protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var pdp = new PDP();
string action = httpContext.Request.HttpMethod;
string username = httpContext.User.Identity.Name;
string resource = httpContext.Request.Url.AbsolutePath;
if (!_caseSensitive)
{
action = action.ToLower();
resource = resource.ToLower();
}
try
{
return pdp.IsUserAuthorized(username, action, resource);
}
catch (Exception e)
{
if (!(e is ActionNotFoundException) && !(e is ResourceNotFoundException))
{
throw;
}
// Action or resource unknown to the policy repository. Forward to default AuthorizeAttribute implementation.
System.Diagnostics.Debug.WriteLine(e.Message);
return base.AuthorizeCore(httpContext);
}
}
static void isActionAllowedOfUserWithResourceTest(PDP lib)
{
String userName = "******";
String resourceName = "/folder/file1.txt";
String actionName = "Criar ficheiros e pastas";
if (!lib.IsUserAuthorized(userName, actionName, resourceName))
Console.WriteLine("O utilizador {0} não tem permissão {1} sobre o recurso {2}.", userName, actionName, resourceName);
else
Console.WriteLine("O utilizador {0} tem permissão {1} sobre o recurso {2}.", userName, actionName, resourceName);
}
public void IsUserAuthorizedForUnknownUserReturnsFalse()
{
var pdp = new PDP();
Assert.That(pdp.IsUserAuthorized("Unknown user", "Executar ficheiros", "/folder"), Is.False);
}
public void IsUserAuthorizedForUnknownResourceThrowsResourceNotFoundException()
{
var pdp = new PDP();
Assert.That(() => pdp.IsUserAuthorized("Ricardo", "Executar ficheiros", "unknown resource"), Throws.TypeOf<ResourceNotFoundException>());
}
public void IsUserAuthorizedForUnknownActionThrowsActionNotFoundException()
{
var pdp = new PDP();
Assert.That(() => pdp.IsUserAuthorized("Ricardo", "unknown action", "/folder"), Throws.TypeOf<ActionNotFoundException>());
}
