minor refactor

tibitoth · tibitoth · commit 940075f5c51b · 2025-07-04T10:49:15.000+02:00
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/AuthorizationCollectionExtensions.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/AuthorizationCollectionExtensions.cs
@@ -12,14 +12,16 @@ public static void AddPolicies(this IServiceCollection services)
     {
         services.AddAuthorizationBuilder()
             .AddPolicy(AdminRequirement.PolicyName, policy => policy.Requirements.Add(new AdminRequirement()));
+
         services.AddAuthorizationBuilder()
-            .AddPolicy(DemonstratorOnSubjectRequirement.PolicyName,
-                policy => policy.Requirements.Add(new DemonstratorOnSubjectRequirement()));
+            .AddPolicy(DemonstratorOnSubjectRequirement.PolicyName, policy => policy.Requirements.Add(new DemonstratorOnSubjectRequirement()));
+
         services.AddAuthorizationBuilder()
-            .AddPolicy(TeacherOnSubjectRequirement.PolicyName,
-                policy => policy.Requirements.Add(new TeacherOnSubjectRequirement()));
+            .AddPolicy(TeacherOnSubjectRequirement.PolicyName, policy => policy.Requirements.Add(new TeacherOnSubjectRequirement()));
+
         services.AddAuthorizationBuilder()
             .AddPolicy(TeacherRequirement.PolicyName, policy => policy.Requirements.Add(new TeacherRequirement()));
+
         services.AddAuthorizationBuilder()
             .AddPolicy(UserRequirement.PolicyName, policy => policy.Requirements.Add(new UserRequirement()));
     }
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/AdminRequirementHandler.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/AdminRequirementHandler.cs
@@ -6,10 +6,9 @@ namespace Ahk.GradeManagement.Api.Authorization.Handlers;
 
 public class AdminRequirementHandler : AuthorizationHandler<AdminRequirement>
 {
-    protected override Task HandleRequirementAsync(
-        AuthorizationHandlerContext context, AdminRequirement requirement)
+    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AdminRequirement requirement)
     {
-        if (AdminRoleChecker.CheckAdminRole(context, requirement))
+        if (context.User.IsInAdminRole())
         {
             context.Succeed(requirement);
             return Task.CompletedTask;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/AdminRoleChecker.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/AdminRoleChecker.cs
@@ -1,14 +1,14 @@
 using Ahk.GradeManagement.Shared.Enums;
 
-using Microsoft.AspNetCore.Authorization;
+using System.Security.Claims;
 
 namespace Ahk.GradeManagement.Api.Authorization.Handlers;
 
 public static class AdminRoleChecker
 {
-    public static bool CheckAdminRole(AuthorizationHandlerContext context, IAuthorizationRequirement requirement)
+    public static bool IsInAdminRole(this ClaimsPrincipal user)
     {
-        var roleClaim = context.User.FindFirst(CustomClaimTypes.UserRole);
+        var roleClaim = user.FindFirst(CustomClaimTypes.UserRole);
         if (roleClaim == null || roleClaim.Value != UserType.Admin.ToString())
             return false;
 
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/DemonstratorOnSubjectRequirementHandler.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/DemonstratorOnSubjectRequirementHandler.cs
@@ -3,13 +3,14 @@
 
 using Microsoft.AspNetCore.Authorization;
 
+using System.Globalization;
+
 namespace Ahk.GradeManagement.Api.Authorization.Handlers;
 
 public class DemonstratorOnSubjectRequirementHandler(IHttpContextAccessor httpContextAccessor)
     : AuthorizationHandler<DemonstratorOnSubjectRequirement>
 {
-    protected override Task HandleRequirementAsync(
-        AuthorizationHandlerContext context, DemonstratorOnSubjectRequirement requirement)
+    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, DemonstratorOnSubjectRequirement requirement)
     {
         var httpContext = httpContextAccessor.HttpContext;
         if (httpContext == null)
@@ -18,26 +19,24 @@ protected override Task HandleRequirementAsync(
             return Task.CompletedTask;
         }
 
-        if (AdminRoleChecker.CheckAdminRole(context, requirement))
+        if (context.User.IsInAdminRole())
         {
             context.Succeed(requirement);
             return Task.CompletedTask;
         }
 
