jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Authorization Logging #24

Browse Source 
Record 'Access Denied' and any changes to Authorization Roles.
This commit is contained in:
Gary Sharp
2013-10-15 16:13:41 +11:00
parent 7b62eabeee
commit 017b1435d8
14 changed files with 515 additions and 223 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Disco.Services/Authorization/DiscoAuthorizeBaseAttribute.cs
+24
View File
@@ -10,6 +10,8 @@ namespace Disco.Services.Authorization
{
public abstract class DiscoAuthorizeBaseAttribute : AuthorizeAttribute
{
public string AuthorizeResource { get; set; }
protected AuthorizationToken Token
{
get
@@ -33,7 +35,29 @@ namespace Disco.Services.Authorization
{
string resultMessage = HandleUnauthorizedMessage();
LogAccessDenied(filterContext, resultMessage);
filterContext.Result = new HttpUnauthorizedResult(resultMessage);
}
public void LogAccessDenied(AuthorizationContext FilterContext, string ResultMessage)
{
// Don't log anonymous
if (Token != null)
{
// Calculate Authorize Resource
if (AuthorizeResource == null)
{
var controllerName = FilterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var actionName = FilterContext.ActionDescriptor.ActionName;
AuthorizeResource = string.Format("{0}::{1}", controllerName, actionName);
}
var resource = string.Format("{0} [{1}]", AuthorizeResource, FilterContext.HttpContext.Request.RawUrl);
AuthorizationLog.LogAccessDenied(Token.User.Id, resource, ResultMessage);
}
}
}
}