public virtual void Auth(AuthorizingEventArgs authArgs) { authArgs.Authorized = SiteCredentialsManager.Instance.Settings.HasCredentials && (authArgs.LightCheck || FileStorageManager.Instance.UseLocalMode || IsAuthorized( authArgs.AuthServer, SiteCredentialsManager.Instance.Settings.Login, SiteCredentialsManager.Instance.Settings.GetPassword())); }
private void Authorize() { if (Authorizing == null) { return; } var args = new AuthorizingEventArgs(_authServer); Authorizing(this, args); Activated = args.Authorized; }
public override void Auth(AuthorizingEventArgs authArgs) { base.Auth(authArgs); if (authArgs.Authorized) { return; } if (SiteCredentialsManager.Instance.SettingsFile.ExistsLocal()) { File.Delete(SiteCredentialsManager.Instance.SettingsFile.LocalPath); } FormStart.CloseProgress(); using (var form = AppManager.Instance.Settings.GrayConnectConfig.UseGrayConnect ? (Form) new FormLoginGrayConnect() : new FormLogin()) { var formLogin = (IFormLogin)form; formLogin.SetSiteUrl(authArgs.AuthServer); formLogin.Logining += (o, e) => { e.Accepted = IsAuthorized(authArgs.AuthServer, e.Login, e.Password); if (e.Accepted) { SiteCredentialsManager.Instance.Settings.Login = e.Login; SiteCredentialsManager.Instance.Settings.SetPassword(e.Password); SiteCredentialsManager.Instance.Settings.Save(); } }; authArgs.Authorized = form.ShowDialog() == DialogResult.OK; } FormStart.ShowProgress(); }
/// <summary> /// Checks Roles, Users, Resource Names, and Page ACL depending on configuration /// </summary> /// <param name="httpContext">The Route Context</param> /// <returns>If the request is authorized.</returns> protected override bool AuthorizeCore(HttpContextBase httpContext) { AuthorizingEventArgs AuthorizingArgs = new AuthorizingEventArgs() { CurrentUser = GetCurrentUser(httpContext), FoundPage = GetTreeNode(httpContext), Authorized = false }; bool IsAuthorized = false; // Start event, allow user to overwrite FoundPage using (var KenticoAuthorizeAuthorizingTaskHandler = AuthorizeEvents.Authorizing.StartEvent(AuthorizingArgs)) { if (!AuthorizingArgs.SkipDefaultValidation) { AuthorizingArgs.Authorized = CacheHelper.Cache(cs => { bool Authorized = false; List <string> CacheDependencies = new List <string>(); // Will remain true only if no other higher priority authorization items were specified bool OnlyAuthenticatedCheck = true; // Roles if (!Authorized && !string.IsNullOrWhiteSpace(Roles)) { OnlyAuthenticatedCheck = false; CacheDependencies.Add("cms.role|all"); CacheDependencies.Add("cms.userrole|all"); CacheDependencies.Add("cms.membershiprole|all"); CacheDependencies.Add("cms.membershipuser|all"); foreach (string Role in Roles.Split(";,|".ToCharArray(), StringSplitOptions.RemoveEmptyEntries)) { if (AuthorizingArgs.CurrentUser.IsInRole(Role, SiteContext.CurrentSiteName, true, true)) { Authorized = true; break; } } } // Users if (!Authorized && !string.IsNullOrWhiteSpace(Users)) { OnlyAuthenticatedCheck = false; foreach (string User in Users.Split(";,|".ToCharArray(), StringSplitOptions.RemoveEmptyEntries)) { if (User.ToLower().Trim() == AuthorizingArgs.CurrentUser.UserName.ToLower().Trim()) { Authorized = true; break; } } } // Explicit Permissions if (!Authorized && !string.IsNullOrWhiteSpace(ResourceAndPermissionNames)) { OnlyAuthenticatedCheck = false; CacheDependencies.Add("cms.role|all"); CacheDependencies.Add("cms.userrole|all"); CacheDependencies.Add("cms.membershiprole|all"); CacheDependencies.Add("cms.membershipuser|all"); CacheDependencies.Add("cms.permission|all"); CacheDependencies.Add("cms.rolepermission|all"); foreach (string ResourcePermissionName in ResourceAndPermissionNames.Split(";,|".ToCharArray(), StringSplitOptions.RemoveEmptyEntries)) { string[] StringParts = ResourcePermissionName.Split('.'); string PermissionName = StringParts.Last(); string ResourceName = string.Join(".", StringParts.Take(StringParts.Length - 1)); if (UserSecurityHelper.IsAuthorizedPerResource(ResourceName, PermissionName, SiteContext.CurrentSiteName, AuthorizingArgs.CurrentUser)) { Authorized = true; break; } } } // Check page level security if (!Authorized && CheckPageACL) { if (AuthorizingArgs.FoundPage != null) { OnlyAuthenticatedCheck = false; CacheDependencies.Add("cms.role|all"); CacheDependencies.Add("cms.userrole|all"); CacheDependencies.Add("cms.membershiprole|all"); CacheDependencies.Add("cms.membershipuser|all"); CacheDependencies.Add("nodeid|" + AuthorizingArgs.FoundPage.NodeID); CacheDependencies.Add("cms.acl|all"); CacheDependencies.Add("cms.aclitem|all"); if (TreeSecurityProvider.IsAuthorizedPerNode(AuthorizingArgs.FoundPage, NodePermissionToCheck, AuthorizingArgs.CurrentUser) != AuthorizationResultEnum.Denied) { Authorized = true; } } } // If there were no other authentication properties, check if this is purely an "just requires authentication" area if (OnlyAuthenticatedCheck && (!UserAuthenticationRequired || !AuthorizingArgs.CurrentUser.IsPublic())) { Authorized = true; } if (cs.Cached) { cs.CacheDependency = CacheHelper.GetCacheDependency(CacheDependencies.Distinct().ToArray()); } return(Authorized); }, new CacheSettings(CacheAuthenticationResults ? CacheHelper.CacheMinutes(SiteContext.CurrentSiteName) : 0, "AuthorizeCore", AuthorizingArgs.CurrentUser.UserID, (AuthorizingArgs.FoundPage != null ? AuthorizingArgs.FoundPage.DocumentID : -1), SiteContext.CurrentSiteName, Users, Roles, ResourceAndPermissionNames, CheckPageACL, NodePermissionToCheck, CustomUnauthorizedRedirect, UserAuthenticationRequired)); } IsAuthorized = AuthorizingArgs.Authorized; } return(IsAuthorized); }