-        if (httpContext.Request.Headers.TryGetValue("X-Subject-Id-Value", out var subjectIdHeader))
+        if (httpContext.Request.Headers.TryGetValue("X-Subject-Id-Value", out var subjectIdHeader)
+            && long.TryParse(subjectIdHeader, out var subjectId))
         {
-            if (long.TryParse(subjectIdHeader, out var subjectId))
+            var subjectAccessClaims = context.User.FindAll(CustomClaimTypes.SubjectAccess).Select(c => c.Value).ToList();
+            var roleOnSubjectClaim = context.User.FindFirst($"{CustomClaimTypes.AccessLevel}_{subjectId}");
+
+            if (subjectAccessClaims.Contains(subjectId.ToString(CultureInfo.InvariantCulture))
+                && roleOnSubjectClaim != null
+                && (roleOnSubjectClaim.Value == UserRoleOnSubject.Demonstrator.ToString() || roleOnSubjectClaim.Value == UserRoleOnSubject.Teacher.ToString()))
             {
-                var subjectAccessClaims =
-                    context.User.FindAll(CustomClaimTypes.SubjectAccess).Select(c => c.Value).ToList();
-                var roleOnSubjectClaim = context.User.FindFirst($"{CustomClaimTypes.AccessLevel}_{subjectId}");
-                if (subjectAccessClaims.Contains(subjectId.ToString()) && roleOnSubjectClaim != null &&
-                    (roleOnSubjectClaim.Value == UserRoleOnSubject.Demonstrator.ToString() ||
-                     roleOnSubjectClaim.Value == UserRoleOnSubject.Teacher.ToString()))
-                {
-                    context.Succeed(requirement);
-                    return Task.CompletedTask;
-                }
+                context.Succeed(requirement);
+                return Task.CompletedTask;
             }
         }
 
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/TeacherOnSubjectRequirementHandler.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/TeacherOnSubjectRequirementHandler.cs
@@ -3,13 +3,14 @@
 
 using Microsoft.AspNetCore.Authorization;
 
+using System.Globalization;
+
 namespace Ahk.GradeManagement.Api.Authorization.Handlers;
 
 public class TeacherOnSubjectRequirementHandler(IHttpContextAccessor httpContextAccessor)
     : AuthorizationHandler<TeacherOnSubjectRequirement>
 {
-    protected override Task HandleRequirementAsync(
-        AuthorizationHandlerContext context, TeacherOnSubjectRequirement requirement)
+    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, TeacherOnSubjectRequirement requirement)
     {
         var httpContext = httpContextAccessor.HttpContext;
         if (httpContext == null)
@@ -18,25 +19,24 @@ protected override Task HandleRequirementAsync(
             return Task.CompletedTask;
         }
 
-        if (AdminRoleChecker.CheckAdminRole(context, requirement))
+        if (context.User.IsInAdminRole())
         {
             context.Succeed(requirement);
             return Task.CompletedTask;
         }
 
-        if (httpContext.Request.Headers.TryGetValue("X-Subject-Id-Value", out var subjectIdHeader))
+        if (httpContext.Request.Headers.TryGetValue("X-Subject-Id-Value", out var subjectIdHeader)
+            && long.TryParse(subjectIdHeader, out var subjectId))
         {
-            if (long.TryParse(subjectIdHeader, out var subjectId))
+            var subjectAccessClaims = context.User.FindAll(CustomClaimTypes.SubjectAccess).Select(c => c.Value).ToList();
+            var roleOnSubjectClaim = context.User.FindFirst($"{CustomClaimTypes.AccessLevel}_{subjectId}");
+
+            if (subjectAccessClaims.Contains(subjectId.ToString(CultureInfo.InvariantCulture))
+                && roleOnSubjectClaim != null
+                && roleOnSubjectClaim.Value == UserRoleOnSubject.Teacher.ToString())
             {
-                var subjectAccessClaims =
-                    context.User.FindAll(CustomClaimTypes.SubjectAccess).Select(c => c.Value).ToList();
-                var roleOnSubjectClaim = context.User.FindFirst($"{CustomClaimTypes.AccessLevel}_{subjectId}");
-                if (subjectAccessClaims.Contains(subjectId.ToString()) && roleOnSubjectClaim != null &&
-                    roleOnSubjectClaim.Value == UserRoleOnSubject.Teacher.ToString())
-                {
-                    context.Succeed(requirement);
-                    return Task.CompletedTask;
-                }
+                context.Succeed(requirement);
+                return Task.CompletedTask;
             }
         }
 
