public void MapMvcAttributeRoutes_DoesNotTryToInferRouteNames() { var controllerDescriptor = new ReflectedAsyncControllerDescriptor(typeof(MyController)); var routeEntries = AttributeRoutingMapper.MapAttributeRoutes(controllerDescriptor); var routeEntry = Assert.Single(routeEntries); Assert.Null(routeEntry.Name); }
/// <summary> /// Resolves the action method parameters. /// </summary> /// <param name="controllerTypeResolver">The controller type resolver.</param> /// <param name="areaName">Name of the area.</param> /// <param name="controllerName">Name of the controller.</param> /// <param name="actionMethodName">Name of the action method.</param> /// <returns> /// A action method parameters represented as a <see cref="string"/> instance /// </returns> public IEnumerable<string> ResolveActionMethodParameters(IControllerTypeResolver controllerTypeResolver, string areaName, string controllerName, string actionMethodName) { // Is the request cached? string cacheKey = areaName + "_" + controllerName + "_" + actionMethodName; if (Cache.ContainsKey(cacheKey)) { return Cache[cacheKey]; } // Get controller type Type controllerType = controllerTypeResolver.ResolveControllerType(areaName, controllerName); // Get action method information var actionParameters = new List<string>(); if (controllerType != null) { ControllerDescriptor controllerDescriptor = null; if (typeof(IController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedControllerDescriptor(controllerType); } else if (typeof(IAsyncController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedAsyncControllerDescriptor(controllerType); } ActionDescriptor[] actionDescriptors = controllerDescriptor.GetCanonicalActions() .Where(a => a.ActionName == actionMethodName).ToArray(); if (actionDescriptors != null && actionDescriptors.Length > 0) { foreach (ActionDescriptor actionDescriptor in actionDescriptors) { actionParameters.AddRange(actionDescriptor.GetParameters().Select(p => p.ParameterName)); } } } // Cache the result if (!Cache.ContainsKey(cacheKey)) { try { Cache.Add(cacheKey, actionParameters); } catch (ArgumentException) { // Nomnomnom... We're intentionally eating it here } } // Return return actionParameters; }
public void MapMvcAttributeRoutes_RespectsActionNameAttribute() { var controllerDescriptor = new ReflectedAsyncControllerDescriptor(typeof(MyController)); var mapper = new AttributeRoutingMapper(new RouteBuilder()); var routeEntries = mapper.MapMvcAttributeRoutes(controllerDescriptor); var routeEntry = Assert.Single(routeEntries); Assert.Equal("ActionName", routeEntry.Route.Defaults["action"]); }
public void MapMvcAttributeRoutes_WithControllerRoute_AndNoReachableActions() { // Arrange var controllerDescriptor = new ReflectedAsyncControllerDescriptor(typeof(NoActionsController)); // Act var entries = AttributeRoutingMapper.MapAttributeRoutes(controllerDescriptor); // Assert Assert.Empty(entries); }
internal List<RouteEntry> MapMvcAttributeRoutes(ReflectedAsyncControllerDescriptor controllerDescriptor) { string prefix = GetPrefixFrom(controllerDescriptor); ValidatePrefixTemplate(prefix, controllerDescriptor); RouteAreaAttribute area = GetAreaFrom(controllerDescriptor); string areaName = GetAreaName(controllerDescriptor, area); string areaPrefix = area != null ? area.AreaPrefix ?? area.AreaName : null; ValidateAreaPrefixTemplate(areaPrefix, areaName, controllerDescriptor); string controllerName = controllerDescriptor.ControllerName; AsyncActionMethodSelector actionSelector = controllerDescriptor.Selector; IEnumerable<MethodInfo> actionMethodsInfo = actionSelector.AliasedMethods .Concat(actionSelector.NonAliasedMethods.SelectMany(x => x)) .Where(m => m.DeclaringType == controllerDescriptor.ControllerType); if (actionSelector.AllowLegacyAsyncActions) { // if the ActionAsync / ActionCompleted pattern is used, we need to remove the "Completed" methods // and not look up routing attributes on them actionMethodsInfo = actionMethodsInfo.Where(m => !m.Name.EndsWith("Completed", StringComparison.OrdinalIgnoreCase)); } List<RouteEntry> routeEntries = new List<RouteEntry>(); foreach (var method in actionMethodsInfo) { string