private void ApplyPolicies(ActionExecutingContext filterContext, ISecurityPolicyContainer <object> container)
        {
            var context = new SecurityPolicyContext
            {
                ControllerContext = filterContext.Controller.ControllerContext
            };

            if (Builder.IsAuthenticationConfigured)
            {
                var authentication = Builder.Authentication <Object>();
                context.IsAuthenticated  = authentication.IsAuthenticated();
                context.CurrentUserRoles = authentication.GetRoles();
            }

            if (container.Policies.Any(policy => !policy.Authorize(context)))
            {
                if (Builder.IsAuthenticationConfigured)
                {
                    var authentication = Builder.Authentication <Object>();
                    if (!authentication.IsAuthenticated())
                    {
                        var mapping = ModelMappingManager.MappingFor(authentication.Type);
                        var method  = mapping.StaticMethods.FirstOrDefault(m => m.Name == authentication.LoginWith().Name);
                        if (method != null)
                        {
                            var route = new
                            {
                                action     = "Execute",
                                controller = "Presentation",
                                methodName = method.MethodName,
                                index      = method.Index,
                                modelType  = mapping.ModelType.PartialName(),
                                redirectTo = filterContext.HttpContext.Request.Url.ToString()
                            };
                            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(route));
                        }
                        else
                        {
                            filterContext.Result = new HttpNotFoundResult();
                        }
                    }
                    else
                    {
                        filterContext.Result = new HttpNotFoundResult();
                    }
                }
                else
                {
                    filterContext.Result = new HttpUnauthorizedResult();
                }
            }
        }
Beispiel #2
0
        public static void RegisterTheme <T>(ISecurityPolicyContainer <T> container, string name, Func <bool> expression) where T : class
        {
            var pair = new KeyValuePair <Func <bool>, string>(expression, name);

            if (!Themes.ContainsKey(container))
            {
                Themes.Add(container, new Collection <KeyValuePair <Func <bool>, string> >());
            }


            if (!Themes[container].Contains(pair))
            {
                Themes[container].Add(pair);
            }
        }
        private void ApplyPolicies(ActionExecutingContext filterContext, ISecurityPolicyContainer<object> container)
        {
            var context = new SecurityPolicyContext
            {
                ControllerContext = filterContext.Controller.ControllerContext
            };

            if (Builder.IsAuthenticationConfigured)
            {
                var authentication = Builder.Authentication<Object>();
                context.IsAuthenticated = authentication.IsAuthenticated();
                context.CurrentUserRoles = authentication.GetRoles();
            }

            if (container.Policies.Any(policy => !policy.Authorize(context)))
            {
                if (Builder.IsAuthenticationConfigured)
                {
                    var authentication = Builder.Authentication<Object>();
                    if (!authentication.IsAuthenticated())
                    {
                        var mapping = ModelMappingManager.MappingFor(authentication.Type);
                        var method = mapping.StaticMethods.FirstOrDefault(m => m.Name == authentication.LoginWith().Name);
                        if (method != null)
                        {
                            var route = new
                                            {
                                                action = "Execute",
                                                controller = "Presentation",
                                                methodName = method.MethodName,
                                                index = method.Index,
                                                modelType = mapping.ModelType.PartialName(),
                                                redirectTo = filterContext.HttpContext.Request.Url.ToString()
                                            };
                            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(route));
                        }
                        else
                            filterContext.Result = new HttpNotFoundResult();
                    }
                    else
                        filterContext.Result = new HttpNotFoundResult();
                }
                else
                    filterContext.Result = new HttpUnauthorizedResult();
            }
        }
 public static ITypeSecurityConfiguration <T> AllowAll <T>(this ISecurityPolicyContainer <T> container)
 {
     container.Policies.Add(new AllowAllSecurityPolicy());
     return(container.Configuration());
 }
 public static ITypeSecurityConfiguration <T> OnlyAuthenticated <T>(this ISecurityPolicyContainer <T> container)
 {
     container.Policies.Add(new OnlyAuthenticatedSecurityPolicy());
     return(container.Configuration());
 }
 public static ITypeSecurityConfiguration <T> OnlyAnonymous <T>(this ISecurityPolicyContainer <T> container)
 {
     container.Policies.Add(new OnlyAnonymousSecurityPolicy());
     return(container.Configuration());
 }
 public static ITypeSecurityConfiguration <T> ApplyCustomPolicy <T>(this ISecurityPolicyContainer <T> container, ISecurityPolicy policy)
 {
     container.Policies.Add(policy);
     return(container.Configuration());
 }
 public static ITypeSecurityConfiguration <T> DenyRoles <T>(this ISecurityPolicyContainer <T> container, params string[] roles)
 {
     container.Policies.Add(new DenyRolesSecurityPolicy(roles));
     return(container.Configuration());
 }
 public static void UseTheme <T>(this ISecurityPolicyContainer <T> container, string name) where T : class
 {
     container.UseTheme(name, () => true);
 }
 public static void UseTheme <T>(this ISecurityPolicyContainer <T> container, string name, Func <bool> expression) where T : class
 {
     RunningObjectsViewEngine.RegisterTheme(container, name, expression);
 }
Beispiel #11
0
 public static void UseThemeWhen <T>(this ISecurityPolicyContainer <T> container, string theme, Func <bool> expression)
 {
     RunningObjectsViewEngine.RegisterTheme <T>(container, theme, expression);
 }
 public static ISecurityPolicyContainer <T> AllowAll <T>(this ISecurityPolicyContainer <T> container)
 {
     container.Policies.Add(new AllowAllSecurityPolicy());
     return(container);
 }
 public static ISecurityPolicyContainer <T> ApplyCustomPolicy <T>(this ISecurityPolicyContainer <T> container, ISecurityPolicy policy)
 {
     container.Policies.Add(policy);
     return(container);
 }
 public static ISecurityPolicyContainer <T> AllowRoles <T>(this ISecurityPolicyContainer <T> container, params string[] roles)
 {
     container.Policies.Add(new AlloRolesSecurityPolicy(roles));
     return(container);
 }