public void ProcessRequest(HttpContext context) { try { var form = _factory.BuildParamsCollectionFrom(new HttpRequest(new HttpRequestWrapper(HttpContext.Current.Request))); var serviceInstance = _container.Get(_type); var authorizationResult = _securityManager.Authorize <InvokeService>(serviceInstance); if (!authorizationResult.IsAuthorized) { throw new HttpStatus.HttpStatusException(404, "Forbidden"); } var result = _invoker.Invoke(_url, serviceInstance, context.Request.Url, form); context.Response.Write(result); } catch (Exception e) { _exceptionPublisher.Publish(e); if (e.InnerException is HttpStatus.HttpStatusException) { var ex = e.InnerException as HttpStatus.HttpStatusException; context.Response.StatusCode = ex.Code; context.Response.StatusDescription = ex.Description; } else { context.Response.StatusCode = 500; context.Response.StatusDescription = e.Message.Substring(0, e.Message.Length >= 512 ? 512: e.Message.Length); } } }
public Task ProcessRequest(HttpContext context) { try { var request = context.Request; _logger.Information($"Request : {request.Path}"); var form = _factory.BuildParamsCollectionFrom(new HttpRequest(context.Request)); var serviceInstance = _container.Get(_type); _logger.Trace("Authorize"); var authorizationResult = _securityManager.Authorize <InvokeService>(serviceInstance); if (!authorizationResult.IsAuthorized) { _logger.Trace("Not authorized"); throw new HttpStatus.HttpStatusException(404, "Forbidden"); } _logger.Trace("Authorized"); var url = $"{request.Scheme}://{request.Host}{request.Path}"; _logger.Trace($"URL : {url}"); var result = _invoker.Invoke(_url, serviceInstance, new Uri(url), form); _logger.Trace($"Result : {result}"); return(context.Response.WriteAsync(result)); } catch (Exception e) { _exceptionPublisher.Publish(e); var message = string.Empty; if (e.InnerException is HttpStatus.HttpStatusException) { var ex = e.InnerException as HttpStatus.HttpStatusException; context.Response.StatusCode = ex.Code; message = ex.Description; } else { context.Response.StatusCode = 500; message = e.Message.Substring(0, e.Message.Length >= 512 ? 512: e.Message.Length); } context.Response.ContentType = "application/json"; return(context.Response.WriteAsync($"{{'message':'{message}'}}")); } }
/// <summary> /// Checks the permission for requested action as specified in particular permission .ctor. /// The check is performed in the scope of supplied session, or if no session was supplied then /// current execution context session is assumed /// </summary> /// <returns>True when action is authorized, false otherwise</returns> public virtual bool Check(ISecurityManager secman, ISession sessionInstance = null) { secman.NonNull(nameof(secman)); var session = sessionInstance ?? ExecutionContext.Session ?? NOPSession.Instance; var user = session.User; //System user passes all permission checks if (user.Status == UserStatus.System) { return(true); } var access = secman.Authorize(user, this); if (!access.IsAssigned) { return(false); } return(DoCheckAccessLevel(secman, session, access)); }
#pragma warning disable 1591 // Xml Comments public AuthorizationResult Authorize(ICommand command) { return(_securityManager.Authorize <HandleCommand>(command)); }
public bool Authorize(IDBOperation operation, bool isInitializeCall) { if (_nodeContext.StatusLatch.IsAnyBitsSet(NodeStatus.Initializing)) { _nodeContext.StatusLatch.WaitForAny(NodeStatus.Running); } bool isInitialized = true; if (!isInitializeCall) //This portion is to verify if database is initialized or not, it has nothing to do with security (authorization or authentication) { ClientSessionId clientSessionId = operation.SessionId as ClientSessionId; if (!(initializedDatabases != null && initializedDatabases.ContainsKey(operation.Database) && (initializedDatabases[operation.Database].Contains(operation.SessionId) || (clientSessionId != null && initializedDatabases[operation.Database].Contains(clientSessionId.RouterSessionId))))) { isInitialized = false; } //throw new DistributorException(ErrorCodes.Distributor.DATABASE_NOT_INITIALIZED, new[] {operation.Database}); } //Authorization bool isAuthorized = false; ISessionId sessionId = operation.SessionId; Permission permission = null; switch (operation.OperationType) { case DatabaseOperationType.Get: case DatabaseOperationType.GetChunk: case DatabaseOperationType.ReadQuery: case DatabaseOperationType.DisposeReader: permission = Permission.Read; break; case DatabaseOperationType.Insert: case DatabaseOperationType.Delete: case DatabaseOperationType.Replace: case DatabaseOperationType.Update: case DatabaseOperationType.WriteQuery: permission = Permission.Write; break; case DatabaseOperationType.Init: permission = Permission.Init; break; } //if(LoggerManager.Instance.SecurityLogger != null && LoggerManager.Instance.SecurityLogger.IsInfoEnabled) //{ // LoggerManager.Instance.SecurityLogger.Info("DataBaseEngine.Authorize", "Operation: " + operation.OperationType); //} if (permission != null) { ResourceId resourceId; ResourceId superResourceId; Security.Impl.SecurityManager.GetSecurityInformation(permission, operation.Database, out resourceId, out superResourceId, null); isAuthorized = SecurityManager.Authorize(_nodeContext.LocalShardName, sessionId, resourceId, superResourceId, permission); _nodeContext.TopologyImpl.IsOpertionAllow(operation.Database); } if (isAuthorized && !isInitialized) { this.InitializeDatabase(new InitDatabaseOperation() { Database = operation.Database, SessionId = operation.SessionId }); } return(isAuthorized); }
#pragma warning disable 1591 // Xml Comments public AuthorizationResult Authorize <T>(IReadModelOf <T> readModelOf) where T : IReadModel { return(_securityManager.Authorize <Fetching>(readModelOf)); }
/// <inheritdoc/> public AuthorizationResult Authorize(CommandRequest command) { return(_securityManager.Authorize <HandleCommand>(_converter.Convert(command))); }