Inheritance: ActionFilterAttribute
Exemplo n.º 1
0
        public ItemDefinition Clone()
        {
            var id = new ItemDefinition(ItemType);

            id.AllowedChildFilters  = AllowedChildFilters.ToList();
            id.AllowedIn            = AllowedIn;
            id.AllowedParentFilters = AllowedParentFilters.ToList();
            id.AllowedZoneNames     = AllowedZoneNames.ToList();
            id.AuthorizedRoles      = AuthorizedRoles != null?AuthorizedRoles.ToList() : AuthorizedRoles;

            id.AvailableZones    = AvailableZones.ToList();
            id.Containers        = Containers.ToList();
            id.Description       = Description;
            id.Discriminator     = Discriminator;
            id.Displayables      = Displayables.ToList();
            id.Editables         = Editables.ToList();
            id.Enabled           = Enabled;
            id.IconUrl           = IconUrl;
            id.Installer         = Installer;
            id.IsDefined         = IsDefined;
            id.EditableModifiers = EditableModifiers.ToList();
            id.ContentModifiers  = ContentModifiers.ToList();
            id.NumberOfItems     = 0;
            id.RelatedTo         = RelatedTo;
            id.SortOrder         = SortOrder;
            id.Template          = Template;
            id.Title             = Title;
            id.ToolTip           = ToolTip;
            //id.ReloadRoot();
            return(id);
        }
Exemplo n.º 2
0
        public ItemDefinition Clone()
        {
            var id = new ItemDefinition(ItemType);

            id.AllowedChildFilters  = AllowedChildFilters.ToList();
            id.AllowedIn            = AllowedIn;
            id.AllowedParentFilters = AllowedParentFilters.ToList();
            id.Attributes           = Attributes.ToList();
            id.AllowedZoneNames     = AllowedZoneNames.ToList();
            id.AuthorizedRoles      = AuthorizedRoles != null?AuthorizedRoles.ToArray() : AuthorizedRoles;

            id.AvailableZones      = AvailableZones.ToList();
            id.Containers          = new ContentList <IEditableContainer>(Containers.Select(ec => ec.TryClone()));
            id.ContentTransformers = ContentTransformers.ToList();
            id.Description         = Description;
            id.Discriminator       = Discriminator;
            id.Displayables        = new ContentList <IDisplayable>(Displayables.Select(d => d.TryClone()));
            id.Editables           = new ContentList <IEditable>(Editables.Select(e => e.TryClone()));
            id.Enabled             = Enabled;
            id.EditableModifiers   = EditableModifiers.ToList();
            id.IconUrl             = IconUrl;
            id.Installer           = Installer;
            id.IsDefined           = IsDefined;
            id.NumberOfItems       = 0;
            id.Metadata            = Metadata.ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
            id.AdditionalFlags     = AdditionalFlags.ToList();
            id.RemovedFlags        = RemovedFlags.ToList();
            id.Properties          = Properties.ToDictionary(p => p.Key, p => p.Value.Clone());
            id.RelatedTo           = RelatedTo;
            id.SortOrder           = SortOrder;
            id.TemplateKey         = TemplateKey;
            id.Title   = Title;
            id.ToolTip = ToolTip;
            return(id);
        }
Exemplo n.º 3
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext == null)
            {
                throw new ArgumentNullException("httpContext");
            }

            bool r = false;

            if (httpContext.User.Identity.IsAuthenticated)
            {
                //if (!AuthorizedRoles.Contains(ProjectRoles.Admin))
                //{
                //    AuthorizedRoles = AuthorizedRoles.Add(ProjectRoles.Admin);
                //}

                if (
                    //httpContext.User.IsInRole(ProjectRoles.Admin) ||
                    AuthorizedUsers.Contains(httpContext.User.Identity.Name) ||
                    AuthorizedRoles.Any(httpContext.User.IsInRole))
                {
                    r = true;
                }
            }

            return(r);
        }
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            var isAuthencicated = false;

            if (filterContext.HttpContext.Request.IsAuthenticated)
            {
                var authorizedRoles = AuthorizedRoles.Split(',');

                if (authorizedRoles.Length > 0)
                {
                    if (CurrentUser.Roles != null)
                    {
                        foreach (var role in CurrentUser.Roles)
                        {
                            if (authorizedRoles.Contains(role))
                            {
                                isAuthencicated = true;
                            }
                        }
                    }
                }
                else
                {
                    isAuthencicated = true;
                }
            }

            if (!isAuthencicated)
            {
                filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new
                {
                    controller = "Error",
                    action     = "Index"
                }));
            }

            base.OnAuthorization(filterContext);
        }
    /// <summary>
    /// Checks whether user is authorized per project access.
    /// </summary>
    public bool IsAuthorizedPerProjectAccess()
    {
        // Keep current user
        var cui = MembershipContext.AuthenticatedUser;

        // Switch by create project option
        switch (ProjectAccess.ToLowerCSafe())
        {
        // All users
        case "all":
            return(true);

        // Authenticated users
        case "authenticated":
            if (!cui.IsPublic())
            {
                return(true);
            }
            break;

        // Group members
        case "groupmember":
            if (CommunityGroupID > 0)
            {
                return(cui.IsGroupMember(CommunityGroupID));
            }
            break;

        // Authorized roles
        case "authorized":
            // Check whether roles are defined
            if (!String.IsNullOrEmpty(AuthorizedRoles))
            {
                // Check whether user is valid group member if current project is assigned to some group
                if (CommunityGroupID > 0)
                {
                    if (!cui.IsGroupMember(CommunityGroupID))
                    {
                        return(false);
                    }
                }

