mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-02-22 14:22:40 +01:00
Code Issues Projects Releases Packages Wiki Activity

Avoid NRE on PermissionTagHelper

Browse source
This commit is contained in:
nicolas.dorier 2022-02-10 18:37:07 +09:00
parent 5d4d8a3422
commit 3fe71e7bdc
No known key found for this signature in database
GPG key ID: 6618763EF09186FE
1 changed files with 8 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
BTCPayServer/TagHelpers/PermissionTagHelper.cs
View file

@ -1,3 +1,4 @@
#nullable enable
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
@ -26,22 +27,20 @@ public class PermissionTagHelper : TagHelper
public override async Task ProcessAsync(TagHelperContext context, TagHelperOutput output)
{
if (string.IsNullOrEmpty(Permission))
{
return;
}
if (_httpContextAccessor.HttpContext is null)
return;
var key = $"{Permission}_{PermissionResource}";
if (!_httpContextAccessor.HttpContext.Items.TryGetValue(key, out var cachedResult))
if (!_httpContextAccessor.HttpContext.Items.TryGetValue(key, out var o) ||
o is not AuthorizationResult res)
{
var result = await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User,
res = await _authorizationService.AuthorizeAsync(_httpContextAccessor.HttpContext.User,
PermissionResource,
Permission);
cachedResult = result;
_httpContextAccessor.HttpContext.Items.Add(key, result);
_httpContextAccessor.HttpContext.Items.Add(key, res);
}
if (!((AuthorizationResult)cachedResult).Succeeded)
if (!res.Succeeded)
{
output.SuppressOutput();
}