public ServiceAuthorizeType CheckServiceAuthorize(decimal RoleID, IMethodInvocation input)
{
ServiceAuthorizeType SAT = ServiceAuthorizeType.Illegal;
IList <Authorize> AuthorizeList = NHibernateSession.QueryOver <Authorize>()
.Where(authorize => authorize.Role.ID == RoleID && authorize.Allow)
.JoinQueryOver(authorize => authorize.Resource)
.Where(resource => resource.MethodPath == input.Target.ToString() && resource.MethodFullName == input.MethodBase.ToString())
.List <Authorize>();
if (AuthorizeList.Count == 1)
{
SAT = ServiceAuthorizeType.Legal;
}
return(SAT);
}
public IMethodReturn Invoke(IMethodInvocation input, GetNextInterceptionBehaviorDelegate getNext)
{
IMethodReturn msg = null;
if (BUser.CurrentUser != null)
{
bool IsAuthorizableService = false;
foreach (var customAttribute in input.MethodBase.GetCustomAttributes(false))
{
if (customAttribute is ServiceAuthorizeBehavior)
{
IsAuthorizableService = true;
ServiceAuthorizeBehavior SAB = (ServiceAuthorizeBehavior)customAttribute;
switch (SAB.serviceAuthorizeState)
{
case ServiceAuthorizeState.Enforce:
ServiceAuthorizeType SAT = this.resourceRepository.CheckServiceAuthorize(BUser.CurrentUser.Role.ID, input);
switch (SAT)
{
case ServiceAuthorizeType.Illegal:
msg = input.CreateExceptionMethodReturn(new IllegalServiceAccess("دسترسی غیر مجاز به سرویس", input.Target.ToString()));
BaseBusiness <Entity> .LogException(new IllegalServiceAccess("دسترسی غیر مجاز به سرویس", input.Target.ToString()), input.Target.GetType().Name, input.MethodBase.Name);
break;
case ServiceAuthorizeType.Legal:
msg = getNext()(input, getNext);
break;
}
break;
case ServiceAuthorizeState.Avoid:
msg = getNext()(input, getNext);
break;
}
break;
}
}
if (!IsAuthorizableService)
{
msg = getNext()(input, getNext);
}
}
return(msg);
}
public IMethodReturn Invoke(IMethodInvocation input, GetNextInterceptionBehaviorDelegate getNext)
{
IMethodReturn msg = null;
if (personId > 0)
{
bool IsAuthorizableService = false;
foreach (var customAttribute in input.MethodBase.GetCustomAttributes(false))
{
if (customAttribute is ServiceAuthorizeBehavior)
{
IsAuthorizableService = true;
ServiceAuthorizeBehavior SAB = (ServiceAuthorizeBehavior)customAttribute;
switch (SAB.serviceAuthorizeState)
{
case ServiceAuthorizeState.Enforce:
#region GetAllowedResource
BRole busRole = new BRole();
List <Resource> accessAllowedResourceList = new List <Resource>();
accessAllowedResourceList.AddRange(busRole.GetAlowedResourceList(roleId));
#region Apply Other Business Roles
IList <RoleCustomCodeType> otherRoles = this.GetCurrentUserBusinessRole();
Dictionary <string, object> managementState = (Dictionary <string, object>)SessionHelper.GetSessionValue(SessionHelper.GTSCurrentUserManagmentState);
// if (roleCustomeCode.Equals(((int)RoleCustomCodeType.User).ToString()))
// {
if (otherRoles.Count > 0)
{
foreach (RoleCustomCodeType roleCode in otherRoles)
{
decimal tmpRoleId = 0;
switch (roleCode)
{
case RoleCustomCodeType.Manager:
if (managementState.ContainsKey("ManagerRoleId"))
{
tmpRoleId = Utility.ToDecimal(managementState["ManagerRoleId"]);
}
break;
case RoleCustomCodeType.Substitute:
if (managementState.ContainsKey("SubstituteRoleId"))
{
tmpRoleId = Utility.ToDecimal(managementState["SubstituteRoleId"]);
}
break;
case RoleCustomCodeType.Operator:
if (managementState.ContainsKey("OperatorRoleId"))
{
tmpRoleId = Utility.ToDecimal(managementState["OperatorRoleId"]);
}
break;
//Role role = new BRole().GetRoleByCode(roleCode);
}
if (tmpRoleId > 0)
{
accessAllowedResourceList.AddRange(busRole.GetAlowedResourceList(tmpRoleId));
}
}
accessAllowedResourceList = accessAllowedResourceList.Distinct().ToList();
// }
}
#endregion
#endregion
//ServiceAuthorizeType SAT = this.resourceRepository.CheckServiceAuthorize(BUser.CurrentUser.Role.ID, input);
ServiceAuthorizeType SAT = accessAllowedResourceList.Where(resource => resource.MethodPath == input.Target.ToString() &&
resource.MethodFullName == input.MethodBase.ToString()).Count() > 0 ? ServiceAuthorizeType.Legal : ServiceAuthorizeType.Illegal;
switch (SAT)
{
case ServiceAuthorizeType.Illegal:
msg = input.CreateExceptionMethodReturn(new IllegalServiceAccess("دسترسی غیر مجاز به سرویس", input.Target.ToString()));
BaseBusiness <Entity> .LogException(new IllegalServiceAccess("دسترسی غیر مجاز به سرویس", input.Target.ToString()), input.Target.GetType().Name, input.MethodBase.Name);
break;
case ServiceAuthorizeType.Legal:
msg = getNext()(input, getNext);
break;
}
break;
case ServiceAuthorizeState.Avoid:
msg = getNext()(input, getNext);
break;
}
break;
}
}
if (!IsAuthorizableService)
{
msg = getNext()(input, getNext);
}
}
return(msg);
}
