public override bool IsAuthorized(AuthFilterContext context) { Requires.NotNull("context", context); var principal = Thread.CurrentPrincipal; if (!principal.Identity.IsAuthenticated) { return(false); } if (_denyRolesSplit.Any()) { var currentUser = PortalController.Instance.GetCurrentPortalSettings().UserInfo; if (!currentUser.IsSuperUser && _denyRolesSplit.Any(currentUser.IsInRole)) { return(false); } } if (_staticRolesSplit.Any()) { var currentUser = PortalController.Instance.GetCurrentPortalSettings().UserInfo; if (!_staticRolesSplit.Any(currentUser.IsInRole)) { return(false); } } return(true); }
public override bool IsAuthorized(AuthFilterContext context) { Requires.NotNull("context", context); var principal = Thread.CurrentPrincipal; if(!principal.Identity.IsAuthenticated) { return false; } if(_denyRolesSplit.Any()) { var currentUser = TestablePortalController.Instance.GetCurrentPortalSettings().UserInfo; if (!currentUser.IsSuperUser && _denyRolesSplit.Any(currentUser.IsInRole)) { return false; } } if (_staticRolesSplit.Any()) { var currentUser = TestablePortalController.Instance.GetCurrentPortalSettings().UserInfo; if (!_staticRolesSplit.Any(currentUser.IsInRole)) { return false; } } return true; }
public override bool IsAuthorized(AuthFilterContext context) { if (SecurityLevel == SecurityAccessLevel.Anonymous) { return true; } User = HttpContextSource.Current.Request.IsAuthenticated ? UserController.Instance.GetCurrentUserInfo() : new UserInfo(); ContextSecurity security = new ContextSecurity(context.ActionContext.Request.FindModuleInfo()); switch (SecurityLevel) { case SecurityAccessLevel.Authenticated: return User.UserID != -1; case SecurityAccessLevel.Host: return User.IsSuperUser; case SecurityAccessLevel.Admin: return security.IsAdmin; case SecurityAccessLevel.Edit: return security.CanEdit; case SecurityAccessLevel.View: return security.CanView; case SecurityAccessLevel.Pilot: return security.IsPilot; case SecurityAccessLevel.Verifier: return security.IsVerifier; } return false; }
public override bool IsAuthorized(AuthFilterContext context) { var activeModule = FindModuleInfo(context.ActionContext.Request); if (activeModule != null) { return ModulePermissionController.HasModuleAccess(AccessLevel, PermissionKey, activeModule); } return false; }
/// <summary> /// Co-ordinates check of authorization and handles Auth failure. Should rarely be overridden. /// </summary> /// <param name="actionContext"></param> protected virtual void OnAuthorization(HttpActionContext actionContext) { Requires.NotNull("actionContext", actionContext); const string failureMessage = "Authorization has been denied for this request."; var authFilterContext = new AuthFilterContext(actionContext, failureMessage); if (!IsAuthorized(authFilterContext)) { authFilterContext.HandleUnauthorizedRequest(); } }
public override bool IsAuthorized(AuthFilterContext context) { var module = FindModuleInfo(context.ActionContext.Request); if (module != null) { return(ModuleIsSupported(module)); } return(false); }
public override bool IsAuthorized(AuthFilterContext context) { var module = FindModuleInfo(context.ActionContext.Request); if (module != null) { return ModuleIsSupported(module); } return false; }
public override bool IsAuthorized(AuthFilterContext context) { var activeModule = FindModuleInfo(context.ActionContext.Request); if (activeModule != null) { return(ModulePermissionController.HasModuleAccess(AccessLevel, PermissionKey, activeModule)); } return(false); }
/// <summary> /// Tests if the request passes the authorization requirements /// </summary> /// <param name="context">The auth filter context</param> /// <returns>True when authorization is succesful</returns> public override bool IsAuthorized(AuthFilterContext context) { var principal = Thread.CurrentPrincipal; if (!principal.Identity.IsAuthenticated) { return false; } var currentUser = TestablePortalController.Instance.GetCurrentPortalSettings().UserInfo; return currentUser.IsSuperUser; }
/// <summary> /// Co-ordinates check of authorization and handles Auth failure. Should rarely be overridden. /// </summary> /// <param name="actionContext"></param> protected virtual void OnAuthorization(HttpActionContext actionContext) { Requires.NotNull("actionContext", actionContext); const string failureMessage = "Authorization has been denied for this request."; var authFilterContext = new AuthFilterContext(actionContext, failureMessage); if (!IsAuthorized(authFilterContext)) { authFilterContext.HandleUnauthorizedRequest(); } }
/// <summary> /// Tests if the request passes the authorization requirements /// </summary> /// <param name="context">The auth filter context</param> /// <returns>True when authorization is succesful</returns> public override bool IsAuthorized(AuthFilterContext context) { var principal = Thread.CurrentPrincipal; if (!principal.Identity.IsAuthenticated) { return(false); } var currentUser = TestablePortalController.Instance.GetCurrentPortalSettings().UserInfo; return(currentUser.IsSuperUser); }
/// <summary> /// Called by framework at start of Auth process, check if auth should be skipped and handles auth failure. Should rarely need to be overridden. /// </summary> /// <param name="actionContext"></param> public override void OnAuthorization(HttpActionContext actionContext) { Requires.NotNull("actionContext", actionContext); if (SkipAuthorization(actionContext)) { return; } const string failureMessage = "Authorization has been denied for this request."; var authFilterContext = new AuthFilterContext(actionContext, failureMessage); if (!IsAuthorized(authFilterContext)) { authFilterContext.HandleUnauthorizedRequest(); } }
