C# (CSharp) AbpAuthorizationExceptionの例

コード例 #1

ファイル: AbpMvcAuthorizeFilter.cs プロジェクト: P79N6A/abp-ant-design-pro-vue

        protected virtual void HandleUnauthorizedRequest(
            AuthorizationContext filterContext,
            MethodInfo methodInfo,
            AbpAuthorizationException ex)
        {
            filterContext.HttpContext.Response.StatusCode =
                filterContext.RequestContext.HttpContext.User?.Identity?.IsAuthenticated ?? false
                    ? (int)HttpStatusCode.Forbidden
                    : (int)HttpStatusCode.Unauthorized;

            var isJsonResult = MethodInfoHelper.IsJsonResult(methodInfo);

            if (isJsonResult)
            {
                filterContext.Result = CreateUnAuthorizedJsonResult(ex);
            }
            else
            {
                filterContext.Result = CreateUnAuthorizedNonJsonResult(filterContext, ex);
            }

            if (isJsonResult || filterContext.HttpContext.Request.IsAjaxRequest())
            {
                filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
            }

            _eventBus.Trigger(this, new AbpHandledExceptionData(ex));
        }

コード例 #2

ファイル: AbpMvcAuthorizeFilter.cs プロジェクト: sunilake/aspnetboilerplate

        private void HandleUnauthorizedRequest(
            AuthorizationContext filterContext,
            MethodInfo methodInfo,
            AbpAuthorizationException ex)
        {
            filterContext.HttpContext.Response.StatusCode =
                filterContext.RequestContext.HttpContext.User?.Identity?.IsAuthenticated ?? false
                    ? (int)HttpStatusCode.Forbidden
                    : (int)HttpStatusCode.Unauthorized;

            var isJsonResult = MethodInfoHelper.IsJsonResult(methodInfo);

            if (isJsonResult)
            {
                filterContext.Result = new AbpJsonResult(
                    new AjaxResponse(
                        _errorInfoBuilder.BuildForException(ex)
                        )
                    )
                {
                    JsonRequestBehavior = JsonRequestBehavior.AllowGet
                };
            }
            else
            {
                filterContext.Result = new HttpStatusCodeResult(filterContext.HttpContext.Response.StatusCode, ex.Message);
            }

            if (isJsonResult || filterContext.HttpContext.Request.IsAjaxRequest())
            {
                filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
            }
        }

コード例 #3

ファイル: AbpAuthorizationServiceExtensions_Tests.cs プロジェクト: zjc-china/abp

        public void Test_AbpAuthorizationException_Localization()
        {
            using (CultureHelper.Use("zh-Hans"))
            {
                var exception = new AbpAuthorizationException(code: AbpAuthorizationErrorCodes.GivenPolicyHasNotGranted);
                var errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("授权失败! 提供的策略尚未授予.");

                exception = new AbpAuthorizationException(code: AbpAuthorizationErrorCodes.GivenPolicyHasNotGrantedWithPolicyName)
                            .WithData("PolicyName", "my_policy_name");
                errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("授权失败! 提供的策略尚未授予: my_policy_name");

                exception = new AbpAuthorizationException(code: AbpAuthorizationErrorCodes.GivenPolicyHasNotGrantedForGivenResource)
                            .WithData("ResourceName", "my_resource_name");
                errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("授权失败! 提供的策略未授予提供的资源: my_resource_name");

                exception = new AbpAuthorizationException(code: AbpAuthorizationErrorCodes.GivenRequirementHasNotGrantedForGivenResource)
                            .WithData("ResourceName", "my_resource_name");
                errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("授权失败! 提供的要求未授予提供的资源: my_resource_name");

                exception = new AbpAuthorizationException(code: AbpAuthorizationErrorCodes.GivenRequirementsHasNotGrantedForGivenResource)
                            .WithData("ResourceName", "my_resource_name");
                errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("授权失败! 提供的要求未授予提供的资源: my_resource_name");
            }
        }

コード例 #4

ファイル: AbpMvcAuthorizeFilter.cs プロジェクト: P79N6A/abp-ant-design-pro-vue

 protected virtual AbpJsonResult CreateUnAuthorizedJsonResult(AbpAuthorizationException ex)
 {
     return(new AbpJsonResult(
                new AjaxResponse(_errorInfoBuilder.BuildForException(ex), true))
     {
         JsonRequestBehavior = JsonRequestBehavior.AllowGet
     });
 }

