protected page Authorize(DreamContext context, user user, DekiAccessLevel access, string pageIdName) { page result; long id = context.Uri.GetParam <long>(pageIdName, 0); if (id == 0) { string title = context.Uri.GetParam("title", ""); if (string.IsNullOrEmpty(title)) { throw new DreamAbortException(DreamMessage.NotFound("")); } result = page.GetCurByTitle(title); } else { result = page.GetCurByID((ulong)id); } // check that page was found if ((result == null) || (result.ID <= 0)) { throw new DreamAbortException(DreamMessage.NotFound("")); } // check if action is allowed string action; switch (access) { case DekiAccessLevel.Read: action = DekiWikiConstants.ACTION_READ; break; case DekiAccessLevel.Write: action = DekiWikiConstants.ACTION_EDIT; break; case DekiAccessLevel.Destroy: action = DekiWikiConstants.ACTION_DELETE; break; default: throw new DreamAbortException(DreamMessage.BadRequest(string.Format("unknown action {0}", access))); } if (!result.userCan(action, user)) { throw new DreamAbortException(DreamMessage.AccessDenied(DekiWikiService.AUTHREALM, "")); } // return page return(result); }
protected page Authorize(DreamContext context, user user, DekiAccessLevel access, string pageIdName) { page result; long id = context.Uri.GetParam<long>(pageIdName, 0); if (id == 0) { string title = context.Uri.GetParam("title", ""); if (string.IsNullOrEmpty(title)) { throw new DreamAbortException(DreamMessage.NotFound("")); } result = page.GetCurByTitle(title); } else { result = page.GetCurByID((ulong)id); } // check that page was found if ((result == null) || (result.ID <= 0)) { throw new DreamAbortException(DreamMessage.NotFound("")); } // check if action is allowed string action; switch (access) { case DekiAccessLevel.Read: action = DekiWikiConstants.ACTION_READ; break; case DekiAccessLevel.Write: action = DekiWikiConstants.ACTION_EDIT; break; case DekiAccessLevel.Destroy: action = DekiWikiConstants.ACTION_DELETE; break; default: throw new DreamAbortException(DreamMessage.BadRequest(string.Format("unknown action {0}", access))); } if (!result.userCan(action, user)) { throw new DreamAbortException(DreamMessage.AccessDenied(DekiWikiService.AUTHREALM, "")); } // return page return result; }