private void ApplyPolicies(ActionExecutingContext filterContext, ISecurityPolicyContainer <object> container)
        {
            var context = new SecurityPolicyContext
            {
                ControllerContext = filterContext.Controller.ControllerContext
            };

            if (Builder.IsAuthenticationConfigured)
            {
                var authentication = Builder.Authentication <Object>();
                context.IsAuthenticated  = authentication.IsAuthenticated();
                context.CurrentUserRoles = authentication.GetRoles();
            }

            if (container.Policies.Any(policy => !policy.Authorize(context)))
            {
                if (Builder.IsAuthenticationConfigured)
                {
                    var authentication = Builder.Authentication <Object>();
                    if (!authentication.IsAuthenticated())
                    {
                        var mapping = ModelMappingManager.MappingFor(authentication.Type);
                        var method  = mapping.StaticMethods.FirstOrDefault(m => m.Name == authentication.LoginWith().Name);
                        if (method != null)
                        {
                            var route = new
                            {
                                action     = "Execute",
                                controller = "Presentation",
                                methodName = method.MethodName,
                                index      = method.Index,
                                modelType  = mapping.ModelType.PartialName(),
                                redirectTo = filterContext.HttpContext.Request.Url.ToString()
                            };
                            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(route));
                        }
                        else
                        {
                            filterContext.Result = new HttpNotFoundResult();
                        }
                    }
                    else
                    {
                        filterContext.Result = new HttpNotFoundResult();
                    }
                }
                else
                {
                    filterContext.Result = new HttpUnauthorizedResult();
                }
            }
        }
        private void ApplyPolicies(ActionExecutingContext filterContext, ISecurityPolicyContainer<object> container)
        {
            var context = new SecurityPolicyContext
            {
                ControllerContext = filterContext.Controller.ControllerContext
            };

            if (Builder.IsAuthenticationConfigured)
            {
                var authentication = Builder.Authentication<Object>();
                context.IsAuthenticated = authentication.IsAuthenticated();
                context.CurrentUserRoles = authentication.GetRoles();
            }

            if (container.Policies.Any(policy => !policy.Authorize(context)))
            {
                if (Builder.IsAuthenticationConfigured)
                {
                    var authentication = Builder.Authentication<Object>();
                    if (!authentication.IsAuthenticated())
                    {
                        var mapping = ModelMappingManager.MappingFor(authentication.Type);
                        var method = mapping.StaticMethods.FirstOrDefault(m => m.Name == authentication.LoginWith().Name);
                        if (method != null)
                        {
                            var route = new
                                            {
                                                action = "Execute",
                                                controller = "Presentation",
                                                methodName = method.MethodName,
                                                index = method.Index,
                                                modelType = mapping.ModelType.PartialName(),
                                                redirectTo = filterContext.HttpContext.Request.Url.ToString()
                                            };
                            filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(route));
                        }
                        else
                            filterContext.Result = new HttpNotFoundResult();
                    }
                    else
                        filterContext.Result = new HttpNotFoundResult();
                }
                else
                    filterContext.Result = new HttpUnauthorizedResult();
            }
        }
Exemplo n.º 3
0
 public override bool Authorize(SecurityPolicyContext context)
 {
     return(!base.Authorize(context));
 }
 public override bool Authorize(SecurityPolicyContext context)
 {
     return !base.Authorize(context);
 }