Esempio n. 1
0
        public PolicyResult Enforce(FluentSecurity.ISecurityContext context)
        {
            PolicyResult result = PolicyResult.CreateFailureResult(this, "Access denied!");

            if (context.CurrentUserRoles() != null)
            {
                if (context.CurrentUserRoles().Contains("Admin"))
                {
                    result = PolicyResult.CreateSuccessResult(this);
                }
            }

            return(result);
        }
        public FluentSecurity.PolicyResult Enforce(FluentSecurity.ISecurityContext context)
        {
            Guid instanceId = context.Data.InstanceId;

            var identity = HttpContext.Current.User.Identity;

            if (!identity.IsAuthenticated)
            {
                return(PolicyResult.CreateFailureResult(new DenyAnonymousAccessPolicy(), "Not authenticated"));
            }
            using (var db = Context.Create())
            {
                var userId     = Guid.Parse(identity.GetUserId());
                var membership = db.UserToInstanceMappings.FirstOrDefault(m => m.UserId == userId);
                if (membership == null)
                {
                    return(PolicyResult.CreateFailureResult(this, "Not authenticated"));
                }
            }


            return(PolicyResult.CreateSuccessResult(this));
        }