Changing ViewContent to ViewOwnContent

[MikeAlhayek]

Fix #12751

@jtkech we worked on the previous PR for GraphQL together. The permission change in this PR is correct since this will check a lower level permission that is implied by ViewContents. But the ShouldReturnBlogsWithViewBlogContentPermission is failing. For some reason the authenticated user "in the test" has no claims which explain why the test will fail. Any idea on the fix? The change in this PR fixes the issue on hand but breaks the test.

[jtkech]

Yes about the user claims, maybe that's why we are using fot tests a PermissionsContext and a custom PermissionContextAuthorizationHandler and its HandleRequirementAsync(). But then yes implied permissions will not be taken into account.

So to make the failing test working I needed to add to the PermissionsContext the ViewOwnContent which normally is implied by ViewContent (see below).

I think that's okay if you tried it and if it works as expected in a real context.

            .WithPermissionsContext(new PermissionsContext
            {
                UsePermissionsContext = true,
                AuthorizedPermissions = new[]
                {
                    GraphQLApi.Permissions.ExecuteGraphQL,
                    Contents.CommonPermissions.ViewContent,
                    Contents.CommonPermissions.ViewOwnContent,
                }
            });

[jtkech]

The other way is to complete the testing authorization handler, I copy pasted the private method GetGrantingNamesInternal() from the DefaultPermissionGrantingService and used it in the testing handler, and it was working without having to add the implied permissions in the PermissionsContext.

    protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, PermissionRequirement requirement)
    {
        var permissions = (_permissionsContext.AuthorizedPermissions ?? Enumerable.Empty<Permission>()).ToList();

        if (!_permissionsContext.UsePermissionsContext)
        {
            context.Succeed(requirement);
        }
        else if (permissions.Contains(requirement.Permission))
        {
            context.Succeed(requirement);
        }
        else
        {
            // Used here to retrieve ImpliedBy permissions names.
            var grantingNames = new HashSet<string>(StringComparer.OrdinalIgnoreCase);
            GetGrantingNamesInternal(requirement.Permission, grantingNames);
            if (permissions.Any(p => grantingNames.Contains(p.Name)))
            {
                context.Succeed(requirement);
            }
            else
            {
                context.Fail();
            }
        }

        return Task.CompletedTask;
    }

[MikeAlhayek]

@jtkech Thank you for that info. I fixed the HandleRequirementAsync and the tests are now green.

I also added another test for ViewOwnContent so both permission