Example #1
0
        public ActionResult HandleSecurityFor(string controllerName, string actionName, ISecurityContext securityContext)
        {
            if (controllerName.IsNullOrEmpty())
            {
                throw new ArgumentException("Controllername must not be null or empty", "controllerName");
            }
            if (actionName.IsNullOrEmpty())
            {
                throw new ArgumentException("Actionname must not be null or empty", "actionName");
            }
            if (securityContext == null)
            {
                throw new ArgumentNullException("securityContext", "Security context must not be null");
            }

            var configuration = ServiceLocator.Current.Resolve <ISecurityConfiguration>();

            var policyContainer = configuration.PolicyContainers.GetContainerFor(controllerName, actionName);

            if (policyContainer != null)
            {
                var results = policyContainer.EnforcePolicies(securityContext);
                if (results.Any(x => x.ViolationOccured))
                {
                    var result = results.First(x => x.ViolationOccured);
                    var policyViolationException = new PolicyViolationException(result);
                    var violationHandlerSelector = ServiceLocator.Current.Resolve <IPolicyViolationHandlerSelector>();
                    var matchingHandler          = violationHandlerSelector.FindHandlerFor(policyViolationException) ?? new ExceptionPolicyViolationHandler();
                    return(matchingHandler.Handle(policyViolationException));
                }
                return(null);
            }

            if (configuration.IgnoreMissingConfiguration)
            {
                return(null);
            }

            throw ExceptionFactory.CreateConfigurationErrorsException("Security has not been configured for controller {0}, action {1}".FormatWith(controllerName, actionName));
        }
Example #2
0
        public IEnumerable <PolicyResult> EnforcePolicies(ISecurityContext context)
        {
            if (_policies.Count.Equals(0))
            {
                throw ExceptionFactory.CreateConfigurationErrorsException("You must add at least 1 policy for controller {0} action {1}.".FormatWith(ControllerName, ActionName));
            }

            var results = new List <PolicyResult>();

            foreach (var policy in _policies)
            {
                var result = policy.Enforce(context);
                results.Add(result);

                if (result.ViolationOccured && PolicyExecutionMode.ShouldStopOnFirstViolation)
                {
                    break;
                }
            }

            return(results.AsReadOnly());
        }