public async Task Get_Module_With_A_Lesson_And_An_Exercise(Mock <IAuthorizationService> authorizationService, IStateService stateService, Module module, Module invalidModule, User user) { authorizationService.Setup(x => x.HasWriteAccess(user, It.IsAny <Module>(), It.IsAny <CancellationToken>())).ReturnsAsync(false); module.Concepts.First().Exercises.First().Questions.First().Answers.First().Valid = true; invalidModule.Concepts.First().Exercises.First().Questions.First().Answers.ForEach(x => x.Valid = false); invalidModule.Concepts.First().Lessons.Clear(); var context = TestSetup.SetupContext(); var httpContext = TestSetup.SetupHttpContext().SetupSession(user); await context.Modules.AddAsync(module); await context.Modules.AddAsync(invalidModule); await context.SaveChangesAsync(); var service = new ModuleService(context, httpContext, authorizationService.Object, stateService); var result = await service.Get(module.Id); var invalidResult = await service.Get(invalidModule.Id); result.Should().NotBeNull().And.BeEquivalentTo(module); invalidResult.Should().BeNull(); }
public static bool HasAccess(string controllerName, string actionName, string customName) { var userService = new UserService(); var user = userService.Get(); var userAuthorizationService = new UserRoleService(); var moduleService = new ModuleService(); int moduleId = 0; var actions = actionName.Split(','); foreach (var action in actions) { var module = moduleService.Get($"{controllerName}.{action}.{customName}"); if (module != null) { moduleId = module.Id; break; } } if (moduleId == 0) { return(false); } if (userAuthorizationService.GetUserRole(moduleId, user.Id)) { return(true); } return(false); }
public override void OnAuthorization(HttpActionContext actionContext) { try { if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>(true).Any() || actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>(true).Any()) { return; } var routingValues = actionContext.Request.GetRouteData().Values; var currentController = string.IsNullOrEmpty(RootController) ? ((string)routingValues["controller"] ?? string.Empty) : RootController; var ClaimsIdentity = (ClaimsIdentity)actionContext.RequestContext.Principal.Identity; var contextUser = ClaimsIdentity.Claims.FirstOrDefault().Value; if (!int.TryParse(contextUser, out var userId)) { var userService = new UserService(); var user = userService.GetByUsername(contextUser); userId = user.Id; } var ApiUserRoleService = new ApiUserRoleService(); var moduleService = new ModuleService(); var isAllowed = false; var actions = Action.Split(','); foreach (var action in actions) { var module = moduleService.Get($"{currentController}.{action}"); isAllowed = isAllowed || ApiUserRoleService.GetUserRole(module.Id, userId); } if (isAllowed) { base.OnAuthorization(actionContext); } else { base.HandleUnauthorizedRequest(actionContext); } } catch (Exception e) { base.HandleUnauthorizedRequest(actionContext); } }
public override void OnAuthorization(AuthorizationContext filterContext) { try { if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true)) { return; } var routingValues = filterContext.RouteData.Values; var currentController = string.IsNullOrEmpty(RootController) ? ((string)routingValues["controller"] ?? string.Empty) : RootController; //var currentAction = (string)routingValues["action"] ?? string.Empty; var contextUser = filterContext.RequestContext.HttpContext.User.Identity.Name; if (!int.TryParse(contextUser, out var userId)) { var userService = new UserService(); var user = userService.GetByUsername(contextUser); userId = user.Id; } var userAuthorizationService = new UserRoleService(); var moduleService = new ModuleService(); var isAllowed = false; var url = filterContext.HttpContext.Request.RawUrl; var actions = Action.Split(','); foreach (var action in actions) { var module = moduleService.Get($"{currentController}.{action}"); isAllowed = isAllowed || userAuthorizationService.GetUserRole(module.Id, userId); } if (isAllowed) { base.OnAuthorization(filterContext); } else { filterContext.Result = new RedirectResult("/kullanici/oturum-ac?auth=0&ReturnUrl=" + url); } } catch { filterContext.Result = new HttpUnauthorizedResult(); } }
public async Task Get_Entire_Module_With_Write_Access(Mock <IAuthorizationService> authorizationService, IStateService stateService, Module module, User user) { authorizationService.Setup(x => x.HasWriteAccess(user, module, It.IsAny <CancellationToken>())).ReturnsAsync(true); module.Concepts.First().Exercises.First().Questions.First().Answers.ForEach(x => x.Valid = false); var context = TestSetup.SetupContext(); var httpContext = TestSetup.SetupHttpContext().SetupSession(user); await context.Users.AddAsync(user); await context.Modules.AddAsync(module); await context.SaveChangesAsync(); var service = new ModuleService(context, httpContext, authorizationService.Object, stateService); var result = await service.Get(module.Id); result.Should().BeEquivalentTo(module); }