/// <summary>
/// Handles the request authorization, using the <see cref="IAuthorizationRulesService"/> and
/// the <see cref="IAuthorizationService"/> services.
/// </summary>
/// <param name="rootContainer">The application root <see cref="CompositionContainer"/>.</param>
/// <param name="context">The <see cref="IHttpContext"/> for the processing request.</param>
/// <exception cref="HttpException">The user is not authorized to access the requested resource.</exception>
protected virtual void HandleAuthorization(CompositionContainer rootContainer, IHttpContext context)
{
if (context.SkipAuthorization)
{
return;
}
IAuthorizationRulesService authorizationRulesService = rootContainer.Services.Get <IAuthorizationRulesService>();
IVirtualPathUtilityService virtualPathUtility = rootContainer.Services.Get <IVirtualPathUtilityService>();
if (authorizationRulesService == null)
{
return;
}
string[] rules =
authorizationRulesService.GetAuthorizationRules(virtualPathUtility.ToAppRelative(context.Request.Path));
if (rules == null || rules.Length == 0)
{
return;
}
IAuthorizationService authorizationService = rootContainer.Services.Get <IAuthorizationService>(true);
foreach (string rule in rules)
{
if (!authorizationService.IsAuthorized(rule))
{
throw new HttpException(403, Resources.UserDoesntHaveAccessToTheRequestedResource);
}
}
}
public override void Configure(IServiceCollection services, System.Configuration.Configuration moduleConfiguration)
{
IAuthorizationRulesService authorizationRuleService = services.Get <IAuthorizationRulesService>();
if (authorizationRuleService != null)
{
AuthorizationConfigurationSection authorizationSection = moduleConfiguration.GetSection(AuthorizationSection) as AuthorizationConfigurationSection;
if (authorizationSection != null)
{
foreach (AuthorizationRuleElement ruleElement in authorizationSection.ModuleRules)
{
authorizationRuleService.RegisterAuthorizationRule(ruleElement.AbsolutePath, ruleElement.RuleName);
}
}
}
}
