Permissions & Authorization for Users #24

Initial Release; Includes Database and MVC refactoring
2013-10-10 19:13:16 +11:00
parent 172ce5524a
commit a099d68915
458 changed files with 40221 additions and 12130 deletions
@@ -0,0 +1,41 @@
+using Disco.Services.Users;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Web.Mvc;
+
+namespace Disco.Services.Authorization
+{
+    public class DiscoAuthorizeAnyAttribute : AuthorizeAttribute
+    {
+        string[] authorizedClaims;
+
+        public DiscoAuthorizeAnyAttribute(params string[] AuthorisedClaims)
+        {
+            if (AuthorisedClaims == null || AuthorisedClaims.Length == 0)
+                throw new ArgumentNullException("AuthorisedClaims");
+
+            this.authorizedClaims = AuthorisedClaims;
+        }
+
+        protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
+        {
+            if (httpContext == null)
+                throw new ArgumentNullException("httpContext");
+
+            var authToken = UserService.CurrentAuthorization;
+
+            if (authToken == null)
+                return false; // No Current User
+
+            return authToken.HasAny(authorizedClaims);
+        }
+
+        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
+        {
+            filterContext.Result = new HttpUnauthorizedResult(AuthorizationToken.BuildRequireAnyMessage(authorizedClaims));
+        }
+    }
+}