public override IDisplayResult Display(ProfileGroupOwnershipPart part, BuildPartDisplayContext context) { // If the request is not a detail page then we allow users to view the content if (context.DisplayType != "Detail") { return(null); } // If the settings for the part don't restrict access allow viewing the content if (!ShouldRestrictAccess(part, context)) { return(null); } var ids = part.Get <ProfileGroupField>(GroupOwnershipConstants.GroupFieldName)?.ProfileGroupContentItemIds; // If the user has the required profile group allow viewing if (_ownershipAuthorizationService.CanViewContentAsync(_httpContextAccessor.HttpContext.User, ids).Result) { return(null); } // Otherwise 401 and redirect _httpContextAccessor.HttpContext.Response.StatusCode = 401; _httpContextAccessor.HttpContext.Response.Redirect(_urlService.GetTenantUrl(), false); return(null); }
public override async Task <IDisplayResult> EditAsync(ProfilePart part, BuildPartEditorContext context) { var user = (User)await _userService.GetUserByUniqueIdAsync(part.UserIdentifier); return(Initialize <ProfilePartViewModel>("ProfilePart_Edit", model => { model.UserName = (user == null ? string.Empty : user.UserName); model.Id = (user == null ? 0 : user.Id); model.SiteURL = _urlService.GetTenantUrl(); })); }
public override async Task <IDisplayResult> DisplayAsync(SubscriptionAccessPart part, BuildPartDisplayContext context) { var canViewContent = await _accessAuthorizationService.CanViewContent(_httpContextAccessor.HttpContext?.User, part.SubscriptionSelection); // If the request is not a detail page then we allow users to view the content if (context.DisplayType != "Detail") { return(Initialize <SubscriptionAccessViewModel>("SubscriptionAccessPart", model => { model.HasAccess = canViewContent; }) .Location("Detail", "") .Location("Summary", "AfterContent") .Location("SummaryAdmin", "")); } if (canViewContent) { return(null); } var settings = await _subscriptionAccessSettingsService.GetSettingsAsync(); // If there is no redirect URL has been specified // then we redirect users to the root of the website. _httpContextAccessor.HttpContext.Response.StatusCode = 401; _httpContextAccessor.HttpContext.Response.Redirect(string.IsNullOrEmpty(settings.UnauthorisedRedirectPath) ? _urlService.GetTenantUrl() : settings.UnauthorisedRedirectPath, false); return(null); }