From 9d7de5686d6b870b3858282def1886cd5d742177 Mon Sep 17 00:00:00 2001
From: Warren Buckley <warren@hackmakedo.com>
Date: Mon, 16 Dec 2024 21:36:44 +0000
Subject: [PATCH] Improves the logic by using the newer
 IContentPermissionService

---
 .../Auth/HasUmbracoPermissionHandler.cs       | 50 ++++++++++++++-----
 1 file changed, 37 insertions(+), 13 deletions(-)

diff --git a/ExaminePeek/Auth/HasUmbracoPermissionHandler.cs b/ExaminePeek/Auth/HasUmbracoPermissionHandler.cs
index 9b9818e..2b8d282 100644
--- a/ExaminePeek/Auth/HasUmbracoPermissionHandler.cs
+++ b/ExaminePeek/Auth/HasUmbracoPermissionHandler.cs
@@ -1,8 +1,9 @@
 using Microsoft.AspNetCore.Authorization;
-using Umbraco.Cms.Core;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Routing;
 using Umbraco.Cms.Core.Security.Authorization;
 using Umbraco.Cms.Core.Services;
-using Umbraco.Extensions;
+using Umbraco.Cms.Core.Services.AuthorizationStatus;
 
 namespace ExaminePeek.Auth
 {
@@ -10,27 +11,50 @@ public class HasUmbracoPermissionHandler : AuthorizationHandler<HasUmbracoPermis
 	{
 		private readonly IAuthorizationHelper _authorizationHelper;
 		private readonly IUserService _userService;
+		private readonly IHttpContextAccessor _httpContextAccessor;
+		private readonly IContentPermissionService _contentPermissionService;
 
-		public HasUmbracoPermissionHandler(IAuthorizationHelper authorizationHelper, IUserService userService)
+		public HasUmbracoPermissionHandler(IAuthorizationHelper authorizationHelper, IUserService userService, IHttpContextAccessor httpContextAccessor, IContentPermissionService contentPermissionService)
 		{
-			_authorizationHelper = authorizationHelper;
-			_userService = userService;
+			_authorizationHelper = authorizationHelper ?? throw new ArgumentNullException(nameof(authorizationHelper));
+			_userService = userService ?? throw new ArgumentNullException(nameof(userService));
+			_httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
+			_contentPermissionService = contentPermissionService ?? throw new ArgumentNullException(nameof(contentPermissionService));
 		}
-		
-		protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, HasUmbracoPermissionRequirement requirement)
+
+		protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, HasUmbracoPermissionRequirement requirement)
 		{
+			if (context.User.Identity?.IsAuthenticated is false)
+			{
+				context.Fail();
+				return;
+			}
+				
 			var umbracoUser = _authorizationHelper.GetUmbracoUser(context.User);
-			var permissions = umbracoUser.GetPermissions(Constants.System.RootString, _userService);
-			var hasPermission = permissions.Contains(requirement.Permission);
-
-			if (hasPermission)
+			var httpContext = _httpContextAccessor.HttpContext;
+			
+			var documentKey = httpContext?.GetRouteValue("key")?.ToString();
+			if (Guid.TryParse(documentKey, out var parsedKey))
+			{
+				var checkPermission =  await _contentPermissionService.AuthorizeAccessAsync(umbracoUser, parsedKey, requirement.Permission);
+				if (checkPermission == ContentAuthorizationStatus.Success)
+				{
+					context.Succeed(requirement);
+					return;
+				}
+				
+				context.Fail();
+				return;
+			}
+			
+			var checkRootPermission = await _contentPermissionService.AuthorizeRootAccessAsync(umbracoUser, requirement.Permission);
+			if (checkRootPermission == ContentAuthorizationStatus.Success)
 			{
 				context.Succeed(requirement);
-				return Task.CompletedTask;
+				return;
 			}
 			
 			context.Fail();
-			return Task.CompletedTask;
 		}
 	}
 }
\ No newline at end of file