loadContext method
Loads the RbacContext for userId.
Reads the user's current role assignments from the backend and wraps them in an RbacContext backed by the current policy.
Implementation
@override
Future<RbacContext> loadContext({required String userId}) async {
try {
// Try Firestore first.
final doc =
await _firestore.collection(_usersCollection).doc(userId).get();
var roleIds = <String>[];
if (doc.exists) {
final data = doc.data();
final raw = data?[_rolesField];
if (raw is List) {
roleIds = raw.whereType<String>().toList();
}
}
// Fall back to Firebase Auth custom claims when Firestore has no roles.
if (roleIds.isEmpty) {
final user = _auth.currentUser;
if (user != null) {
final idToken = await user.getIdTokenResult();
final claims = idToken.claims ?? {};
final rawClaims = claims[_rolesField];
if (rawClaims is List) {
roleIds = rawClaims.whereType<String>().toList();
}
}
}
return RbacContext(userId: userId, roleIds: roleIds, policy: _policy);
} catch (error) {
throw Exception(
'FirebaseRbacProvider.loadContext failed for user "$userId": $error',
);
}
}