public static MethodAuthorization GetMethodAuthorization(this MethodInfoData method) { object[] attr = method.MethodInfo.GetCustomAttributes(false); MethodAuthorization methodAuthorization = new MethodAuthorization { MethodName = method.MethodInfo.Name, AuthorizeData = Enumerable.Empty <IAuthorizeData>(), IsOverride = false, IsAllowAnonymous = attr.Where(a => a is IAllowAnonymous).Any() }; if (methodAuthorization.IsAllowAnonymous) { return(methodAuthorization); } IAuthorizeData[] attributes = attr.Where(a => a is IAuthorizeData).Cast <IAuthorizeData>().ToArray(); // the override attribute replaces all authorization for the method IEnumerable <IOverrideAuthorize> overrides = attributes.OfType <IOverrideAuthorize>(); if (overrides.Any()) { methodAuthorization.IsOverride = true; methodAuthorization.AuthorizeData = overrides; return(methodAuthorization); } if (attributes.Any()) { methodAuthorization.AuthorizeData = attributes; } return(methodAuthorization); }
public static MethodAuthorization GetMethodAuthorization(this MethodInfoData method) { object[] attr = method.MethodInfo.GetCustomAttributes(false).ToArray(); MethodAuthorization methodAuthorization = new MethodAuthorization { MethodName = method.MethodInfo.Name, AuthorizeData = Enumerable.Empty <IAuthorizeData>(), IsOverride = false, IsAllowAnonymous = attr.Where(a => a is IAllowAnonymous).Any() }; if (methodAuthorization.IsAllowAnonymous) { return(methodAuthorization); } IAuthorizeData[] denies = attr.Where(a => a is IDenyAuthorizeData).Cast <IAuthorizeData>().ToArray(); IAuthorizeData[] overrides = attr.Where(a => a is IOverrideAuthorizeData).Cast <IAuthorizeData>().ToArray(); if (overrides.Any()) { methodAuthorization.IsOverride = true; methodAuthorization.AuthorizeData = Enumerable.Union(denies, overrides); return(methodAuthorization); } IAuthorizeData[] permits = attr.Where(a => a is IAuthorizeData && !(a is IDenyAuthorizeData) && !(a is IOverrideAuthorizeData)).Cast <IAuthorizeData>().ToArray(); methodAuthorization.AuthorizeData = Enumerable.Union(denies, permits); return(methodAuthorization); }