Added permission checks to all controllers. Added role permission loading. Added frontend permission checks. Implemented user logout in admin panel.

2026-01-16 13:07:19 +01:00
parent bee381702b
commit a28b8aca7a
24 changed files with 401 additions and 62 deletions
--- a/Moonlight.Frontend/UI/Shared/Partials/AppSidebar.razor
+++ b/Moonlight.Frontend/UI/Shared/Partials/AppSidebar.razor
@@ -1,8 +1,11 @@
-@using Moonlight.Frontend.Interfaces
+@using Microsoft.AspNetCore.Authorization
+@using Microsoft.AspNetCore.Components.Authorization
+@using Moonlight.Frontend.Interfaces
@using Moonlight.Frontend.Models
@using ShadcnBlazor.Sidebars

@inject NavigationManager Navigation
+@inject IAuthorizationService AuthorizationService
@inject IEnumerable<ISidebarProvider> Providers

@implements IDisposable
@@ -68,15 +71,30 @@

@code
 {
+    [CascadingParameter] public Task<AuthenticationState> AuthState { get; set; }
+    
    private readonly List<SidebarItem> Items = new();

    protected override async Task OnInitializedAsync()
    {
+        var authState = await AuthState;
+        
        foreach (var provider in Providers)
        {
-            Items.AddRange(
-                await provider.GetItemsAsync()
-            );
+            var items = await provider.GetItemsAsync();
+            
+            foreach (var item in items)
+            {
+                if (!string.IsNullOrWhiteSpace(item.Policy))
+                {
+                    var result = await AuthorizationService.AuthorizeAsync(authState.User, item.Policy);
+                    
+                    if(!result.Succeeded)
+                        continue;
+                }
+                
+                Items.Add(item);
+            }
        }
        
        Navigation.LocationChanged += OnLocationChanged;