jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4d19e381fdebf0c55b0884554e490052555e9cd3
Disco/Disco.Services/Authorization/DiscoAuthorizeAttribute.cs
T
Gary Sharp a099d68915 Permissions & Authorization for Users #24 
Initial Release; Includes Database and MVC refactoring
2013-10-10 19:13:16 +11:00

54 lines
1.7 KiB
C#
Raw Blame History

using Disco.Services.Users;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Web.Mvc;
namespace Disco.Services.Authorization
{
public class DiscoAuthorizeAttribute : AuthorizeAttribute
{
string authorizedClaim;
public DiscoAuthorizeAttribute() { }
public DiscoAuthorizeAttribute(string AuthorisedClaim)
{
this.authorizedClaim = AuthorisedClaim;
}
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
{
if (httpContext == null)
throw new ArgumentNullException("httpContext");
var authToken = UserService.CurrentAuthorization;
if (authToken == null)
return false; // No Current User
if (authorizedClaim == null)
return authToken.RoleTokens.Count > 0; // Just Authenticate - no Authorization (but require at least 1 role)
else
return authToken.Has(authorizedClaim);
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
string resultMessage;
if (UserService.CurrentAuthorization == null)
resultMessage = AuthorizationToken.RequireAuthenticationMessage;
else
if (string.IsNullOrEmpty(authorizedClaim))
resultMessage = AuthorizationToken.RequireDiscoAuthorizationMessage;
else
resultMessage = AuthorizationToken.BuildRequireMessage(authorizedClaim);
filterContext.Result = new HttpUnauthorizedResult(resultMessage);
}
}
}
Reference in New Issue View Git Blame Copy Permalink