/// <summary> Query if 'request' is authorized. </summary> /// <remarks> Liuxinyi, 2014-1-2. </remarks> /// <param name="request"> The request. </param> /// <param name="retcode"> The return httpstatuscode</param> /// <returns> true if authorized, false if not. </returns> public bool IsAuthorized(HttpRequestMessage request, out HttpStatusCode retcode) { string token = request.GetQueryString("token"); retcode = HttpStatusCode.OK; if (token != null) { AuthorizationInfo info = this.storer.Get(token); if (info != null) { // 验证资源 if (info.HashCode == this.GetHashValue(token, request.GetClientIp()) && new Verifier().VerifyPermission(info, request)) { return(true); } else { retcode = HttpStatusCode.MethodNotAllowed; // 405 } } else { retcode = HttpStatusCode.Forbidden; // 403 } } return(false); }
/// <summary> Verify permission. </summary> /// <remarks> Liuxinyi, 2014-1-7. </remarks> /// <param name="info"> The information. </param> /// <param name="request"> The request. </param> /// <returns> true if it succeeds, false if it fails. </returns> public bool VerifyPermission(AuthorizationInfo info, HttpRequestMessage request) { if (info.RoleId == 1) { return(true); // supper admin } return(VertifyAction(info, request) && VertifyOwner(info, request)); }
/// <summary> Updates this object. </summary> /// <remarks> Updated By Liuxinyi, 2014-3-25. </remarks> /// <param name="token"> The token. </param> /// <param name="duration"> The expire duration. </param> public void Update(string token, double duration) { AuthorizationInfo info = cache.Get(token) as AuthorizationInfo; if (info != null) { cache.Set(token, info, DateTimeOffset.Now.AddMinutes(duration)); } }
/// <summary> Gets. </summary> /// <remarks> Liuxinyi, 2014-1-3. </remarks> /// <param name="token"> The token. </param> /// <returns> An AuthorityInfo. </returns> public AuthorizationInfo Get(string token) { AuthorizationInfo info = cache.Get(token) as AuthorizationInfo; if (info != null && info.IsSlideExpire) { cache.Set(token, info, DateTimeOffset.Now.AddMinutes(this._duration)); } return(info); }
/// <summary> Vertify action. </summary> /// <remarks> Liuxinyi, 2014-1-7. </remarks> /// <param name="info"> The information. </param> /// <param name="request"> The request. </param> /// <returns> true if it succeeds, false if it fails. </returns> private bool VertifyAction(AuthorizationInfo info, HttpRequestMessage request) { HttpActionDescriptor actionDescriptor = request.GetActionDescriptor(); var authorizationAttributes = actionDescriptor.GetCustomAttributes <AuthorizationAttribute>(); if (authorizationAttributes.Any()) { return(authorizationAttributes.Any(authorAttr => info.AuthorisedResources.Contains(authorAttr.StrAuthorizationCode))); } return(true); }
/// <summary> Vertify owner. </summary> /// <remarks> Liuxinyi, 2014-1-7. </remarks> /// <param name="info"> The information. </param> /// <param name="request"> The request. </param> /// <returns> true if it succeeds, false if it fails. </returns> private bool VertifyOwner(AuthorizationInfo info, HttpRequestMessage request) { /*if (info.RoleId != 5) // @TODO 超级管理员权限 * { * return true; * }*/ var routeData = request.GetRouteData(); // 数据服务API角色 if (info.RoleId == 6) { if (routeData.Values.ContainsKey("structId")) { if (!DataService.GetServiceUserStruct(info.UserName).Contains(routeData.Values["structId"])) { return(false); } } if (routeData.Values.ContainsKey("sensorId")) { var sensorId = routeData.Values["sensorId"]; int senId = Convert.ToInt32(sensorId); using (SecureCloud_Entities entity = new SecureCloud_Entities()) { var query = from sensor in entity.T_DIM_SENSOR where sensor.SENSOR_ID == senId select sensor.STRUCT_ID; if (query.FirstOrDefault() == null || !DataService.GetServiceUserStruct(info.UserName).Contains(query.First().ToString())) { return(false); } } return(true); } return(true); } int userId = info.UserId; foreach (var pair in verifyDict) { if (routeData.Values.ContainsKey(pair.Key)) { return(pair.Value(userId, routeData.Values[pair.Key].ToString())); } } return(true); }
/// <summary> Saves a verify ticket. </summary> /// <remarks> Liuxinyi, 2014-1-7. </remarks> /// <param name="token"> The token. </param> /// <param name="userId"> The username. </param> /// <param name="roleId"> Identifier for the role. </param> /// <param name="request"> The request. </param> public void SaveVerifyTicket(string token, AuthorizationInfo userInfo) { this.storer.Add(token, userInfo); }
/// <summary> Updates this object. </summary> /// <remarks> Liuxinyi, 2014-1-3. </remarks> /// <param name="token"> The token. </param> /// <param name="info"> The information. </param> public void Update(string token, AuthorizationInfo info) { cache.Set(token, info, DateTimeOffset.Now.AddMinutes(this._duration)); }
/// <summary> Adds token. </summary> /// <remarks> Updated By Liuxinyi, 2014-3-25. </remarks> /// <param name="token"> The token. </param> /// <param name="info"> The information. </param> /// <param name="duration"> The expire duration. </param> public void Add(string token, AuthorizationInfo info, double duration) { cache.Set(token, info, DateTimeOffset.Now.AddMinutes(duration)); }