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/TeacherRequirementHandler.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/TeacherRequirementHandler.cs
@@ -7,10 +7,9 @@ namespace Ahk.GradeManagement.Api.Authorization.Handlers;
 
 public class TeacherRequirementHandler : AuthorizationHandler<TeacherRequirement>
 {
-    protected override Task HandleRequirementAsync(
-        AuthorizationHandlerContext context, TeacherRequirement requirement)
+    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, TeacherRequirement requirement)
     {
-        if (AdminRoleChecker.CheckAdminRole(context, requirement))
+        if (context.User.IsInAdminRole())
         {
             context.Succeed(requirement);
             return Task.CompletedTask;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/UserRequirementHandler.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Authorization/Handlers/UserRequirementHandler.cs
@@ -7,10 +7,9 @@ namespace Ahk.GradeManagement.Api.Authorization.Handlers;
 
 public class UserRequirementHandler : AuthorizationHandler<UserRequirement>
 {
-    protected override Task HandleRequirementAsync(
-        AuthorizationHandlerContext context, UserRequirement requirement)
+    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserRequirement requirement)
     {
-        if (AdminRoleChecker.CheckAdminRole(context, requirement))
+        if (context.User.IsInAdminRole())
         {
             context.Succeed(requirement);
             return Task.CompletedTask;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/AssingmentEventTestController.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/AssingmentEventTestController.cs
@@ -10,9 +10,7 @@ namespace Ahk.GradeManagement.Api.Controllers;
 [ApiController]
 [Route("api/testassignmentevents")]
 [Authorize(Policy = AdminRequirement.PolicyName)]
-public class AssingmentEventTestController(
-    AssignmentEventProcessorService assignmentEventProcessorService,
-    IWebHostEnvironment environment)
+public class AssingmentEventTestController(AssignmentEventProcessorService assignmentEventProcessorService, IWebHostEnvironment environment)
     : ControllerBase
 {
     [HttpPost("assignmentaccepted")]
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/GitHubAppController.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/GitHubAppController.cs
@@ -3,8 +3,6 @@
 using Azure.Identity;
 using Azure.Security.KeyVault.Secrets;
 
-using GradeManagement.Data;
-
 using Microsoft.AspNetCore.Mvc;
 
 using System.Net.Http.Headers;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/UserController.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Controllers/UserController.cs
@@ -7,8 +7,6 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
-using System.Security.Claims;
-
 namespace Ahk.GradeManagement.Api.Controllers;
 
 [Authorize]
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Program.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Api/Program.cs
@@ -3,14 +3,10 @@
 using Ahk.GradeManagement.Api.Middlewares.ExceptionHandlers;
 using Ahk.GradeManagement.Bll;
 using Ahk.GradeManagement.Bll.Profiles;
-using Ahk.GradeManagement.Dal.Utils;
+using Ahk.GradeManagement.Dal;
 
 using Azure.Identity;
 
-using GradeManagement.Data;
-
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.EntityFrameworkCore;
 using Microsoft.Identity.Web;
 
 using MudBlazor.Services;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/AssignmentService.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/AssignmentService.cs
@@ -1,6 +1,6 @@
 using Ahk.GradeManagement.Bll.Services.BaseServices;
 using Ahk.GradeManagement.Dal;
-using Ahk.GradeManagement.Dal.Utils;
+using Ahk.GradeManagement.Dal.Extensions;
 using Ahk.GradeManagement.Shared.Dtos;
 using Ahk.GradeManagement.Shared.Enums;
 
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/ExerciseService.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/ExerciseService.cs
@@ -1,7 +1,7 @@
 using Ahk.GradeManagement.Bll.Services.BaseServices;
 using Ahk.GradeManagement.Dal;
 using Ahk.GradeManagement.Dal.Entities;
-using Ahk.GradeManagement.Dal.Utils;
+using Ahk.GradeManagement.Dal.Extensions;
 using Ahk.GradeManagement.Shared.Dtos;
 using Ahk.GradeManagement.Shared.Dtos.Request;
 using Ahk.GradeManagement.Shared.Dtos.Response;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/PullRequestService.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/PullRequestService.cs
@@ -1,5 +1,5 @@
 using Ahk.GradeManagement.Dal;
-using Ahk.GradeManagement.Dal.Utils;
+using Ahk.GradeManagement.Dal.Extensions;
 using Ahk.GradeManagement.Shared.Dtos;
 
 using AutoMapper;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/ScoreService.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/ScoreService.cs
@@ -1,7 +1,7 @@
 using Ahk.GradeManagement.Bll.Services.Moodle;
 using Ahk.GradeManagement.Dal;
 using Ahk.GradeManagement.Dal.Entities;
-using Ahk.GradeManagement.Dal.Utils;
+using Ahk.GradeManagement.Dal.Extensions;
 
 using AutSoft.Linq.Queryable;
 
