C# (CSharp) AuthorizeActivityAttribute Examples

Programming Language: C# (CSharp)

Examples at hotexamples.com: 2

C# (CSharp) AuthorizeActivityAttribute - 2 examples found. These are the top rated real world C# (CSharp) examples of AuthorizeActivityAttribute extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

        /// <summary>
        /// Authorization logic for Methods that has been decorated with AuthorizeActivityAttribute
        /// </summary>
        /// <param name="invocation"></param>
        /// <param name="authorizeAttribute"></param>
        private void AuthorizeMethodInvocation(IInvocation invocation, AuthorizeActivityAttribute authorizeAttribute)
        {
            foreach (var parameter in MapParameters(invocation.Arguments, invocation.Method.GetParameters(), authorizeAttribute.ParamType))
            {
                Guid objectId;
                if (parameter is Guid)
                {
                    objectId = (Guid)parameter;
                }
                else if (parameter is string)
                {
                    objectId = Guid.Parse((string)parameter);
                }
                else
                {
                    //todo: in case of requirement for objects not inherited from BaseObject, create a new property inside AuthorizeActivityAttribute that will set object inner propertyName in case of this "Id"
                    var property = parameter.GetType().GetProperty("Id");
                    objectId = Guid.Parse(property.GetValue(parameter).ToString());
                }

                if (_securityServices.AuthorizeActivity(authorizeAttribute.Permission, objectId, authorizeAttribute.TargetType.Name))
                {
                    invocation.Proceed();
                }
                else
                {
                    throw new HttpException(403, "You are not authorized to perform this activity!");
                }
            }
        }

Example #2

Show file

        /// <summary>
        /// Authorization logic for Properties that has been decorated with AuthorizeActivityAttribute
        /// </summary>
        /// <param name="invocation"></param>
        /// <param name="authorizeAttribute"></param>
        private void AuthorizePropertyInvocation(IInvocation invocation, AuthorizeActivityAttribute authorizeAttribute)
        {
            var property = invocation.TargetType.GetProperty("Id");
            var objectId = property.GetValue(invocation.Proxy).ToString();

            if (string.IsNullOrEmpty(objectId))
            {
                invocation.Proceed();
            }

            Guid result = Guid.Empty;

            if (Guid.TryParse(objectId, out result))
            {
                if (result == Guid.Empty)
                {
                    invocation.Proceed();
                }
            }

            if (_securityServices.AuthorizeActivity(authorizeAttribute.Permission, result, authorizeAttribute.TargetType.Name))
            {
                invocation.Proceed();
                return;
            }
            else
            {
                throw new HttpException(403, "You are not authorized to perform this activity!");
            }
        }