MethodInvocationAuthorizationService should check Roles

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/MethodInvocationAuthorizationService.cs

@@ -64,20 +64,26 @@ namespace Volo.Abp.Authorization
 
         protected async Task CheckAsync(IAuthorizeData authorizationAttribute)
         {
-            if (authorizationAttribute.Policy == null)
+            if (authorizationAttribute.Policy != null)
             {
-                //TODO: Can we find a better, unified, way of checking if current request has been authenticated
-                if (!_currentUser.IsAuthenticated && !_currentClient.IsAuthenticated)
+                await _authorizationService.CheckAsync(authorizationAttribute.Policy).ConfigureAwait(false);
+            }
+            else if (authorizationAttribute.Roles != null)
+            {
+                if(_currentUser.IsInRole(authorizationAttribute.Roles) == false)
                 {
-                    throw new AbpAuthorizationException("Authorization failed! User has not logged in.");
+                    throw new AbpAuthorizationException("Authorization failed! Given roles has not granted: " + authorizationAttribute.Roles);
                 }
             }
             else
             {
-                await _authorizationService.CheckAsync(authorizationAttribute.Policy).ConfigureAwait(false);
+                //TODO: Can we find a better, unified, way of checking if current request has been authenticated
+                if (!_currentUser.IsAuthenticated && !_currentClient.IsAuthenticated)
+                {
+                    throw new AbpAuthorizationException("Authorization failed! User has not logged in.");
+                }
             }
 
-            //TODO: What about roles and other props?
         }
     }
 }