/// <summary> Query if 'request' is authorized. </summary>
        /// <remarks> Liuxinyi, 2014-1-2. </remarks>
        /// <param name="request"> The request. </param>
        /// <param name="retcode"> The return httpstatuscode</param>
        /// <returns> true if authorized, false if not. </returns>
        public bool IsAuthorized(HttpRequestMessage request, out HttpStatusCode retcode)
        {
            string token = request.GetQueryString("token");

            retcode = HttpStatusCode.OK;
            if (token != null)
            {
                AuthorizationInfo info = this.storer.Get(token);
                if (info != null)
                {
                    // 验证资源
                    if (info.HashCode == this.GetHashValue(token, request.GetClientIp()) &&
                        new Verifier().VerifyPermission(info, request))
                    {
                        return(true);
                    }
                    else
                    {
                        retcode = HttpStatusCode.MethodNotAllowed;  // 405
                    }
                }
                else
                {
                    retcode = HttpStatusCode.Forbidden; //  403
                }
            }

            return(false);
        }
Beispiel #2
0
 /// <summary> Verify permission. </summary>
 /// <remarks> Liuxinyi, 2014-1-7. </remarks>
 /// <param name="info">    The information. </param>
 /// <param name="request"> The request. </param>
 /// <returns> true if it succeeds, false if it fails. </returns>
 public bool VerifyPermission(AuthorizationInfo info, HttpRequestMessage request)
 {
     if (info.RoleId == 1)
     {
         return(true);                   // supper admin
     }
     return(VertifyAction(info, request) && VertifyOwner(info, request));
 }
Beispiel #3
0
        /// <summary> Updates this object. </summary>
        /// <remarks> Updated By Liuxinyi, 2014-3-25. </remarks>
        /// <param name="token"> The token. </param>
        /// <param name="duration">  The expire duration. </param>
        public void Update(string token, double duration)
        {
            AuthorizationInfo info = cache.Get(token) as AuthorizationInfo;

            if (info != null)
            {
                cache.Set(token, info, DateTimeOffset.Now.AddMinutes(duration));
            }
        }
Beispiel #4
0
        /// <summary> Gets. </summary>
        /// <remarks> Liuxinyi, 2014-1-3. </remarks>
        /// <param name="token"> The token. </param>
        /// <returns> An AuthorityInfo. </returns>
        public AuthorizationInfo Get(string token)
        {
            AuthorizationInfo info = cache.Get(token) as AuthorizationInfo;

            if (info != null && info.IsSlideExpire)
            {
                cache.Set(token, info, DateTimeOffset.Now.AddMinutes(this._duration));
            }
            return(info);
        }
Beispiel #5
0
        /// <summary> Vertify action. </summary>
        /// <remarks> Liuxinyi, 2014-1-7. </remarks>
        /// <param name="info">    The information. </param>
        /// <param name="request"> The request. </param>
        /// <returns> true if it succeeds, false if it fails. </returns>
        private bool VertifyAction(AuthorizationInfo info, HttpRequestMessage request)
        {
            HttpActionDescriptor actionDescriptor = request.GetActionDescriptor();
            var authorizationAttributes           = actionDescriptor.GetCustomAttributes <AuthorizationAttribute>();

            if (authorizationAttributes.Any())
            {
                return(authorizationAttributes.Any(authorAttr => info.AuthorisedResources.Contains(authorAttr.StrAuthorizationCode)));
            }
            return(true);
        }
Beispiel #6
0
        /// <summary> Vertify owner. </summary>
        /// <remarks> Liuxinyi, 2014-1-7. </remarks>
        /// <param name="info">    The information. </param>
        /// <param name="request"> The request. </param>
        /// <returns> true if it succeeds, false if it fails. </returns>
        private bool VertifyOwner(AuthorizationInfo info, HttpRequestMessage request)
        {
            /*if (info.RoleId != 5)   // @TODO 超级管理员权限
             * {
             *  return true;
             * }*/

            var routeData = request.GetRouteData();

            // 数据服务API角色
            if (info.RoleId == 6)
            {
                if (routeData.Values.ContainsKey("structId"))
                {
                    if (!DataService.GetServiceUserStruct(info.UserName).Contains(routeData.Values["structId"]))
                    {
                        return(false);
                    }
                }

                if (routeData.Values.ContainsKey("sensorId"))
                {
                    var sensorId = routeData.Values["sensorId"];
                    int senId    = Convert.ToInt32(sensorId);
                    using (SecureCloud_Entities entity = new SecureCloud_Entities())
                    {
                        var query = from sensor in entity.T_DIM_SENSOR
                                    where sensor.SENSOR_ID == senId
                                    select sensor.STRUCT_ID;
                        if (query.FirstOrDefault() == null ||
                            !DataService.GetServiceUserStruct(info.UserName).Contains(query.First().ToString()))
                        {
                            return(false);
                        }
                    }

                    return(true);
                }

                return(true);
            }

            int userId = info.UserId;

            foreach (var pair in verifyDict)
            {
                if (routeData.Values.ContainsKey(pair.Key))
                {
                    return(pair.Value(userId, routeData.Values[pair.Key].ToString()));
                }
            }
            return(true);
        }
 /// <summary> Saves a verify ticket. </summary>
 /// <remarks> Liuxinyi, 2014-1-7. </remarks>
 /// <param name="token">    The token. </param>
 /// <param name="userId"> The username. </param>
 /// <param name="roleId">   Identifier for the role. </param>
 /// <param name="request">  The request. </param>
 public void SaveVerifyTicket(string token, AuthorizationInfo userInfo)
 {
     this.storer.Add(token, userInfo);
 }
Beispiel #8
0
 /// <summary> Updates this object. </summary>
 /// <remarks> Liuxinyi, 2014-1-3. </remarks>
 /// <param name="token"> The token. </param>
 /// <param name="info">  The information. </param>
 public void Update(string token, AuthorizationInfo info)
 {
     cache.Set(token, info, DateTimeOffset.Now.AddMinutes(this._duration));
 }
Beispiel #9
0
 /// <summary> Adds token. </summary>
 /// <remarks> Updated By Liuxinyi, 2014-3-25. </remarks>
 /// <param name="token"> The token. </param>
 /// <param name="info">  The information. </param>
 /// <param name="duration">  The expire duration. </param>
 public void Add(string token, AuthorizationInfo info, double duration)
 {
     cache.Set(token, info, DateTimeOffset.Now.AddMinutes(duration));
 }