Пример #1
0
        /// <summary>
        /// Checks Policy property.
        /// If it's not empty and validation fails, return false.
        /// Otherwise returns true.
        /// </summary>
        private bool CheckPolicy(TwinoMvc mvc, ActionDescriptor descriptor, FilterContext context)
        {
            if (string.IsNullOrEmpty(Policy))
            {
                return(true);
            }

            Policy policy = mvc.Policies.Get(Policy);

            if (policy != null)
            {
                if (!policy.Validate(descriptor, context))
                {
                    context.Result = StatusCodeResult.Unauthorized();
                    return(false);
                }
            }

            return(true);
        }
Пример #2
0
        /// <summary>
        /// Verifies authority of action execution.
        /// If authorization fails, context.Result will be set to 403 or 401
        /// </summary>
        public void VerifyAuthority(TwinoMvc mvc, ActionDescriptor descriptor, FilterContext context)
        {
            if (context.User == null)
            {
                context.Result = StatusCodeResult.Unauthorized();
                return;
            }

            if (!CheckPolicy(mvc, descriptor, context))
            {
                return;
            }

            if (!CheckRoles(descriptor, context))
            {
                return;
            }

            CheckClaims(descriptor, context);
        }