Migrate API to ASP.NET Core Auth services + refactor

PluralKit.API/Authorization/MemberOwnerHandler.cs

@@ -0,0 +1,19 @@
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Authorization;
+
+using PluralKit.Core;
+
+namespace PluralKit.API
+{
+    public class MemberOwnerHandler: AuthorizationHandler<OwnSystemRequirement, PKMember> {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
+                                                       OwnSystemRequirement requirement, PKMember resource)
+        {
+            if (!context.User.Identity.IsAuthenticated) return Task.CompletedTask;
+            if (resource.System == context.User.CurrentSystem())
+                context.Succeed(requirement);
+            return Task.CompletedTask;
+        }
+    }
+}

PluralKit.API/Authorization/MemberPrivacyHandler.cs

@@ -0,0 +1,21 @@
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Authorization;
+
+using PluralKit.Core;
+
+namespace PluralKit.API
+{
+    public class MemberPrivacyHandler: AuthorizationHandler<PrivacyRequirement<PKMember>, PKMember>
+    {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
+                                                       PrivacyRequirement<PKMember> requirement, PKMember resource)
+        {
+            var level = requirement.Mapper(resource);
+            var ctx = context.User.ContextFor(resource);
+            if (level.CanAccess(ctx))
+                context.Succeed(requirement);
+            return Task.CompletedTask;
+        }
+    }
+}

PluralKit.API/Authorization/OwnSystemRequirement.cs

@@ -0,0 +1,6 @@
+using Microsoft.AspNetCore.Authorization;
+
+namespace PluralKit.API
+{
+    public class OwnSystemRequirement: IAuthorizationRequirement { }
+}

PluralKit.API/Authorization/PrivacyRequirement.cs

@@ -0,0 +1,18 @@
+using System;
+
+using Microsoft.AspNetCore.Authorization;
+
+using PluralKit.Core;
+
+namespace PluralKit.API
+{
+    public class PrivacyRequirement<T>: IAuthorizationRequirement
+    {
+        public readonly Func<T, PrivacyLevel> Mapper;
+        
+        public PrivacyRequirement(Func<T, PrivacyLevel> mapper)
+        {
+            Mapper = mapper;
+        }
+    }
+}

PluralKit.API/Authorization/SystemOwnerHandler.cs

@@ -0,0 +1,20 @@
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Authorization;
+
+using PluralKit.Core;
+
+namespace PluralKit.API
+{
+    public class SystemOwnerHandler: AuthorizationHandler<OwnSystemRequirement, PKSystem>
+    {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
+                                                       OwnSystemRequirement requirement, PKSystem resource)
+        {
+            if (!context.User.Identity.IsAuthenticated) return Task.CompletedTask;
+            if (resource.Id == context.User.CurrentSystem()) 
+                context.Succeed(requirement);
+            return Task.CompletedTask;
+        }
+    }
+}

PluralKit.API/Authorization/SystemPrivacyHandler.cs

@@ -0,0 +1,21 @@
+using System.Threading.Tasks;
+
+using Microsoft.AspNetCore.Authorization;
+
+using PluralKit.Core;
+
+namespace PluralKit.API
+{
+    public class SystemPrivacyHandler: AuthorizationHandler<PrivacyRequirement<PKSystem>, PKSystem>
+    {
+        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context,
+                                                       PrivacyRequirement<PKSystem> requirement, PKSystem resource)
+        {
+            var level = requirement.Mapper(resource);
+            var ctx = context.User.ContextFor(resource);
+            if (level.CanAccess(ctx))
+                context.Succeed(requirement);
+            return Task.CompletedTask;
+        }
+    }
+}