protected string GetAntiForgeryCookieValue(AuthFilterContext context) { foreach (var cookieValue in context.ActionContext.Request.Headers.GetValues("Cookie")) { var nameIndex = cookieValue.IndexOf(AntiForgery.Instance.CookieName, StringComparison.InvariantCultureIgnoreCase); if (nameIndex > -1) { var valueIndex = nameIndex + AntiForgery.Instance.CookieName.Length + 1; var valueEndIndex = cookieValue.Substring(valueIndex).IndexOf(';'); return(valueEndIndex > -1 ? cookieValue.Substring(valueIndex, valueEndIndex) : cookieValue.Substring(valueIndex)); } } return(""); }
/// <summary> /// Called by framework at start of Auth process, check if auth should be skipped and handles auth failure. Should rarely need to be overridden. /// </summary> /// <param name="actionContext"></param> public override void OnAuthorization(HttpActionContext actionContext) { Requires.NotNull("actionContext", actionContext); if (SkipAuthorization(actionContext)) { return; } const string failureMessage = "Authorization has been denied for this request."; var authFilterContext = new AuthFilterContext(actionContext, failureMessage); if (!IsAuthorized(authFilterContext)) { authFilterContext.HandleUnauthorizedRequest(); } }
public override bool IsAuthorized(AuthFilterContext context) { try { string cookieValue = GetAntiForgeryCookieValue(context); var token = context.ActionContext.Request.Headers.GetValues("RequestVerificationToken").FirstOrDefault(); AntiForgery.Instance.Validate(cookieValue, token); } catch (Exception e) { context.AuthFailureMessage = e.Message; return(false); } return(true); }
public override bool IsAuthorized(AuthFilterContext context) { try { string cookieValue = GetAntiForgeryCookieValue(context); var token = context.ActionContext.Request.Headers.GetValues("RequestVerificationToken").FirstOrDefault(); AntiForgery.Instance.Validate(cookieValue, token); } catch(Exception e) { context.AuthFailureMessage = e.Message; return false; } return true; }
public override bool IsAuthorized(AuthFilterContext context) { Requires.NotNull("context", context); var identity = Thread.CurrentPrincipal.Identity; if (!identity.IsAuthenticated) { return(false); } if (this._denyRolesSplit.Any()) { var currentUser = PortalController.Instance.GetCurrentPortalSettings().UserInfo; if (!currentUser.IsSuperUser && this._denyRolesSplit.Any(currentUser.IsInRole)) { return(false); } } if (this._staticRolesSplit.Any()) { var currentUser = PortalController.Instance.GetCurrentPortalSettings().UserInfo; if (!this._staticRolesSplit.Any(currentUser.IsInRole)) { return(false); } } // if the attribute opted in explicitly for specific authentication types, then // use it; otherwise use the defaults according to settings in the web.config. var currentAuthType = (identity.AuthenticationType ?? string.Empty).Trim(); if (currentAuthType.Length > 0) { if (this._authTypesSplit.Any()) { return(this._authTypesSplit.Contains(currentAuthType)); } return(DefaultAuthTypes.Contains(currentAuthType)); } return(true); }
public void LocatesCookie(string cookieFormat, string cookieName, string cookieValue) { //Arrange var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost/"); request.Headers.Add("Cookie", string.Format(cookieFormat, cookieName, cookieValue)); request.Headers.Add("RequestVerificationToken", "anything_is_fine"); var config = new HttpConfiguration(); var controllerContext = new HttpControllerContext(config, new HttpRouteData(new HttpRoute()), request); var actionContext = new HttpActionContext(controllerContext, new Mock<HttpActionDescriptor>().Object); var authFilterContext = new AuthFilterContext(actionContext, ""); var mockAntiForgery = new Mock<IAntiForgery>(); mockAntiForgery.Setup(x => x.CookieName).Returns(cookieName); AntiForgery.SetTestableInstance(mockAntiForgery.Object); //Act var vaft = new ValidateAntiForgeryTokenAttribute(); vaft.IsAuthorized(authFilterContext); //Assert mockAntiForgery.Verify(x => x.Validate(cookieValue, It.IsAny<string>()), Times.Once()); }
protected string GetAntiForgeryCookieValue(AuthFilterContext context) { foreach (var cookieValue in context.ActionContext.Request.Headers.GetValues("Cookie")) { var nameIndex = cookieValue.IndexOf(AntiForgery.Instance.CookieName, StringComparison.InvariantCultureIgnoreCase); if(nameIndex > -1) { var valueIndex = nameIndex + AntiForgery.Instance.CookieName.Length + 1; var valueEndIndex = cookieValue.Substring(valueIndex).IndexOf(';'); if (valueEndIndex > -1) { return cookieValue.Substring(valueIndex, valueEndIndex); } else { return cookieValue.Substring(valueIndex); } } } return ""; }
/// <summary> /// Tests if the request passes the authorization requirements /// </summary> /// <param name="context">The auth filter context</param> /// <returns>True when authorization is succesful</returns> public abstract bool IsAuthorized(AuthFilterContext context);
/// <summary> /// Tests if the request passes the authorization requirements /// </summary> /// <param name="context">The auth filter context</param> /// <returns>True when authorization is succesful</returns> public abstract bool IsAuthorized(AuthFilterContext context);