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/SubjectService.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/SubjectService.cs
@@ -1,6 +1,6 @@
 using Ahk.GradeManagement.Bll.Services.BaseServices;
 using Ahk.GradeManagement.Dal;
-using Ahk.GradeManagement.Dal.Utils;
+using Ahk.GradeManagement.Dal.Extensions;
 using Ahk.GradeManagement.Shared.Dtos.Request;
 using Ahk.GradeManagement.Shared.Dtos.Response;
 using Ahk.GradeManagement.Shared.Enums;
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/Utils/RsaKeyGenerator.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Bll/Services/Utils/RsaKeyGenerator.cs
@@ -1,8 +1,8 @@
-namespace Ahk.GradeManagement.Bll.Services.Utils;
-
 using System.Security.Cryptography;
 using System.Text;
 
+namespace Ahk.GradeManagement.Bll.Services.Utils;
+
 public class RsaKeyGenerator
 {
     public string PrivateKey { get; private set; }
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Client/Program.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Client/Program.cs
@@ -34,73 +34,49 @@ public static async Task Main(string[] args)
         builder.Services.AddMsalAuthentication(options =>
         {
             builder.Configuration.Bind("AzureAd", options.ProviderOptions.Authentication);
-            options.ProviderOptions.DefaultAccessTokenScopes
-                .Add("api://01834b53-87a0-4236-85d3-a999ecec0115/access_backend");
+            options.ProviderOptions.DefaultAccessTokenScopes.Add("api://01834b53-87a0-4236-85d3-a999ecec0115/access_backend");
             //Add scope for email
         });
-        // builder.Services.AddAuthorizationCore(options =>
-        //     options.AddPolicy(TeacherRequirement.PolicyName,
-        //         policy => policy.Requirements.Add(new TeacherRequirement())));
-        // builder.Services.AddSingleton<IAuthorizationHandler, TeacherRequirementHandler>();
 
         builder.Services.AddScoped<CrudSnackbarService>();
 
-        builder.Services.AddTransient(sp =>
-            new AuthorizationMessageHandler(sp.GetRequiredService<IAccessTokenProvider>()));
-        builder.Services.AddTransient(sp =>
-            new ExceptionMessageHandler(sp.GetRequiredService<CrudSnackbarService>()));
+        builder.Services.AddTransient(sp => new AuthorizationMessageHandler(sp.GetRequiredService<IAccessTokenProvider>()));
+        builder.Services.AddTransient(sp => new ExceptionMessageHandler(sp.GetRequiredService<CrudSnackbarService>()));
 
         builder.Services.AddSingleton<SelectedSubjectService>();
         builder.Services.AddSingleton<CurrentUserService>();
 
-        builder.Services.AddTransient(sp =>
-            new SubjectHeaderHandler(sp.GetRequiredService<SelectedSubjectService>()));
+        builder.Services.AddTransient(sp => new SubjectHeaderHandler(sp.GetRequiredService<SelectedSubjectService>()));
 
         // Registering HttpClient that uses our custom handler
-        builder.Services.AddHttpClient(ServerApi,
-                client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
+        builder.Services.AddHttpClient(ServerApi, client => client.BaseAddress = new Uri(builder.HostEnvironment.BaseAddress))
             .AddHttpMessageHandler<ExceptionMessageHandler>()
             .AddHttpMessageHandler<AuthorizationMessageHandler>()
             .AddHttpMessageHandler<SubjectHeaderHandler>();
 
-
-        builder.Services.AddScoped(sp =>
-            new SubjectClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new SubjectClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
         builder.Services.AddScoped<SubjectService>();
-        builder.Services.AddScoped(sp =>
-            new CourseClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new SemesterClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new LanguageClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new UserClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new GroupClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new ExerciseClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new AssignmentClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new StudentClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
-        builder.Services.AddScoped(sp =>
-            new DashboardClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new CourseClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new SemesterClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new LanguageClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new UserClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new GroupClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new ExerciseClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new AssignmentClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new StudentClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
+        builder.Services.AddScoped(sp => new DashboardClient(sp.GetRequiredService<IHttpClientFactory>().CreateClient(ServerApi)));
 
         builder.Services.AddAuthorizationCore(options =>
         {
-            options.AddPolicy(Policy.RequireAdmin, policy =>
-                policy.Requirements.Add(new UserTypeRequirement([UserType.Admin])));
-            options.AddPolicy(Policy.RequireTeacher, policy =>
-                policy.Requirements.Add(new UserTypeRequirement([UserType.Teacher, UserType.Admin])));
+            options.AddPolicy(Policy.RequireAdmin, policy => policy.Requirements.Add(new UserTypeRequirement([UserType.Admin])));
+            options.AddPolicy(Policy.RequireTeacher, policy => policy.Requirements.Add(new UserTypeRequirement([UserType.Teacher, UserType.Admin])));
         });
 
         builder.Services.AddScoped<IAuthorizationHandler, UserTypeAuthorizationHandler>();
 