                // Keep site name
                string siteName = SiteContext.CurrentSiteName;
                // Split roles by semicolon
                string[] roles = AuthorizedRoles.Split(';');

                // Loop thru all roles and check if user is assigned at leat to one role
                foreach (string role in roles)
                {
                    // If user is in role, break current cycle and return true
                    if (cui.IsInRole(role, siteName))
                    {
                        return(true);
                    }
                }
            }
            break;

        // Nobody
        case "nobody":
        default:
            return(false);
        }

        return(false);
    }
        /// <summary>
        /// Called by the MVC framework before the action method executes.
        /// </summary>
        /// <param name="filterContext">The filter context.</param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                if (OnlyAllowUnauthenticatedUsers)
                {
                    return;
                }
                //use the current url for the redirect
                string redirectOnSuccess = filterContext.HttpContext.Request.Url.AbsolutePath;

                //send them off to the login page
                string redirectUrl = string.Format("?ReturnUrl={0}", redirectOnSuccess);
                string loginUrl    = FormsAuthentication.LoginUrl + redirectUrl;
                filterContext.HttpContext.Response.Clear();
                filterContext.HttpContext.Response.Redirect(loginUrl, true);
                return;
            }
            else //User is authenticated
            {
                var httpContext    = new HttpContextWrapper(HttpContext.Current);
                var requestContext = new RequestContext(httpContext, new RouteData());
                var u = new UrlHelper(requestContext);

                if (OnlyAllowUnauthenticatedUsers)
                {
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true);
                    return;
                }


                //Unauthorized roles
                bool isUnAuthorized = false;
                if (!string.IsNullOrEmpty(UnauthorizedRoles))
                {
                    if (!(UnauthorizedRoles.Trim() == ""))
                    {
                        var roleSplit = UnauthorizedRoles.Split(',');
                        foreach (var role in roleSplit)
                        {
                            if (filterContext.HttpContext.User.IsInRole(role.Trim()))
                            {
                                isUnAuthorized = true;
                                break;
                            }
                        }
                    }
                }
                if (isUnAuthorized)
                {
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true);
                    return;
                }

                //Authorized roles
                bool isAuthorized = false;
                if (!string.IsNullOrEmpty(AuthorizedRoles))
                {
                    if (!(AuthorizedRoles.Trim() == ""))
                    {
                        var roleSplit = AuthorizedRoles.Split(',');
                        foreach (var role in roleSplit)
                        {
                            if (filterContext.HttpContext.User.IsInRole(role.Trim()))
                            {
                                isAuthorized = true;
                                break;
                            }
                        }
                    }
                }
                else
                {
                    isAuthorized = true;
                }
                if (!isAuthorized)
                {
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true);
                    return;
                }
            }
        }
Exemplo n.º 7
0
        /// <summary>
        /// Called by the MVC framework before the action method executes.
        /// </summary>
        /// <param name="filterContext">The filter context.</param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                if (OnlyAllowUnauthenticatedUsers)
                {
                    return;
                }
                //use the current url for the redirect
                string redirectOnSuccess = filterContext.HttpContext.Request.Url.AbsolutePath;

                //send them off to the login page
                string redirectUrl = string.Format("?ReturnUrl={0}", redirectOnSuccess);
                string loginUrl    = FormsAuthentication.LoginUrl + redirectUrl;
                filterContext.HttpContext.Response.Clear();
                filterContext.HttpContext.Response.Redirect(loginUrl, true);
                return;
            }
            else //User is authenticated
            {
                var httpContext    = new HttpContextWrapper(HttpContext.Current);
                var requestContext = new RequestContext(httpContext, new RouteData());
                var u = new UrlHelper(requestContext);

                if (OnlyAllowUnauthenticatedUsers)
                {
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true);
                    return;
                }
                if (!AuthorizeSuspended && !filterContext.HttpContext.User.IsInRole(RoleNames.ActiveUser))
                {
                    //Is suspended
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("ShowSuspensionStatus", "Account"), true);
                    return;
                }
                if (!AuthorizeEmailNotConfirmed && filterContext.HttpContext.User.IsInRole(RoleNames.EmailNotConfirmed) && ConfigurationManager.AppSettings["RequireEmailConfirmation"] == "true")
                {
                    //Email hasn't been confirmed
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("ShowEmailAddressVerificationStatus", "Account"), true);
                    return;
                }
                //Unauthorized roles
                bool isUnAuthorized = false;
                if (!string.IsNullOrEmpty(UnauthorizedRoles))
                {
                    if (!(UnauthorizedRoles.Trim() == ""))
                    {
                        var roleSplit = UnauthorizedRoles.Split(',');
                        foreach (var role in roleSplit)
                        {
                            if (filterContext.HttpContext.User.IsInRole(role.Trim()))
                            {
                                isUnAuthorized = true;
                                break;
                            }
                        }
                    }
                }
                if (isUnAuthorized)
                {
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true);
                    return;
                }

                //Authorized roles
                bool isAuthorized = false;
                if (!string.IsNullOrEmpty(AuthorizedRoles))
                {
                    if (!(AuthorizedRoles.Trim() == ""))
                    {
                        var roleSplit = AuthorizedRoles.Split(',');
                        foreach (var role in roleSplit)
                        {
                            if (filterContext.HttpContext.User.IsInRole(role.Trim()))
                            {
                                isAuthorized = true;
                                break;
                            }
                        }
                    }
                }
                else
                {
                    isAuthorized = true;
                }
                if (!isAuthorized)
                {
                    filterContext.HttpContext.Response.Clear();
                    filterContext.HttpContext.Response.Redirect(u.Action("Forbidden", "Error"), true);
                    return;
                }
            }
        }