/// <summary>
/// Whether the user is authorized to see the menu item.
/// </summary>
internal bool IsAuthorized(ClaimSubset identity, bool isPreprodOrProd)
{
bool controllerAuthorized = ControllerSecurity != null && ControllerSecurity.IsAuthorized(identity, isPreprodOrProd);
bool actionAuthorized = ActionSecurity != null && ActionSecurity.IsAuthorized(identity, isPreprodOrProd);
// Authorized if:
// - controller authorized and:
// - action authorized or no action security specified (use controller security)
// - or action authorized.
return((controllerAuthorized && (actionAuthorized || ActionSecurity == null)) || actionAuthorized);
}
/// <summary>
/// Shows the menu items.
/// </summary>
/// <param name="html">An instance of the HTML helper.</param>
public virtual MvcHtmlString ShowMenu(HtmlHelper html)
{
string area = html.ViewContext.RouteData.GetArea();
bool isInPreprodorProd = (ConfigurationManager.AppSettings.Get("Environment").Equals("PROD", StringComparison.OrdinalIgnoreCase) || ConfigurationManager.AppSettings.Get("Environment").Equals("PREPROD", StringComparison.OrdinalIgnoreCase));
ClaimsIdentity identity = UserService.Identity;
ClaimSubset identitySubset = identity.ToClaimSubset();
List <MenuModel> menuItems = MenuItems.Where(i => { return(string.Equals(i.Area, area, StringComparison.OrdinalIgnoreCase) && i.IsAuthorized(identitySubset, isInPreprodorProd)); }).OrderBy(m => m.Area, StringComparer.OrdinalIgnoreCase).ThenBy(m => m.Order).ThenBy(m => m.Name, StringComparer.OrdinalIgnoreCase).ToList();
IGrouping <string, MenuModel> areaMenuItems = null;
foreach (IGrouping <string, MenuModel> m1 in menuItems.GroupBy(m => m.Area, StringComparer.OrdinalIgnoreCase).OrderBy(m => m.Key, StringComparer.OrdinalIgnoreCase))
{
if (string.Equals(m1.Key, area, StringComparison.OrdinalIgnoreCase))
{
areaMenuItems = m1;
break;
}
}
string menu = string.Empty;
if (areaMenuItems != null && areaMenuItems.Count() > 1)
{
StringBuilder str = new StringBuilder(500);
string controller = html.ViewContext.RouteData.GetController();
string action = html.ViewContext.RouteData.GetAction();
MenuModel selectedMenuItem = null;
for (int index = 0; index < MenuItems.Count; index++)
{
MenuModel m = MenuItems[index];
if ((System.String.Equals(m.Area, area, System.StringComparison.OrdinalIgnoreCase) &&
System.String.Equals(m.Controller, controller, System.StringComparison.OrdinalIgnoreCase) &&
System.String.Equals(m.Action, action, System.StringComparison.OrdinalIgnoreCase)))
{
selectedMenuItem = m;
break;
}
}
#if DEBUG
var step = MiniProfiler.Current.Step("MenuService.RenderHierarchy");
try
{
#endif
RenderHierarchy(html, str, areaMenuItems.ToArray(), null, selectedMenuItem);
menu = str.ToString();
const string SidebarMinifyBtn = "<li><a href=\"javascript:;\" class=\"sidebar-minify-btn\" data-click=\"sidebar-minify\"><i class=\"fa fa-angle-double-left\"></i><span class=\"readers\">Minimize menu</span></a></li>";
menu = menu.Substring(0, menu.LastIndexOf("</ul>")) + SidebarMinifyBtn + "</ul>";
#if DEBUG
}
finally
{
if (step != null)
{
step.Dispose();
}
}
#endif
}
return(MvcHtmlString.Create(menu));
}
/// <summary>
/// Returns whether the user is authorized based on their claims.
/// </summary>
/// <param name="identity">User claims identity.</param>
/// <param name="isPreprodOrProd">if set to <c>true</c> then environment is preprod or prod.</param>
/// <returns>
/// true if the user is authorized; otherwise, false.
/// </returns>
internal bool IsAuthorized(ClaimSubset identity, bool isPreprodOrProd)
{
return(SecurityAttribute.IsAuthorized(isPreprodOrProd, AllowInProduction, AllowWindowsAuthentication, AllowAny, Users, Roles, OrganisationCodes, Contracts, identity));
}
/// <summary>
/// Returns whether the user is authorized based on their claims.
/// </summary>
/// <returns>true if the user is authorized; otherwise, false.</returns>
internal static bool IsAuthorized(bool isPreprodOrProd, bool allowInProduction, bool allowWindowsAuthentication, bool allowAny,
string[] users, string[] roles, string[] orgCodes, string[] contracts, ClaimSubset identity)
{
if (isPreprodOrProd && !allowInProduction)
{
return(false);
}
if ((allowWindowsAuthentication) && identity.AuthenticationMethodWindows)
{
return(true);
}
return(identity != null && identity.IsAuthenticated && (allowAny || (users != null && users.Contains(identity.UserId)) || identity.IsInRole(roles) || identity.IsInOrganisation(orgCodes) || identity.IsInContract(contracts)));
}
