/// <summary> /// Handles the request authorization, using the <see cref="IAuthorizationRulesService"/> and /// the <see cref="IAuthorizationService"/> services. /// </summary> /// <param name="rootContainer">The application root <see cref="CompositionContainer"/>.</param> /// <param name="context">The <see cref="IHttpContext"/> for the processing request.</param> /// <exception cref="HttpException">The user is not authorized to access the requested resource.</exception> protected virtual void HandleAuthorization(CompositionContainer rootContainer, IHttpContext context) { if (context.SkipAuthorization) { return; } IAuthorizationRulesService authorizationRulesService = rootContainer.Services.Get <IAuthorizationRulesService>(); IVirtualPathUtilityService virtualPathUtility = rootContainer.Services.Get <IVirtualPathUtilityService>(); if (authorizationRulesService == null) { return; } string[] rules = authorizationRulesService.GetAuthorizationRules(virtualPathUtility.ToAppRelative(context.Request.Path)); if (rules == null || rules.Length == 0) { return; } IAuthorizationService authorizationService = rootContainer.Services.Get <IAuthorizationService>(true); foreach (string rule in rules) { if (!authorizationService.IsAuthorized(rule)) { throw new HttpException(403, Resources.UserDoesntHaveAccessToTheRequestedResource); } } }
public override void Configure(IServiceCollection services, System.Configuration.Configuration moduleConfiguration) { IAuthorizationRulesService authorizationRuleService = services.Get <IAuthorizationRulesService>(); if (authorizationRuleService != null) { AuthorizationConfigurationSection authorizationSection = moduleConfiguration.GetSection(AuthorizationSection) as AuthorizationConfigurationSection; if (authorizationSection != null) { foreach (AuthorizationRuleElement ruleElement in authorizationSection.ModuleRules) { authorizationRuleService.RegisterAuthorizationRule(ruleElement.AbsolutePath, ruleElement.RuleName); } } } }