private Exception Process(FilterContext context, AuthAttribute attr) { var policy = attr.Policy ?? ""; if (!authenticator.HasPermission(policy)) { return(new UnauthorizedAccessException("Access denied!!!")); } return(null); }
public void BeginExecute(FilterContext context) { if (context.Method.GetCustomAttribute <AuthIgnoreAttribute>() != null) { return; } var list = new List <AuthAttribute>(); var attrs = context.Method.ReflectedType.GetCustomAttributes <AuthAttribute>().ToList(); foreach (var attr in attrs) { attr.Exception = Process(context, attr); list.Add(attr); if (attr.MethodNamePolicyEnable) { var methodAttr = new AuthAttribute() { Policy = context.Method.Name }; methodAttr.Exception = Process(context, attr); list.Add(methodAttr); } } attrs = context.Method.GetCustomAttributes <AuthAttribute>().ToList(); foreach (var attr in attrs) { attr.Exception = Process(context, attr); list.Add(attr); if (attr.MethodNamePolicyEnable) { var methodAttr = new AuthAttribute() { Policy = context.Method.Name }; methodAttr.Exception = Process(context, attr); list.Add(methodAttr); } } list = list.OrderByDescending(x => x.Priority).ToList(); if (list.Count > 0) { if (authenticator == null) { throw new Exception("Authenticator has not been set"); } if (string.IsNullOrEmpty(authenticator.GetToken())) { throw new UnauthorizedAccessException("Token doesn't set!!!"); } if (!authenticator.IsTokenValid()) { throw new UnauthorizedAccessException("Token doesn't valid!!!"); } } for (int i = 1; i < list.Count; i++) { var first = list[i - 1]; var second = list[i]; switch (first.Operation) { case OperationType.And: if (first.Exception != null || second.Exception != null) { throw second.Exception; } break; case OperationType.Or: if (first.Exception != null && second.Exception != null) { throw second.Exception; } break; } } }