コード例 #5

ファイル: LogSeverity_Tests.cs プロジェクト: ziranquliu/aspnetboilerplate

        public void AuthorizationException_Default_Log_Severity_Change_Test()
        {
            // change log severity ...
            AbpAuthorizationException.DefaultLogSeverity = LogSeverity.Error;

            var exception = new AbpAuthorizationException("Test exception !");

            exception.Severity.ShouldBe(LogSeverity.Error);
        }

コード例 #6

ファイル: DefaultAbpAuthorizationExceptionHandler.cs プロジェクト: younes21/abp

    public virtual async Task HandleAsync(AbpAuthorizationException exception, HttpContext httpContext)
    {
        var handlerOptions  = httpContext.RequestServices.GetRequiredService <IOptions <AbpAuthorizationExceptionHandlerOptions> >().Value;
        var isAuthenticated = httpContext.User.Identity?.IsAuthenticated ?? false;
        var authenticationSchemeProvider = httpContext.RequestServices.GetRequiredService <IAuthenticationSchemeProvider>();

        AuthenticationScheme scheme = null;

        if (!handlerOptions.AuthenticationScheme.IsNullOrWhiteSpace())
        {
            scheme = await authenticationSchemeProvider.GetSchemeAsync(handlerOptions.AuthenticationScheme);

            if (scheme == null)
            {
                throw new AbpException($"No authentication scheme named {handlerOptions.AuthenticationScheme} was found.");
            }
        }
        else
        {
            if (isAuthenticated)
            {
                scheme = await authenticationSchemeProvider.GetDefaultForbidSchemeAsync();

                if (scheme == null)
                {
                    throw new AbpException($"There was no DefaultForbidScheme found.");
                }
            }
            else
            {
                scheme = await authenticationSchemeProvider.GetDefaultChallengeSchemeAsync();

                if (scheme == null)
                {
                    throw new AbpException($"There was no DefaultChallengeScheme found.");
                }
            }
        }

        var handlers = httpContext.RequestServices.GetRequiredService <IAuthenticationHandlerProvider>();
        var handler  = await handlers.GetHandlerAsync(httpContext, scheme.Name);

        if (handler == null)
        {
            throw new AbpException($"No handler of {scheme.Name} was found.");
        }

        if (isAuthenticated)
        {
            await handler.ForbidAsync(null);
        }
        else
        {
            await handler.ChallengeAsync(null);
        }
    }

コード例 #7

        public void Test_AbpAuthorizationException_Localization()
        {
            using (CultureHelper.Use("zh-Hans"))
            {
                var exception = new AbpAuthorizationException(code: AbpFeatureErrorCodes.FeatureIsNotEnabled)
                                .WithData("FeatureName", "my_feature_name");
                var errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("功能未启用: my_feature_name");

                exception = new AbpAuthorizationException(code: AbpFeatureErrorCodes.AllOfTheseFeaturesMustBeEnabled)
                            .WithData("FeatureNames", "my_feature_name, my_feature_name2");
                errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("必要的功能未启用. 这些功能需要启用: my_feature_name, my_feature_name2");

                exception = new AbpAuthorizationException(code: AbpFeatureErrorCodes.AtLeastOneOfTheseFeaturesMustBeEnabled)
                            .WithData("FeatureNames", "my_feature_name, my_feature_name2");
                errorInfo = _exceptionToErrorInfoConverter.Convert(exception, false);
                errorInfo.Message.ShouldBe("必要的功能未启用. 需要启用这些功能中的一项：my_feature_name, my_feature_name2");
            }
        }

コード例 #8

        public async Task InvokeAsync(HttpContext context, RequestDelegate next)
        {
            await next(context);

            if (IsAuthorizationExceptionStatusCode(context))
            {
                var exception = new AbpAuthorizationException(GetAuthorizationExceptionMessage(context));

                Logger.Error(exception.Message);

                await context.Response.WriteAsync(
                    JsonConvert.SerializeObject(
                        new AjaxResponse(
                            _errorInfoBuilder.BuildForException(exception),
                            true
                            )
                        )
                    );

                EventBus.Trigger(this, new AbpHandledExceptionData(exception));
            }
        }

コード例 #9

ファイル: AbpMvcAuthorizeFilter.cs プロジェクト: P79N6A/abp-ant-design-pro-vue

 protected virtual HttpStatusCodeResult CreateUnAuthorizedNonJsonResult(AuthorizationContext filterContext, AbpAuthorizationException ex)
 {
     return(new HttpStatusCodeResult(filterContext.HttpContext.Response.StatusCode, ex.Message));
 }