actionName = GetActionName(method, actionSelector.AllowLegacyAsyncActions); IEnumerable<IDirectRouteInfoProvider> routeAttributes = GetRouteAttributes(method); foreach (var routeAttribute in routeAttributes) { ValidateTemplate(routeAttribute.RouteTemplate, actionName, controllerDescriptor); string template = CombinePrefixAndAreaWithTemplate(areaPrefix, prefix, routeAttribute.RouteTemplate); Route route = _routeBuilder.BuildDirectRoute(template, routeAttribute.Verbs, controllerName, actionName, method, areaName); RouteEntry entry = new RouteEntry { Name = routeAttribute.RouteName, Route = route, Template = template, ParsedRoute = RouteParser.Parse(route.Url), Order = routeAttribute.RouteOrder }; routeEntries.Add(entry); } } return routeEntries; }
public ControllerDescriptor Create(Type controllerType) { ControllerDescriptor controllerDescriptor = null; if (typeof(IController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedControllerDescriptor(controllerType); } else if (typeof(IAsyncController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedAsyncControllerDescriptor(controllerType); } return controllerDescriptor; }
public void MapMvcAttributeRoutes_WithControllerRoute() { // Arrange var controllerDescriptor = new ReflectedAsyncControllerDescriptor(typeof(AnotherController)); // Act var entries = AttributeRoutingMapper.MapAttributeRoutes(controllerDescriptor); // Assert var controllerEntry = Assert.Single(entries.Where(r => !r.Route.Defaults.ContainsKey("action"))); Assert.Same(controllerDescriptor, controllerEntry.Route.GetTargetControllerDescriptor()); var actionMethods = controllerEntry.Route.GetTargetActionDescriptors().ToArray(); Assert.Equal(2, actionMethods.Length); Assert.Single(actionMethods, a => a.ActionName == "RegularAction"); Assert.Single(actionMethods, a => a.ActionName == "AnotherAction"); }
private static string GetPrefixFrom(ReflectedAsyncControllerDescriptor controllerDescriptor) { // this only happens once per controller type, for the lifetime of the application, // so we do not need to cache the results object[] routePrefixAttributes = controllerDescriptor.GetCustomAttributes(typeof(RoutePrefixAttribute), inherit: false); if (routePrefixAttributes.Length > 0) { RoutePrefixAttribute routePrefixAttribute = routePrefixAttributes[0] as RoutePrefixAttribute; if (routePrefixAttribute != null) { return routePrefixAttribute.Prefix; } } return null; }
private static RouteAreaAttribute GetAreaFrom(ReflectedAsyncControllerDescriptor controllerDescriptor) { RouteAreaAttribute areaAttribute = controllerDescriptor.GetCustomAttributes(typeof(RouteAreaAttribute), true) .Cast<RouteAreaAttribute>() .FirstOrDefault(); return areaAttribute; }
private static string GetAreaName(ReflectedAsyncControllerDescriptor controllerDescriptor, RouteAreaAttribute area) { if (area == null) { return null; } if (area.AreaName != null) { return area.AreaName; } if (controllerDescriptor.ControllerType.Namespace != null) { return controllerDescriptor.ControllerType.Namespace.Split('.').Last(); } throw Error.InvalidOperation(MvcResources.AttributeRouting_CouldNotInferAreaNameFromMissingNamespace, controllerDescriptor.ControllerName); }
public bool IsAccessibleToUser(IControllerTypeResolver controllerTypeResolver, DefaultSiteMapProvider provider, HttpContext context, SiteMapNode node) { // is security trimming enabled? if (!provider.SecurityTrimmingEnabled) { return true; } // external nodes var nodeUrl = node.Url; if (nodeUrl.StartsWith("http") || nodeUrl.StartsWith("ftp")) { return true; } // Is it a regular node? var mvcNode = node as MvcSiteMapNode; if (mvcNode == null) { return true; } var controllerType = controllerTypeResolver.ResolveControllerType(mvcNode.Area, mvcNode.Controller); if (controllerType == null) { return false; } // Find routes for the sitemap node's url HttpContextBase httpContext = new HttpContextMethodOverrider(context, null); string originalPath = httpContext.Request.Path; var originalRoutes = RouteTable.Routes.GetRouteData(httpContext); httpContext.RewritePath(nodeUrl, true); HttpContextBase httpContext2 = new HttpContext2(context); RouteData