authorize method

  1. @override
Future<bool?> authorize(
  1. String? correlationId,
  2. String? userId,
  3. List<String> roles
)
override

Checks the authorization.

  • correlation_id (optional) transaction id to trace execution through call chain.
  • userId an user id.
  • roles a roles to be revoked. Return (optional) Future that receives bool value of authorization or error.

Implementation

@override
Future<bool?> authorize(
    String? correlationId, String? userId, List<String> roles) async {
  if (roles.isEmpty) {
    return null;
  }
  var existingRoles = await getRolesById(correlationId, userId);

  var authorized = _difference(roles, existingRoles).isEmpty;

  return authorized;
}