public AuthorizationReaction Authorize(IHttpRequestDescriptor request)
{
var uri = request.Uri;
var identity = request.User.Identity;
var rule = Rules.Where(_ => _.IsMatch(uri)).OrderByDescending(_ => _.Idx).FirstOrDefault();
AuthorizationReaction result;
if (!identity.IsAuthenticated)
{
if (null != rule && rule.IsForNotAuth)
{
result = rule.GetNotAuth(request);
}
else
{
result = NotAuth.GetReaction(request);
}
}
else
{
if (null == rule)
{
result = AuthorizationReaction.Allow;
}
else if (!rule.CheckRole)
{
result = AuthorizationReaction.Allow;
}
else if (Roles.IsInRole(request.User.Identity, rule.Role))
{
result = AuthorizationReaction.Allow;
}
else
{
return(AuthorizationReaction.Deny);
}
}
if (result.Process && null != Redirector && string.IsNullOrWhiteSpace(result.Redirect))
{
var redirect = Redirector.GetRedirectUrl(request);
if (!string.IsNullOrWhiteSpace(redirect))
{
result = new AuthorizationReaction {
Redirect = redirect
};
}
}
return(result);
}