-
         builder.Services.AddMudServices();
         builder.Services.AddMudExtensions();
 
-
         await builder.Build().RunAsync();
     }
 }
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Dal/Extensions/DbSetExtensions.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Dal/Extensions/DbSetExtensions.cs
@@ -2,7 +2,7 @@
 
 using Microsoft.EntityFrameworkCore;
 
-namespace Ahk.GradeManagement.Dal.Utils;
+namespace Ahk.GradeManagement.Dal.Extensions;
 
 public static class DbSetExtensions
 {
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.Dal/ServiceCollectionExtensions.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.Dal/ServiceCollectionExtensions.cs
diff --git a/src/Ahk.GradeManagement/Ahk.GradeManagement.QueueFunction/Program.cs b/src/Ahk.GradeManagement/Ahk.GradeManagement.QueueFunction/Program.cs

Original file line number	Diff line number	Diff line change
`@@ -6,10 +6,9 @@ namespace Ahk.GradeManagement.Api.Authorization.Handlers;`
`6`	`6`
`7`	`7`	`public class AdminRequirementHandler : AuthorizationHandler<AdminRequirement>`
`8`	`8`	`{`
`9`		`- protected override Task HandleRequirementAsync(`
`10`		`- AuthorizationHandlerContext context, AdminRequirement requirement)`
	`9`	`+ protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AdminRequirement requirement)`
`11`	`10`	`{`
`12`		`- if (AdminRoleChecker.CheckAdminRole(context, requirement))`
	`11`	`+ if (context.User.IsInAdminRole())`
`13`	`12`	`{`
`14`	`13`	`context.Succeed(requirement);`
`15`	`14`	`return Task.CompletedTask;`
Original file line number	Diff line number	Diff line change
`@@ -1,14 +1,14 @@`
`1`	`1`	`using Ahk.GradeManagement.Shared.Enums;`
`2`	`2`
`3`		`-using Microsoft.AspNetCore.Authorization;`
	`3`	`+using System.Security.Claims;`
`4`	`4`
`5`	`5`	`namespace Ahk.GradeManagement.Api.Authorization.Handlers;`
`6`	`6`
`7`	`7`	`public static class AdminRoleChecker`
`8`	`8`	`{`
`9`		`- public static bool CheckAdminRole(AuthorizationHandlerContext context, IAuthorizationRequirement requirement)`
	`9`	`+ public static bool IsInAdminRole(this ClaimsPrincipal user)`
`10`	`10`	`{`
`11`		`- var roleClaim = context.User.FindFirst(CustomClaimTypes.UserRole);`
	`11`	`+ var roleClaim = user.FindFirst(CustomClaimTypes.UserRole);`
`12`	`12`	`if (roleClaim == null \|\| roleClaim.Value != UserType.Admin.ToString())`
`13`	`13`	`return false;`
`14`	`14`
Original file line number	Diff line number	Diff line change
`@@ -3,13 +3,14 @@`
`3`	`3`
`4`	`4`	`using Microsoft.AspNetCore.Authorization;`
`5`	`5`
	`6`	`+using System.Globalization;`
	`7`	`+`
`6`	`8`	`namespace Ahk.GradeManagement.Api.Authorization.Handlers;`
`7`	`9`
`8`	`10`	`public class DemonstratorOnSubjectRequirementHandler(IHttpContextAccessor httpContextAccessor)`
`9`	`11`	`: AuthorizationHandler<DemonstratorOnSubjectRequirement>`
`10`	`12`	`{`
`11`		`- protected override Task HandleRequirementAsync(`
`12`		`- AuthorizationHandlerContext context, DemonstratorOnSubjectRequirement requirement)`
	`13`	`+ protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, DemonstratorOnSubjectRequirement requirement)`
`13`	`14`	`{`
`14`	`15`	`var httpContext = httpContextAccessor.HttpContext;`
`15`	`16`	`if (httpContext == null)`
`@@ -18,26 +19,24 @@ protected override Task HandleRequirementAsync(`
