/// <summary> /// Whether the user is authorized to see the menu item. /// </summary> internal bool IsAuthorized(ClaimSubset identity, bool isPreprodOrProd) { bool controllerAuthorized = ControllerSecurity != null && ControllerSecurity.IsAuthorized(identity, isPreprodOrProd); bool actionAuthorized = ActionSecurity != null && ActionSecurity.IsAuthorized(identity, isPreprodOrProd); // Authorized if: // - controller authorized and: // - action authorized or no action security specified (use controller security) // - or action authorized. return((controllerAuthorized && (actionAuthorized || ActionSecurity == null)) || actionAuthorized); }
/// <summary> /// Shows the menu items. /// </summary> /// <param name="html">An instance of the HTML helper.</param> public virtual MvcHtmlString ShowMenu(HtmlHelper html) { string area = html.ViewContext.RouteData.GetArea(); bool isInPreprodorProd = (ConfigurationManager.AppSettings.Get("Environment").Equals("PROD", StringComparison.OrdinalIgnoreCase) || ConfigurationManager.AppSettings.Get("Environment").Equals("PREPROD", StringComparison.OrdinalIgnoreCase)); ClaimsIdentity identity = UserService.Identity; ClaimSubset identitySubset = identity.ToClaimSubset(); List <MenuModel> menuItems = MenuItems.Where(i => { return(string.Equals(i.Area, area, StringComparison.OrdinalIgnoreCase) && i.IsAuthorized(identitySubset, isInPreprodorProd)); }).OrderBy(m => m.Area, StringComparer.OrdinalIgnoreCase).ThenBy(m => m.Order).ThenBy(m => m.Name, StringComparer.OrdinalIgnoreCase).ToList(); IGrouping <string, MenuModel> areaMenuItems = null; foreach (IGrouping <string, MenuModel> m1 in menuItems.GroupBy(m => m.Area, StringComparer.OrdinalIgnoreCase).OrderBy(m => m.Key, StringComparer.OrdinalIgnoreCase)) { if (string.Equals(m1.Key, area, StringComparison.OrdinalIgnoreCase)) { areaMenuItems = m1; break; } } string menu = string.Empty; if (areaMenuItems != null && areaMenuItems.Count() > 1) { StringBuilder str = new StringBuilder(500); string controller = html.ViewContext.RouteData.GetController(); string action = html.ViewContext.RouteData.GetAction(); MenuModel selectedMenuItem = null; for (int index = 0; index < MenuItems.Count; index++) { MenuModel m = MenuItems[index]; if ((System.String.Equals(m.Area, area, System.StringComparison.OrdinalIgnoreCase) && System.String.Equals(m.Controller, controller, System.StringComparison.OrdinalIgnoreCase) && System.String.Equals(m.Action, action, System.StringComparison.OrdinalIgnoreCase))) { selectedMenuItem = m; break; } } #if DEBUG var step = MiniProfiler.Current.Step("MenuService.RenderHierarchy"); try { #endif RenderHierarchy(html, str, areaMenuItems.ToArray(), null, selectedMenuItem); menu = str.ToString(); const string SidebarMinifyBtn = "<li><a href=\"javascript:;\" class=\"sidebar-minify-btn\" data-click=\"sidebar-minify\"><i class=\"fa fa-angle-double-left\"></i><span class=\"readers\">Minimize menu</span></a></li>"; menu = menu.Substring(0, menu.LastIndexOf("</ul>")) + SidebarMinifyBtn + "</ul>"; #if DEBUG } finally { if (step != null) { step.Dispose(); } } #endif } return(MvcHtmlString.Create(menu)); }
/// <summary> /// Returns whether the user is authorized based on their claims. /// </summary> /// <param name="identity">User claims identity.</param> /// <param name="isPreprodOrProd">if set to <c>true</c> then environment is preprod or prod.</param> /// <returns> /// true if the user is authorized; otherwise, false. /// </returns> internal bool IsAuthorized(ClaimSubset identity, bool isPreprodOrProd) { return(SecurityAttribute.IsAuthorized(isPreprodOrProd, AllowInProduction, AllowWindowsAuthentication, AllowAny, Users, Roles, OrganisationCodes, Contracts, identity)); }
/// <summary> /// Returns whether the user is authorized based on their claims. /// </summary> /// <returns>true if the user is authorized; otherwise, false.</returns> internal static bool IsAuthorized(bool isPreprodOrProd, bool allowInProduction, bool allowWindowsAuthentication, bool allowAny, string[] users, string[] roles, string[] orgCodes, string[] contracts, ClaimSubset identity) { if (isPreprodOrProd && !allowInProduction) { return(false); } if ((allowWindowsAuthentication) && identity.AuthenticationMethodWindows) { return(true); } return(identity != null && identity.IsAuthenticated && (allowAny || (users != null && users.Contains(identity.UserId)) || identity.IsInRole(roles) || identity.IsInOrganisation(orgCodes) || identity.IsInContract(contracts))); }