C# (CSharp) DRCOG.Domain.ViewModels UnauthorizedViewModel Exemples

Langage de programmation: C# (CSharp)

Espace de nommage/Pack: DRCOG.Domain.ViewModels

Exemples au hotexamples.com: 2

C# (CSharp) DRCOG.Domain.ViewModels UnauthorizedViewModel - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de DRCOG.Domain.ViewModels.UnauthorizedViewModel extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Associées

AbstractProcessApplication

IRenderGroupState

RegisteredSubjectsChanged

cat

CallParameter

IMainMenuAction

NoInstrAttribGroup

ManageMyDbsFrm

BoardButton

Related in langs

lingotek_xml_node_body (PHP)

makeCurlCall (PHP)

openavbMediaQHeadPush (C++)

SetDlgItemBaseInt (C++)

av_cmp_q (Go)

Debugf (Go)

DivorcioUtilService (Java)

CarApplyService (Java)

PLS_sklearn (Python)

untar_file (Python)

Exemple #1

0

Afficher le fichier

Fichier : ErrorController.cs Projet : ccpowell/mvc4-examples

public ActionResult UnAuthorized(string resource, string message) { //Logger.Log.Warn("Unauthorized attempt to access " + resource + " by " + User.Identity.Name); var viewModel = new UnauthorizedViewModel { Message = message //CurrentUser = IsValidatedSession() ? GetSession().CurrentUser : null }; return View(viewModel); }

Exemple #2

0

Afficher le fichier

Fichier : RoleAuthAttribute.cs Projet : ccpowell/mvc4-examples

/// <summary> /// Check the role authorization /// </summary> /// <param name="filterContext"></param> public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } //See if the session is active HttpContextBase ctx = filterContext.HttpContext; if (ctx.Session != null && HttpContext.Current.User.Identity.IsAuthenticated && HttpContext.Current.User.Identity is FormsIdentity) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; if (ctx.Session.IsNewSession && !ticket.IsPersistent) { // from: http://www.tyronedavisjr.com/index.php/2008/11/23/detecting-session-timeouts-using-a-aspnet-mvc-action-filter/ // If it says it is a new session, but an existing cookie exists, then it must // have timed out string sessionCookie = ctx.Request.Headers["Cookie"]; if ((null != sessionCookie) && (sessionCookie.IndexOf("ASP.NET_SessionId") >= 0)) { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "message", "Session Timed Out" }, { "controller", "Login" }, { "action", "index" }, { "ReturnUrl", filterContext.HttpContext.Request.RawUrl } }); } } else { //an existing session... ApplicationState appState = this.GetSession(filterContext.HttpContext); Person user; if (ticket.IsPersistent) { user = new Person(HttpContext.Current.User.Identity.Name); user.Load(); user.profile = ProfileService.GetUserProfile(user.profile.UserName, Common.Services.MemberShipServiceSupport.MembershipProviderType.DRCOG); appState.CurrentUser = user; } else { user = appState.CurrentUser; if (user == null || String.IsNullOrEmpty(user.profile.UserName)) { user = new Person(HttpContext.Current.User.Identity.Name); user.Load(); user.profile = ProfileService.GetUserProfile(user.profile.UserName, Common.Services.MemberShipServiceSupport.MembershipProviderType.DRCOG); appState.CurrentUser = user; } } user.profile.Roles["TripsRoleProvider"] = ProfileService.GetRolesForUser(user.profile.UserName, Common.Services.MemberShipServiceSupport.RoleProviderType.TRIPS); //user.LoadRoles(HttpContext.Current.User); if (user.SponsorsProject()) { user.AddRole("Sponsor"); } //user.AddRole("Sponsor"); //Check if user is in the authorized roles if (_rolesSplit.Length > 0 && !_rolesSplit.Any(user.IsInRole)) { //User not in role - unauthorized access attempt (or we messed up and exposed a link to the wrong class of user UnauthorizedViewModel model = new UnauthorizedViewModel(); //model.CurrentUser = user; //model.Message = String.Join(",", user.profile.Roles) + " The resource you attempted to access is restricted. This access attempt has been logged."; model.Message = Roles + " The resource you attempted to access is restricted. This access attempt has been logged."; ViewDataDictionary viewData = new ViewDataDictionary(model); filterContext.Result = new ViewResult { ViewName = "~/Views/Error/Unauthorized.aspx", ViewData = viewData }; //If the controller is not null, use it's logger! if (filterContext.Controller != null) { DRCOG.Web.Controllers.ControllerBase ctl = filterContext.Controller as DRCOG.Web.Controllers.ControllerBase; //ctl.Logger.Log.Warn("Unauthorized attempt to access " + filterContext.HttpContext.Request.RawUrl + " by " + user.Login); } } else { //User is in the role... let'er rip // ** IMPORTANT ** (Note from the Microsoft AuthorizeAttribute source code // Since we're performing authorization at the action level, the authorization code runs // after the output caching module. In the worst case this could allow an authorized user // to cause the page to be cached, then an unauthorized user would later be served the // cached page. We work around this by telling proxies not to cache the sensitive page, // then we hook our custom authorization code into the caching mechanism so that we have // the final say on whether a page should be served from the cache. HttpCachePolicyBase cachePolicy = filterContext.HttpContext.Response.Cache; cachePolicy.SetProxyMaxAge(new TimeSpan(0)); cachePolicy.AddValidationCallback(CacheValidateHandler, null /* data */); } } } else { //Null session filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "message", "You must login before accessing that page." }, { "controller", "Login" }, { "action", "index" }, { "ReturnUrl", filterContext.HttpContext.Request.RawUrl } }); } }