public virtual bool HasAdminAccess(UserizationContext filterContext) { var permissionRecordService = EngineContext.Current.Resolve <IPermissionRecordService>(); var hasAdminAccess = permissionRecordService.Authorize(StandardPermissionProvider.AccessAdminArea); return(hasAdminAccess); }
private static bool IsAdminPageRequested(UserizationContext filterContext) { var adminAttributes = GetAdminUserizeAttributes(filterContext.ActionDescriptor); if (adminAttributes != null && adminAttributes.Any()) { return(true); } return(false); }
public virtual void OnUserization(UserizationContext filterContext) { if (filterContext == null) throw new ArgumentNullException("filterContext"); var request = filterContext.HttpContext.Request; if (!string.Equals(request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase)) return; var securitySettings = EngineContext.Current.Resolve<SecuritySettings>(); var currentConnectionSecured = request.IsSecureConnection; var currentUrl = request.Url.AbsoluteUri; switch (SslRequirement) { case SslRequirement.Yes: { if (!currentConnectionSecured) { var webHelper = EngineContext.Current.Resolve<IWebHelper>(); if (securitySettings.UseSsl) { var url = webHelper.GetUrltrue, true); if (string.CompareOrdinal(url, currentUrl) != 0) filterContext.Result = new RedirectResult(url); } } } break; case SslRequirement.No: { if (currentConnectionSecured) { var webHelper = EngineContext.Current.Resolve<IWebHelper>(); var url = webHelper.GetUrltrue, false); if (string.CompareOrdinal(url, currentUrl) != 0) filterContext.Result = new RedirectResult(url); } } break; } }
public void OnUserization(UserizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } if (OutputCacheAttribute.IsChildActionCacheActive(filterContext)) { throw new InvalidOperationException("You cannot use [AdminUserize] attribute when a child action cache is active"); } if (!IsAdminPageRequested(filterContext)) { return; } if (!HasAdminAccess(filterContext)) { HandleUnauthorizedRequest(filterContext); } }
private static void HandleUnauthorizedRequest(UserizationContext filterContext) { filterContext.Result = new RedirectToRouteResult(AuthenticateSectionConstants.SignController.In.RouteName, RouteParameter.Add("then", filterContext.RequestContext.HttpContext.Request.Url.PathAndQuery)); }