示例#1
0
        /// <summary>
        /// Create/Update actually shares the same method
        /// </summary>
        /// <param name="auth">The authorization service contract object</param>
        /// <returns></returns>
        private ModifyResult CreateOrUpdate(OAuthAuthorization auth)
        {
            var modifyResult = new ModifyResult();

            if (auth.ClientId == 0)
            {
                modifyResult.Successful   = "False";
                modifyResult.ErrorMessage = "ClientId must be set";
                return(modifyResult);
            }

            if (auth.LoginId == null && auth.LoginId == "")
            {
                modifyResult.Successful   = "False";
                modifyResult.ErrorMessage = "LoginId must be set";
                return(modifyResult);
            }

            Arena.Custom.SECC.OAuth.Authorization dbAuth;

            if (auth.AuthorizationId > 0)
            {
                dbAuth = new Arena.Custom.SECC.OAuth.Authorization(auth.AuthorizationId);
            }
            else
            {
                dbAuth = new Arena.Custom.SECC.OAuth.Authorization();
            }

            try
            {
                dbAuth.Active   = auth.Active;
                dbAuth.ClientId = auth.ClientId;
                dbAuth.LoginId  = auth.LoginId;
                if (auth.ScopeId > 0)
                {
                    dbAuth.ScopeId = auth.ScopeId;
                }
                else if (auth.ScopeIdentifier != null)
                {
                    var scope = new Arena.Custom.SECC.OAuth.Scope(auth.ScopeIdentifier);
                    if (scope != null)
                    {
                        dbAuth.ScopeId = scope.ScopeId;
                    }
                    else
                    {
                        modifyResult.Successful   = "False";
                        modifyResult.ErrorMessage = "ScopeId or ScopeIdentifier is required";
                        return(modifyResult);
                    }
                }
                else
                {
                    modifyResult.Successful   = "False";
                    modifyResult.ErrorMessage = "ScopeId or ScopeIdentifier is required";
                    return(modifyResult);
                }

                if (!dbAuth.Allowed(Security.OperationType.Edit,
                                    Arena.Core.ArenaContext.Current.User))
                {
                    modifyResult.Successful = "False";

                    StackFrame frame = new StackFrame(1);
                    modifyResult.ErrorMessage = "Permission denied to " + frame.GetMethod().Name.ToLower() + " authorization.";
                    return(modifyResult);
                }

                dbAuth.Save();

                modifyResult.Successful = "True";
            }
            catch (Exception e)
            {
                modifyResult.Successful   = "False";
                modifyResult.ErrorMessage = e.Message;
            }

            return(modifyResult);
        }
        /// <summary>
        /// Create/Update actually shares the same method
        /// </summary>        
        /// <param name="auth">The authorization service contract object</param>
        /// <returns></returns>
        private ModifyResult CreateOrUpdate(OAuthAuthorization auth)
        {
            var modifyResult = new ModifyResult();
            if (auth.ClientId == 0)
            {
                modifyResult.Successful = "False";
                modifyResult.ErrorMessage = "ClientId must be set";
                return modifyResult;
            }

            if (auth.LoginId == null && auth.LoginId == "")
            {
                modifyResult.Successful = "False";
                modifyResult.ErrorMessage = "LoginId must be set";
                return modifyResult;
            }

            Arena.Custom.SECC.OAuth.Authorization dbAuth;

            if (auth.AuthorizationId > 0)
            {
                dbAuth = new Arena.Custom.SECC.OAuth.Authorization(auth.AuthorizationId);
            }
            else
            {
                dbAuth = new Arena.Custom.SECC.OAuth.Authorization();
            }

            try
            {
                dbAuth.Active = auth.Active;
                dbAuth.ClientId = auth.ClientId;
                dbAuth.LoginId = auth.LoginId;
                if (auth.ScopeId > 0)
                {
                    dbAuth.ScopeId = auth.ScopeId;
                }
                else if(auth.ScopeIdentifier != null)
                {
                    var scope = new Arena.Custom.SECC.OAuth.Scope(auth.ScopeIdentifier);
                    if (scope != null)
                    {
                        dbAuth.ScopeId = scope.ScopeId;
                    }
                    else {
                        modifyResult.Successful = "False";
                        modifyResult.ErrorMessage = "ScopeId or ScopeIdentifier is required";
                        return modifyResult;
                    }
                }
                else
                {
                    modifyResult.Successful = "False";
                    modifyResult.ErrorMessage = "ScopeId or ScopeIdentifier is required";
                    return modifyResult;
                }

                if (!dbAuth.Allowed(Security.OperationType.Edit,
                    Arena.Core.ArenaContext.Current.User))
                {
                    modifyResult.Successful = "False";

                    StackFrame frame = new StackFrame(1);
                    modifyResult.ErrorMessage = "Permission denied to " + frame.GetMethod().Name.ToLower() + " authorization.";
                    return modifyResult;
                }

                dbAuth.Save();

                modifyResult.Successful = "True";
            }
            catch (Exception e)
            {
                modifyResult.Successful = "False";
                modifyResult.ErrorMessage = e.Message;
            }

            return modifyResult;
        }