routes = mvcNode.GetRouteData(httpContext2); if (routes == null) { return true; // Static URL's will have no route data, therefore return true. } foreach (var routeValue in mvcNode.RouteValues) { routes.Values[routeValue.Key] = routeValue.Value; } if (originalRoutes != null && (!routes.Route.Equals(originalRoutes.Route) || originalPath != nodeUrl || mvcNode.Area == String.Empty)) { routes.DataTokens.Remove("area"); //routes.DataTokens.Remove("Namespaces"); //routes.Values.Remove("area"); } var requestContext = new RequestContext(httpContext, routes); // Create controller context var controllerContext = new ControllerContext(); controllerContext.RequestContext = requestContext; // Whether controller is built by the ControllerFactory (or otherwise by Activator) bool factoryBuiltController = false; try { string controllerName = requestContext.RouteData.GetRequiredString("controller"); controllerContext.Controller = ControllerBuilder.Current.GetControllerFactory().CreateController(requestContext, controllerName) as ControllerBase; factoryBuiltController = true; } catch { try { controllerContext.Controller = Activator.CreateInstance(controllerType) as ControllerBase; } catch { } } ControllerDescriptor controllerDescriptor = null; if (typeof(IController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedControllerDescriptor(controllerType); } else if (typeof(IAsyncController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedAsyncControllerDescriptor(controllerType); } ActionDescriptor actionDescriptor = null; try { actionDescriptor = controllerDescriptor.FindAction(controllerContext, mvcNode.Action); } catch { } if (actionDescriptor == null) { actionDescriptor = controllerDescriptor.GetCanonicalActions().FirstOrDefault(a => a.ActionName == mvcNode.Action); } // Verify security try { if (actionDescriptor != null) { // fixes #130 - Check whether we have an AllowAnonymous Attribute var ignoreAuthorization = actionDescriptor.HasAttribute<AllowAnonymousAttribute>(); if (ignoreAuthorization) return true; if (actionDescriptor.HasAttribute<OnlyAnonymousAttribute>()) return !requestContext.HttpContext.Request.IsAuthenticated; IFilterProvider filterProvider = ResolveFilterProvider(); IEnumerable<Filter> filters; // If depencency resolver has an IFilterProvider registered, use it if (filterProvider != null) { filters = filterProvider.GetFilters(controllerContext, actionDescriptor); } // Otherwise use FilterProviders.Providers else { filters = FilterProviders.Providers.GetFilters(controllerContext, actionDescriptor); } IEnumerable<AuthorizeAttribute> authorizeAttributesToCheck = filters .Where(f => f.Instance is AuthorizeAttribute) .Select(f => f.Instance as AuthorizeAttribute); // Verify all attributes foreach (var authorizeAttribute in authorizeAttributesToCheck) { try { var currentAuthorizationAttributeType = authorizeAttribute.GetType(); var builder = new AuthorizeAttributeBuilder(); var subclassedAttribute = currentAuthorizationAttributeType == typeof(AuthorizeAttribute) ? new InternalAuthorize(authorizeAttribute) : // No need to use Reflection.Emit when ASP.NET MVC built-in attribute is used (IAuthorizeAttribute)builder.Build(currentAuthorizationAttributeType).Invoke(null); // Copy all properties ObjectCopier.Copy(authorizeAttribute, subclassedAttribute); if (!subclassedAttribute.IsAuthorized(controllerContext.HttpContext)) { return false; } } catch { // do not allow on exception return false; } } } // No objection. return true; } finally { // Restore HttpContext httpContext.RewritePath(originalPath, true); // Release controller if (factoryBuiltController) ControllerBuilder.Current.GetControllerFactory().ReleaseController(controllerContext.Controller); } }
public void MapMvcAttributeRoutes_ValidatesConstraints() { // Arrange var controllerDescriptor = new ReflectedAsyncControllerDescriptor(typeof(InvalidConstraintController)); string expectedMessage = "The constraint entry 'custom' on the route with route template 'invalidconstraint/{action}' " + "must have a string value or be of a type which implements 'System.Web.Routing.IRouteConstraint'."; // Act & Assert Assert.Throws<InvalidOperationException>(() => AttributeRoutingMapper.MapAttributeRoutes(controllerDescriptor), expectedMessage); }
