protected override bool IsAuthorized(HttpActionContext actionContext) { var roleManagerBso = new RoleManagerBso(); MvcAction action = new MvcAction { ActionName = actionContext.ActionDescriptor.ActionName, ControllerName = actionContext.ControllerContext.Controller.ToString(), ParameterTypes = actionContext.ActionDescriptor.GetParameters().Select(p => p.ParameterType.ToString()), ReturnType = actionContext.ActionDescriptor.ReturnType.ToString() }; //Get id of roles that are assigned to this action var dbRoles = roleManagerBso.GetRolesByAction(action)?.Select(r => r.Name); //if no role assigned to this action, it means all roles can have access to this action if (dbRoles == null) { return(true); } var identity = (actionContext.RequestContext.Principal.Identity as ClaimsIdentity); //Get the role claims that are attached to current identity var claimRoles = identity.Claims.Where(c => c.Type == identity.RoleClaimType).Select(r => r.Value); //Check if two sets of roles have something in common. return(dbRoles.Intersect <string>(claimRoles).Count() > 0); }
public IEnumerable <IScriptExtension> CreateForActionFunctionBody(MvcAction action) { List <IScriptExtension> exts = new List <IScriptExtension>(); bool hasQueryParam = HasAnyQueryParmeter(action); if (hasQueryParam) { exts.Add(new InitUrlParamsScriptExtensions()); foreach (var queryP in GetSimpleQueryParams(action)) { exts.Add(new AddSimpleParameterToQueryStringScriptExtension(queryP.Name)); } foreach (string key in _constantQueryParams.Keys) { foreach (var val in _constantQueryParams.GetValues(key)) { exts.Add(new AddKeyValueToQueryStringScriptExtension(key, val)); } } foreach (var queryP in GetComplexQueryParams(action)) { exts.Add(new AddComplexParameterToQueryStringScriptExtension(queryP.Name)); } } return(exts); }
public MvcActionTextTemplate(MvcAction action, ScriptExtensionsFactory extensionsFactory, FetchFunctionDescriptor fetchFunc, TypeFormatter formatter) { _action = action; _formatter = formatter; _fetchFunc = fetchFunc; _bodyExtensions = extensionsFactory.CreateForActionFunctionBody(action); }
private static void AddActionImports(ImportManager imports, MvcAction action) { imports.TryAddToImports(action.ReturnType); foreach (var param in action.ActionParameters) { foreach (var type in param.Types) { imports.TryAddToImports(type); } } }
public override void OnAuthorization(AuthorizationContext filterContext) { action = new MvcAction { ActionName = filterContext.ActionDescriptor.ActionName, ControllerName = filterContext.Controller.ToString(), ParameterTypes = filterContext.ActionDescriptor.GetParameters().Select(p => p.ParameterType.ToString()), ReturnType = (filterContext.ActionDescriptor as ReflectedActionDescriptor).MethodInfo.ReturnParameter.ToString().Trim() }; base.OnAuthorization(filterContext); }
public IHttpActionResult AddRolesToAction(MvcAction mvcAction) { try { RoleManagerBso.AddRolesToAction(mvcAction); return(Ok()); } catch (Exception e) { return(InternalServerError(e)); } }
/// <summary> /// Get action entity from database by MvcAction object /// </summary> /// <param name="mvcAction"></param> /// <returns></returns> private Models.Action GetAction(MvcAction mvcAction) { var actions = UnitOfWork.Repository <Models.Action>() .Get(a => a.ControllerName == mvcAction.ControllerName && a.ActionName == mvcAction.ActionName).ToList(); string parameterTypes = ""; if (mvcAction.ParameterTypes != null) { parameterTypes = string.Join(",", mvcAction.ParameterTypes.ToArray()); } if (actions.Count() == 0) { return(null); } return(actions.Where(a => a.ReturnType == mvcAction.ReturnType && a.ParameterTypes == parameterTypes) .FirstOrDefault()); }
/// <summary> /// Save roles to action /// </summary> /// <param name="mvcAction"></param> public void AddRolesToAction(MvcAction mvcAction) { Models.Action action = this.GetAction(mvcAction); if (action == null) { action = new Models.Action { ActionName = mvcAction.ActionName, ControllerName = mvcAction.ControllerName, ParameterTypes = string.Join(",", mvcAction.ParameterTypes.ToArray()), ReturnType = mvcAction.ReturnType }; UnitOfWork.Repository <Models.Action>().Insert(action); } AddRolesToAction(mvcAction.Roles, action); UnitOfWork.Save(); }
public string ResolveParameter(MvcAction action) { var compiledParams = action.GetCompiledParameters(); var actionQueryParams = compiledParams.Where(p => p.BindingType == ActionParameterSourceType.Query).ToList(); string urlParamQueryPart = actionQueryParams.Count > 0 || _constantQueryParams.Count > 0 ? $"${{{QueryParameterHelperFunctions.GetQueryStringFuncName}({InitUrlParamsScriptExtensions.UrlParamsVarName})}}" : "";; // Add the route params string route = action.GetRouteTemplate(_baseUrl); var routeParamNames = compiledParams.Where(p => p.BindingType == ActionParameterSourceType.Route).Select(p => p.Name); foreach (string paramName in routeParamNames) { route = route.Replace($"{{{paramName}}}", $"${{{paramName}}}"); } return($"`{route}{urlParamQueryPart}`"); }
