public void Log(string area, string city, string controller, string action, string sessionID, int userId, AuthorizationManager.AccessRights accessRights, double accessDuration, double accessOverhead) { if (!Enabled) { return; } var rbacEntities = new PEMRBACEntities(); if (!_logAjax) { if (string.IsNullOrEmpty(area) && string.IsNullOrEmpty(city)) { return; } } if (!_logPages) { if (!string.IsNullOrEmpty(area) && !string.IsNullOrEmpty(city)) { return; } } if (!_logAccessAllowed) { if (accessRights == AuthorizationManager.AccessRights.Allowed) { return; } } if (!_logAccessUndefined) { if (((int)accessRights) > 0) { return; } } if (!_logAccessDenied) { if (((int)accessRights) < 0) { return; } } rbacEntities.AccessLogs.Add(new AccessLog() { Area = area, City = city, Controller = controller, Action = action, SessionID = sessionID, UserId = userId, AccessRights = (int)accessRights, AccessDuration = accessDuration, AccessOverhead = accessOverhead, AccessDate = DateTime.Now }); rbacEntities.SaveChanges(); }
/// <summary> /// Pre-event before a controller action is called. This is where system authorization is checked and /// controller instance-specific properties and session variables are initialized. /// </summary> /// <param name="filterContext">Active context</param> protected override void OnActionExecuting(ActionExecutingContext filterContext) { _logger.Trace("Enter"); // Check to make sure the user is logged in, if they are not, throw an unauthorized if (User == null || (User != null && !User.Identity.IsAuthenticated)) { filterContext.Result = new HttpUnauthorizedResult(); // now check to see if the current city is the city they have logged into } else { SetProperties(filterContext); SetCurrentCulture(); _accessRights = CheckUserAccess(filterContext); SetViewData(filterContext); _logger.Trace("{0}, C: {1}, A:{2}", _accessRights, filterContext == null ? "?" : (filterContext.ActionDescriptor == null ? "?" : filterContext.ActionDescriptor.ActionName ?? "??"), filterContext == null ? "?" : (filterContext.ActionDescriptor == null ? "?" : filterContext.ActionDescriptor.ControllerDescriptor == null ? "?" : filterContext.ActionDescriptor.ControllerDescriptor.ControllerName ?? "?")); // Act on user rights results. switch (_accessRights) { case AuthorizationManager.AccessRights.Allowed: case AuthorizationManager.AccessRights.UndefinedAction: case AuthorizationManager.AccessRights.UndefinedAjax: _logger.Debug("{0} Pass execution to action", _accessRights); base.OnActionExecuting(filterContext); break; case AuthorizationManager.AccessRights.DeniedWrongCity: _logger.Debug("{0} Send to city home page", _accessRights); filterContext.Result = SendToCityHomePage(CurrentCity.InternalName); break; case AuthorizationManager.AccessRights.DeniedNoCity: _logger.Debug("{0} Send to landing page", _accessRights); filterContext.Result = SendToLandingPage(); break; case AuthorizationManager.AccessRights.DeniedBadUserName: _logger.Debug("{0} Log user out, send to login page", _accessRights); Logout(); filterContext.Result = SendToLoginPage(); break; case AuthorizationManager.AccessRights.DeniedNoCookie: _logger.Debug("{0} Send to route {1}", _accessRights, Constants.Routing.LandingRouteName); filterContext.Result = RedirectToRoute(Constants.Routing.LandingRouteName); break; case AuthorizationManager.AccessRights.DeniedRBAC: _logger.Debug("{0} Send to city home page", _accessRights); filterContext.Result = SendToCityHomePage(CurrentCity.InternalName); break; } // Log the end of overhead execution time. // Log the beginning of access execution time. _beginAccessExecution = _endAccessExecutionOverhead = DateTime.Now; } _logger.Trace("Exit"); }