Plugins have a base WebViewPage to inherit, this offers integration with various Disco services. Plugins can also add Authorization attributes to their Web Handlers and Controller Methods.
This commit is contained in:
Gary Sharp
@@ -8,7 +8,7 @@ using System.Web.Mvc;
|
||||
|
||||
namespace Disco.Services.Authorization
|
||||
{
|
||||
public class DiscoAuthorizeAllAttribute : AuthorizeAttribute
|
||||
public class DiscoAuthorizeAllAttribute : DiscoAuthorizeBaseAttribute
|
||||
{
|
||||
string[] authorizedClaims;
|
||||
|
||||
@@ -20,22 +20,17 @@ namespace Disco.Services.Authorization
|
||||
this.authorizedClaims = AuthorisedClaims;
|
||||
}
|
||||
|
||||
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
|
||||
public override bool IsAuthorized(System.Web.HttpContextBase httpContext)
|
||||
{
|
||||
if (httpContext == null)
|
||||
throw new ArgumentNullException("httpContext");
|
||||
|
||||
var authToken = UserService.CurrentAuthorization;
|
||||
|
||||
if (authToken == null)
|
||||
if (Token == null)
|
||||
return false; // No Current User
|
||||
|
||||
return authToken.HasAll(authorizedClaims);
|
||||
return Token.HasAll(authorizedClaims);
|
||||
}
|
||||
|
||||
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
|
||||
public override string HandleUnauthorizedMessage()
|
||||
{
|
||||
filterContext.Result = new HttpUnauthorizedResult(AuthorizationToken.BuildRequireAllMessage(authorizedClaims));
|
||||
return AuthorizationToken.BuildRequireAllMessage(authorizedClaims);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ using System.Web.Mvc;
|
||||
|
||||
namespace Disco.Services.Authorization
|
||||
{
|
||||
public class DiscoAuthorizeAnyAttribute : AuthorizeAttribute
|
||||
public class DiscoAuthorizeAnyAttribute : DiscoAuthorizeBaseAttribute
|
||||
{
|
||||
string[] authorizedClaims;
|
||||
|
||||
@@ -20,22 +20,17 @@ namespace Disco.Services.Authorization
|
||||
this.authorizedClaims = AuthorisedClaims;
|
||||
}
|
||||
|
||||
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
|
||||
public override bool IsAuthorized(System.Web.HttpContextBase httpContext)
|
||||
{
|
||||
if (httpContext == null)
|
||||
throw new ArgumentNullException("httpContext");
|
||||
|
||||
var authToken = UserService.CurrentAuthorization;
|
||||
|
||||
if (authToken == null)
|
||||
if (Token == null)
|
||||
return false; // No Current User
|
||||
|
||||
return authToken.HasAny(authorizedClaims);
|
||||
return Token.HasAny(authorizedClaims);
|
||||
}
|
||||
|
||||
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
|
||||
public override string HandleUnauthorizedMessage()
|
||||
{
|
||||
filterContext.Result = new HttpUnauthorizedResult(AuthorizationToken.BuildRequireAnyMessage(authorizedClaims));
|
||||
return AuthorizationToken.BuildRequireAnyMessage(authorizedClaims);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ using System.Web.Mvc;
|
||||
|
||||
namespace Disco.Services.Authorization
|
||||
{
|
||||
public class DiscoAuthorizeAttribute : AuthorizeAttribute
|
||||
public class DiscoAuthorizeAttribute : DiscoAuthorizeBaseAttribute
|
||||
{
|
||||
string authorizedClaim;
|
||||
|
||||
@@ -19,23 +19,18 @@ namespace Disco.Services.Authorization
|
||||
this.authorizedClaim = AuthorisedClaim;
|
||||
}
|
||||
|
||||
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
|
||||
public override bool IsAuthorized(System.Web.HttpContextBase httpContext)
|
||||
{
|
||||
if (httpContext == null)
|
||||
throw new ArgumentNullException("httpContext");
|
||||
|
||||
var authToken = UserService.CurrentAuthorization;
|
||||
|
||||
if (authToken == null)
|
||||
if (Token == null)
|
||||
return false; // No Current User
|
||||
|
||||
if (authorizedClaim == null)
|
||||
return authToken.RoleTokens.Count > 0; // Just Authenticate - no Authorization (but require at least 1 role)
|
||||
return Token.RoleTokens.Count > 0; // Just Authenticate - no Authorization (but require at least 1 role)
|
||||
else
|
||||
return authToken.Has(authorizedClaim);
|
||||
return Token.Has(authorizedClaim);
|
||||
}
|
||||
|
||||
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
|
||||
public override string HandleUnauthorizedMessage()
|
||||
{
|
||||
string resultMessage;
|
||||
|
||||
@@ -47,7 +42,7 @@ namespace Disco.Services.Authorization
|
||||
else
|
||||
resultMessage = AuthorizationToken.BuildRequireMessage(authorizedClaim);
|
||||
|
||||
filterContext.Result = new HttpUnauthorizedResult(resultMessage);
|
||||
return resultMessage;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,39 @@
|
||||
using Disco.Services.Users;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using System.Web.Mvc;
|
||||
|
||||
namespace Disco.Services.Authorization
|
||||
{
|
||||
public abstract class DiscoAuthorizeBaseAttribute : AuthorizeAttribute
|
||||
{
|
||||
protected AuthorizationToken Token
|
||||
{
|
||||
get
|
||||
{
|
||||
return UserService.CurrentAuthorization;
|
||||
}
|
||||
}
|
||||
|
||||
public abstract bool IsAuthorized(System.Web.HttpContextBase httpContext);
|
||||
public abstract string HandleUnauthorizedMessage();
|
||||
|
||||
protected sealed override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
|
||||
{
|
||||
if (httpContext == null)
|
||||
throw new ArgumentNullException("httpContext");
|
||||
|
||||
return IsAuthorized(httpContext);
|
||||
}
|
||||
|
||||
protected sealed override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
|
||||
{
|
||||
string resultMessage = HandleUnauthorizedMessage();
|
||||
|
||||
filterContext.Result = new HttpUnauthorizedResult(resultMessage);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user