`18`	`19`	`return Task.CompletedTask;`
`19`	`20`	`}`
`20`	`21`
`21`		`- if (AdminRoleChecker.CheckAdminRole(context, requirement))`
	`22`	`+ if (context.User.IsInAdminRole())`
`22`	`23`	`{`
`23`	`24`	`context.Succeed(requirement);`
`24`	`25`	`return Task.CompletedTask;`
`25`	`26`	`}`
`26`	`27`
`27`		`- if (httpContext.Request.Headers.TryGetValue("X-Subject-Id-Value", out var subjectIdHeader))`
	`28`	`+ if (httpContext.Request.Headers.TryGetValue("X-Subject-Id-Value", out var subjectIdHeader)`
	`29`	`+ && long.TryParse(subjectIdHeader, out var subjectId))`
`28`	`30`	`{`
`29`		`- if (long.TryParse(subjectIdHeader, out var subjectId))`
	`31`	`+ var subjectAccessClaims = context.User.FindAll(CustomClaimTypes.SubjectAccess).Select(c => c.Value).ToList();`
	`32`	`+ var roleOnSubjectClaim = context.User.FindFirst($"{CustomClaimTypes.AccessLevel}_{subjectId}");`
	`33`	`+`
	`34`	`+ if (subjectAccessClaims.Contains(subjectId.ToString(CultureInfo.InvariantCulture))`
	`35`	`+ && roleOnSubjectClaim != null`
	`36`	`+ && (roleOnSubjectClaim.Value == UserRoleOnSubject.Demonstrator.ToString() \|\| roleOnSubjectClaim.Value == UserRoleOnSubject.Teacher.ToString()))`
`30`	`37`	`{`
`31`		`- var subjectAccessClaims =`
`32`		`- context.User.FindAll(CustomClaimTypes.SubjectAccess).Select(c => c.Value).ToList();`
`33`		`- var roleOnSubjectClaim = context.User.FindFirst($"{CustomClaimTypes.AccessLevel}_{subjectId}");`
`34`		`- if (subjectAccessClaims.Contains(subjectId.ToString()) && roleOnSubjectClaim != null &&`
`35`		`- (roleOnSubjectClaim.Value == UserRoleOnSubject.Demonstrator.ToString() \|\|`
`36`		`- roleOnSubjectClaim.Value == UserRoleOnSubject.Teacher.ToString()))`
`37`		`- {`
`38`		`- context.Succeed(requirement);`
`39`		`- return Task.CompletedTask;`
`40`		`- }`
	`38`	`+ context.Succeed(requirement);`
	`39`	`+ return Task.CompletedTask;`
`41`	`40`	`}`
`42`	`41`	`}`
`43`	`42`
Original file line number	Diff line number	Diff line change
`@@ -7,10 +7,9 @@ namespace Ahk.GradeManagement.Api.Authorization.Handlers;`
`7`	`7`
`8`	`8`	`public class TeacherRequirementHandler : AuthorizationHandler<TeacherRequirement>`
`9`	`9`	`{`
`10`		`- protected override Task HandleRequirementAsync(`
`11`		`- AuthorizationHandlerContext context, TeacherRequirement requirement)`
	`10`	`+ protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, TeacherRequirement requirement)`
`12`	`11`	`{`
`13`		`- if (AdminRoleChecker.CheckAdminRole(context, requirement))`
	`12`	`+ if (context.User.IsInAdminRole())`
`14`	`13`	`{`
`15`	`14`	`context.Succeed(requirement);`
`16`	`15`	`return Task.CompletedTask;`
Original file line number	Diff line number	Diff line change
`@@ -7,10 +7,9 @@ namespace Ahk.GradeManagement.Api.Authorization.Handlers;`
`7`	`7`
`8`	`8`	`public class UserRequirementHandler : AuthorizationHandler<UserRequirement>`
`9`	`9`	`{`
`10`		`- protected override Task HandleRequirementAsync(`
`11`		`- AuthorizationHandlerContext context, UserRequirement requirement)`
	`10`	`+ protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserRequirement requirement)`
`12`	`11`	`{`
`13`		`- if (AdminRoleChecker.CheckAdminRole(context, requirement))`
	`12`	`+ if (context.User.IsInAdminRole())`
`14`	`13`	`{`
`15`	`14`	`context.Succeed(requirement);`
`16`	`15`	`return Task.CompletedTask;`