public string ResolveParameter(MvcAction action) { if (!action.RequestMethod.HasBody) { return("null"); } var bodyParams = action.ActionParameters.Where(p => p.BindingType == ActionParameterSourceType.Body).ToList(); if (bodyParams.Count == 0) { return("null"); } else if (bodyParams.Count > 1) { throw new InvalidOperationException("More than one body parameter is not supported: " + string.Join(", ", bodyParams.Select(b => b.Name))); } else { // If we are only using a single parameter model binding (i.e. asp.net core), then the object itself should be the body return(bodyParams[0].Name); } }
/// <summary> /// Get associated roles by action /// </summary> /// <param name="mvcAction"></param> /// <returns></returns> public List <MvcRole> GetRolesByAction(MvcAction mvcAction) { //Only ControllerName and ActionName have indexes. //Most of cases, controller and action name should be able to identify the right record. var action = this.GetAction(mvcAction); var actionRoles = action?.Roles; if (actionRoles == null) { return(null); } List <MvcRole> selectedRoles = new List <MvcRole>(); foreach (var role in actionRoles) { selectedRoles.Add(new MvcRole { Id = role.Id, Name = role.Name }); } return(selectedRoles); }
public abstract string TryResolve(string currentRoute, MvcController controller, MvcAction action);
public override string TryResolve(string currentRoute, MvcController controller, MvcAction action) => _func(currentRoute, controller, action);
public override string TryResolve(string currentRoute, MvcController controller, MvcAction action) { var apiVersionAttr = controller.NamedType.Attributes.LastOrDefault(attr => attr.AttributeType.FullName == _attrTypeFullName); if (apiVersionAttr == null) { return(currentRoute); } // TODO: can override on action... but eh for now string version = apiVersionAttr.ConstructorArguments[0].ToString(); return(s_apiVersionToken.Replace(currentRoute, version)); }
public override bool Evaluate(MvcAction action) => true;
private IEnumerable <MvcActionParameter> GetSimpleQueryParams(MvcAction action) => action.ActionParameters.Where(p => p.BindingType == ActionParameterSourceType.Query && p.Types.Any(t => !t.IsComplexType()));
private static void CompileActionImport(ImportManager imports, ControllerContext context, MvcAction actionInfo) { FetchFunctionDescriptor fetchDescriptor = context.FetchFunctionResolver.Resolve(actionInfo.RequestMethod.Name); string funcKey = "fetch-" + fetchDescriptor.FetchModulePath; if (!imports.ContainsImportPath(funcKey)) { imports.AddImport(funcKey, new ImportStatement(context.OutputPath, fetchDescriptor.FetchModulePath, false)); } ImportStatement ajaxImport = imports.GetImportAtPath(funcKey); ajaxImport.AddItem(fetchDescriptor.FunctionName); AddActionImports(imports, actionInfo); TryAddAdditionalImports(imports, context, fetchDescriptor.AdditionalImports); }
private bool HasAnyQueryParmeter(MvcAction action) => _constantQueryParams.Count > 0 || action.ActionParameters.Any(p => p.BindingType == ActionParameterSourceType.Query);
public string ResolveParameter(MvcAction action) => _parameter.Name;
public string ResolveParameter(MvcAction action) => $"\"{action.RequestMethod.MethodName}\"";
public MvcActionTester(ControllerContext context, MvcAction method, TypeFormatter typeFormatter) { _context = context; _method = method; _typeFormatter = typeFormatter; }
/// <summary> /// Evaluates the action for whether it should be included /// </summary> /// <param name="action">The action</param> /// <returns>True if it should be included</returns> public override bool Evaluate(MvcAction action) { return(action.Attributes.Any(attr => _attributeFilter.Matches(attr.AttributeType))); }
public List <MvcRole> GetRolesByAction(MvcAction mvcAction) { return(RoleManagerBso.GetRolesByAction(mvcAction)); }
private bool HasAnyComplexQueryParmeter(MvcAction action) => GetComplexQueryParams(action).Any();
private MvcActionTextTemplate CreateTemplateForAction(MvcAction action) => new MvcActionTextTemplate(action, _scriptExtensions, _context.FetchFunctionResolver.Resolve(action.RequestMethod.Name), _formatter);
/// <summary> /// Evaluates the action for whether it should be included /// </summary> /// <param name="action">The action</param> /// <returns>True if it should be included</returns> public abstract bool Evaluate(MvcAction action);