public static async Task AuthorizeUploadTus(AuthorizeContext arg) { CommonController.LogDebug("Authorizing upload request"); var user = await UserSessions.GetLoggedInUser(arg.HttpContext); if (user != null) { var video = new Video { id = new Guid(arg.HttpContext.Request.Headers["guid"]), userid = user.userid, privacy = VideoPrivacy.Processing, }; CommonController.LogDebug("Video metadata:"); CommonController.LogDebug($"\t id: {video.id}"); CommonController.LogDebug($"\t userid: {video.userid}"); CommonController.LogDebug($"\t privacy: {video.privacy}"); var cachedOwner = (User)uploadAuthorisationCache[video.id.ToString()]; bool exists; bool owns; if (cachedOwner == null) { CommonController.LogDebug("No owner found in cache"); using var connection = Database.OpenNewConnection(); exists = await VideoExists(video.id, connection); owns = await UserOwnsVideo(video.id, user.userid, connection); await AddOrUpdateVideo(video, connection); } //NOTE(Simon): At this point the video has definitely been created, so it exists and is owned by the cached user else if (cachedOwner.userid == user.userid) { CommonController.LogDebug("User is owner of video. allow upload"); exists = true; owns = true; } else { CommonController.LogDebug("User not authorized to update this video"); arg.FailRequest("This user is not authorized to update this video"); return; } if (exists && owns || !exists) { CommonController.LogDebug("Adding user to cache"); uploadAuthorisationCache.Add(video.id.ToString(), user, new CacheItemPolicy { SlidingExpiration = TimeSpan.FromMinutes(10) }); return; } } arg.FailRequest("This user is not authorized to update this video"); CommonController.LogDebug("User not authorized to upload videos"); }
// 限定公開メソッド protected override AuthorizeContext OnGetAuthorizeContext(AuthorizeParameter parameter) { var viewContext = new ViewContext(); viewContext.MaxStage = 1; viewContext.AuthorizeChild = new AuthorizeChild(); var context = new AuthorizeContext(parameter, viewContext); return(context); }
private static async Task OnAuthorizeAsync(AuthorizeContext eventContext, IAuthorizationService authService) { var authenticateResult = await eventContext.HttpContext.AuthenticateAsync(); if (authenticateResult is null || authenticateResult.Succeeded is false) { eventContext.FailRequest(HttpStatusCode.Forbidden); return; } var authorizeResult = await authService.AuthorizeAsync(eventContext.HttpContext.User, "ApiScope"); if (authorizeResult is null || authorizeResult.Succeeded is false) { eventContext.FailRequest(HttpStatusCode.Unauthorized); return; } }
/// <summary> /// Handle the upload authorization /// </summary> private async Task OnAuthorize(AuthorizeContext ctx) { var authResponse = await _fileMngClient.IsAuthorizedAsync(new gIsAuthorizedRequest()); if (authResponse == null) { ctx.FailRequest(HttpStatusCode.RequestTimeout); return; } if (authResponse.Status.Status == Protos.RequestStatus.Failed) { ctx.HttpContext.Response.Headers.Add("WWW-Authenticate", new StringValues("Basic realm=XtraUpload")); ctx.FailRequest(HttpStatusCode.Unauthorized); return; } switch (ctx.Intent) { case IntentType.CreateFile: break; case IntentType.ConcatenateFiles: break; case IntentType.WriteFile: break; case IntentType.DeleteFile: break; case IntentType.GetFileInfo: break; case IntentType.GetOptions: break; default: break; } return; }
public Task OnAuthorizeAsync(AuthorizeContext context) { try { var user = context.HttpContext.User; var userId = user.UserId(); _logger.LogInformation("user is authenticated, id: " + userId); if (!user.IsAdmin()) { _logger.LogInformation("user is not admin, admin right required for uploading"); context.FailRequest(HttpStatusCode.Forbidden); } return(Task.CompletedTask); } catch { _logger.LogInformation("user is not authenticated"); context.FailRequest(HttpStatusCode.Unauthorized); return(Task.CompletedTask); } }