internal static IReadOnlyCollection<RouteEntry> MapAttributeRoutes( ReflectedAsyncControllerDescriptor controller) { SubRouteCollection collector = new SubRouteCollection(); AddRouteEntries(collector, controller, new DefaultInlineConstraintResolver()); return collector.Entries; }
private static List<ActionDescriptor> GetActionDescriptors(ReflectedAsyncControllerDescriptor controller) { Contract.Assert(controller != null); AsyncActionMethodSelector actionSelector = controller.Selector; var actions = new List<ActionDescriptor>(); foreach (MethodInfo method in actionSelector.ActionMethods) { string actionName = actionSelector.GetActionName(method); ActionDescriptorCreator creator = actionSelector.GetActionDescriptorDelegate(method); Debug.Assert(creator != null); ActionDescriptor action = creator(actionName, controller); actions.Add(action); } return actions; }
public void MapMvcAttributeRoutes_SetsTargetIsAction() { // Arrange var controllerDescriptor = new ReflectedAsyncControllerDescriptor(typeof(MixedRoutingController)); // Act var entries = AttributeRoutingMapper.MapAttributeRoutes(controllerDescriptor); // Assert var controllerEntry = Assert.Single(entries.Where(r => !r.Route.Defaults.ContainsKey("action"))); Assert.False(controllerEntry.Route.GetTargetIsAction()); var actionEntry = Assert.Single(entries.Where(r => r.Route.Defaults.ContainsKey("action"))); Assert.True(actionEntry.Route.GetTargetIsAction()); }
internal static void AddRouteEntries(SubRouteCollection collector, ReflectedAsyncControllerDescriptor controller, IInlineConstraintResolver constraintResolver) { string prefix = GetRoutePrefix(controller); RouteAreaAttribute area = controller.GetAreaFrom(); string areaName = controller.GetAreaName(area); string areaPrefix = area != null ? area.AreaPrefix ?? area.AreaName : null; ValidateAreaPrefixTemplate(areaPrefix, areaName, controller); AsyncActionMethodSelector actionSelector = controller.Selector; foreach (var method in actionSelector.DirectRouteMethods) { ActionDescriptor action = CreateActionDescriptor(controller, actionSelector, method); IEnumerable<IDirectRouteFactory> factories = GetRouteFactories(method, controller.ControllerType); AddRouteEntries(collector, areaPrefix, prefix, factories, new ActionDescriptor[] { action }, constraintResolver, targetIsAction: true); } // Check for controller-level routes. List<ActionDescriptor> actionsWithoutRoutes = new List<ActionDescriptor>(); foreach (var method in actionSelector.StandardRouteMethods) { ActionDescriptor action = CreateActionDescriptor(controller, actionSelector, method); actionsWithoutRoutes.Add(action); } IReadOnlyCollection<IDirectRouteFactory> controllerFactories = GetRouteFactories(controller); // If they exist and have not been overridden, create routes for controller-level route providers. if (controllerFactories.Count > 0 && actionsWithoutRoutes.Count > 0) { AddRouteEntries(collector, areaPrefix, prefix, controllerFactories, actionsWithoutRoutes, constraintResolver, targetIsAction: false); } }
/// <summary> /// Determines whether node is accessible to user. /// </summary> /// <param name="controllerTypeResolver">The controller type resolver.</param> /// <param name="provider">The provider.</param> /// <param name="context">The context.</param> /// <param name="node">The node.</param> /// <returns> /// <c>true</c> if accessible to user; otherwise, <c>false</c>. /// </returns> public bool IsAccessibleToUser(IControllerTypeResolver controllerTypeResolver, DefaultSiteMapProvider provider, HttpContext context, SiteMapNode node) { // Is security trimming enabled? if (!provider.SecurityTrimmingEnabled) { return true; } // Is it an external node? var nodeUrl = node.Url; if (nodeUrl.StartsWith("http") || nodeUrl.StartsWith("ftp")) { return true; } // Is it a regular node? var mvcNode = node as MvcSiteMapNode; if (mvcNode == null) { throw new AclModuleNotSupportedException( Resources.Messages.AclModuleDoesNotSupportRegularSiteMapNodes); } // Clickable? Always accessible. if (mvcNode.Clickable == false) { return true; } // Time to delve into the AuthorizeAttribute defined on the node. // Let's start by getting all metadata for the controller... var controllerType = controllerTypeResolver.ResolveControllerType(mvcNode.Area, mvcNode.Controller); if (controllerType == null) { return false; } // Find routes for the sitemap node's url HttpContextBase httpContext = new HttpContextWrapper(context); string originalPath = httpContext.Request.Path; var originalRoutes = RouteTable.Routes.GetRouteData(httpContext); httpContext.RewritePath(nodeUrl, true); HttpContextBase httpContext2 = new HttpContext2(context); RouteData routes = mvcNode.GetRouteData(httpContext2); if (routes == null) { return true; // Static URL's will have no route data, therefore return true. } foreach (var routeValue in mvcNode.RouteValues) { routes.Values[routeValue.Key] = routeValue.Value; } if (!routes.Route.Equals(originalRoutes.Route) || originalPath != nodeUrl || mvcNode.Area == String.Empty) { routes.DataTokens.Remove("area"); //routes.DataTokens.Remove("Namespaces"); //routes.Values.Remove("area"); } var requestContext = new RequestContext(httpContext, routes); // Create controller context var controllerContext = new ControllerContext(); controllerContext.RequestContext = requestContext; try { string controllerName = requestContext.RouteData.GetRequiredString("controller"); controllerContext.Controller = ControllerBuilder.Current.GetControllerFactory().CreateController(requestContext, controllerName) as ControllerBase; } catch { try { controllerContext.Controller = Activator.CreateInstance(controllerType) as ControllerBase; } catch { } } ControllerDescriptor controllerDescriptor = null; if (typeof(IController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedControllerDescriptor(controllerType); } else if (typeof(IAsyncController).IsAssignableFrom(controllerType)) { controllerDescriptor = new ReflectedAsyncControllerDescriptor(controllerType); } ActionDescriptor actionDescriptor = null; try { actionDescriptor = controllerDescriptor.FindAction(controllerContext, mvcNode.Action); } catch { } if (actionDescriptor == null) { actionDescriptor = controllerDescriptor.GetCanonicalActions().Where(a => a.ActionName == mvcNode.Action).FirstOrDefault(); } // Verify security try { if (actionDescriptor != null) { #if NET35 IEnumerable<AuthorizeAttribute> authorizeAttributesToCheck = actionDescriptor.GetCustomAttributes(typeof(AuthorizeAttribute), true).OfType <AuthorizeAttribute>().ToList() .Union( controllerDescriptor.GetCustomAttributes(typeof(AuthorizeAttribute), true).OfType <AuthorizeAttribute>().ToList()); #else IEnumerable<AuthorizeAttribute> authorizeAttributesToCheck = FilterProviders.Providers.GetFilters(controllerContext, actionDescriptor) .Where(f => typeof(AuthorizeAttribute).IsAssignableFrom(f.Instance.GetType())) .Select(f => f.Instance as AuthorizeAttribute); #endif // Verify all attributes foreach (var authorizeAttribute in authorizeAttributesToCheck) { try { var currentAuthorizationAttributeType = authorizeAttribute.GetType(); var builder = new AuthorizeAttributeBuilder(); var subclassedAttribute = currentAuthorizationAttributeType == typeof(AuthorizeAttribute) ? new InternalAuthorize(authorizeAttribute) : // No need to use Reflection.Emit when ASP.NET MVC built-in attribute is used (IAuthorizeAttribute)builder.Build(currentAuthorizationAttributeType).Invoke(null); // Copy all properties ObjectCopier.Copy(authorizeAttribute, subclassedAttribute); if (!subclassedAttribute.IsAuthorized(controllerContext.HttpContext)) { return false; } } catch { // do not allow on exception return false; } } } // No objection. return true; } finally { // Restore HttpContext httpContext.RewritePath(originalPath, true); } }
private static RoutePrefixAttribute GetPrefixFrom(ReflectedAsyncControllerDescriptor controllerDescriptor) { // this only happens once per controller type, for the lifetime of the application, // so we do not need to cache the results return controllerDescriptor.GetCustomAttributes(typeof(RoutePrefixAttribute), inherit: false) .Cast<RoutePrefixAttribute>().SingleOrDefault(); }