protected AuthenticatedModule(AccessScope minimumScope, User.Role minimumRole, string path, SContext serverContext) : base(path, serverContext) { // require authentication this.requiresUserAuthentication(); this.Before += async(ctx) => { var usernameClaim = ctx.User.Claims.First(x => x.Type == IBearerAuthenticator.CLAIM_USERNAME); currentUser = serverContext.userManager.findByUsername(usernameClaim.Value); if (currentUser.role < minimumRole) { // give a special code for pending users if (currentUser.role == User.Role.Pending) { ctx.Response.StatusCode = (int)HttpStatusCode.Locked; } else { ctx.Response.StatusCode = (int)HttpStatusCode.Forbidden; } return(false); } var tokenClaim = ctx.User.Claims.First(x => x.Type == IBearerAuthenticator.CLAIM_TOKEN); credential = serverContext.tokenResolver.resolve(tokenClaim.Value).Value; // check if at least minimum scope if (!credential.scope.greaterThan(minimumScope)) { ctx.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return(false); } return(true); }; }
// This method "ensures" that there are at least n users left of a specific role. // It's invoked to enforce certain constraints like "there must always be at least one SuperAdmin defined." private async Task <int> EnsureRoleCount(User.Role role, int count) { // Counter placeholder variable. var superAdmins = 0; // Iterate over each user and count where superadmin. foreach (var user in await Db.SelectAsync <User>()) { if (user.HasRole(role)) { superAdmins++; } } // Check if there is enough superadmins. Logger.LogDebug($"There must be at least {count} users with the {role} role, found: {superAdmins}"); if (superAdmins < count) { throw new Exception(string.Format("There must be at least {0} users of {1} role.", count, role)); } return(count); }
public static GameMessage UserRoleChangedMessage(User user, User.Role role) { return(new GameMessage { actionType = ActionType.UserRoleChanged, actionAgrument = new Tuple <User, User.Role>(user, role) }); }