Microsoft.AspNet.Authorization.Test
            }
        }
        public class EvenHandler : AuthorizationHandler<OperationAuthorizationRequirement, int>
        {
            protected override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement, int id)
            {
                if (id % 2 == 0)
                {
                    context.Succeed(requirement);
                }
            }
        }
        [Fact]
        public async Task CanUseValueTypeResource()
        {
            // Arrange
            var authorizationService = BuildAuthorizationService(services =>
            {
                services.AddTransient<IAuthorizationHandler, EvenHandler>();
            });
            var user = new ClaimsPrincipal(
                new ClaimsIdentity(
                    new Claim[] {
                    },
                    "AuthType")
                );
            // Act
            // Assert
            Assert.False(await authorizationService.AuthorizeAsync(user, 1, Operations.Edit));
            Assert.True(await authorizationService.AuthorizeAsync(user, 2, Operations.Edit));
        }
        [Fact]
        public async Task DoesNotCallHandlerWithWrongResourceType()
        {