Check user login if policy is null

src/Volo.Abp.Authorization/Volo/Abp/Authorization/MethodInvocationAuthorizationService.cs

@@ -2,16 +2,19 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
 using Volo.Abp.DependencyInjection;
+using Volo.Abp.Users;
 
 namespace Volo.Abp.Authorization
 {
     public class MethodInvocationAuthorizationService : IMethodInvocationAuthorizationService, ITransientDependency
     {
         private readonly IAuthorizationService _authorizationService;
+        private readonly ICurrentUser _currentUser;
 
-        public MethodInvocationAuthorizationService(IAuthorizationService authorizationService)
+        public MethodInvocationAuthorizationService(IAuthorizationService authorizationService, ICurrentUser currentUser)
         {
             _authorizationService = authorizationService;
+            _currentUser = currentUser;
         }
 
         public async Task CheckAsync(MethodInvocationAuthorizationContext context)
@@ -48,7 +51,18 @@ namespace Volo.Abp.Authorization
 
         protected async Task CheckAsync(IAuthorizeData authorizationAttribute)
         {
-            await _authorizationService.CheckAsync(authorizationAttribute.Policy);
+            if (authorizationAttribute.Policy == null)
+            {
+                if (!_currentUser.IsAuthenticated) //TODO: What about API calls without user id?
+                {
+                    throw new AbpAuthorizationException("Authorization failed! User has not logged in.");
+                }
+            }
+            else
+            {
+                await _authorizationService.CheckAsync(authorizationAttribute.Policy);
+            }
+
             //TODO: What about roles and other props?
         }
     }