/// <summary>
/// Avoids risking things like AmbiguousMatchException, by accessing the controller and action descriptors.
/// </summary>
internal IEnumerable<AuthorizeAttribute> GetAuthorizeAttributes(ControllerBase controller, string actionName)
{
ControllerDescriptor controllerDescriptor = new ReflectedControllerDescriptor(controller.GetType());
ActionDescriptor actionDescriptor = controllerDescriptor.FindAction(controller.ControllerContext, actionName);
if (actionDescriptor == null)
{
// if we can't find a matching action descriptor, we just issue a warning log and trim the action from the site map.
log.Warn(Exceptions.MiniAclModule_ActionDescriptorNotFound.FormatWith(controllerDescriptor.ControllerName, actionName));
return new AuthorizeAttribute[] { new UnauthorizedAttribute() };
}
IEnumerable<AuthorizeAttribute> controllerAttributes = controllerDescriptor.GetAttributes<AuthorizeAttribute>();
IEnumerable<AuthorizeAttribute> actionAttributes = actionDescriptor.GetAttributes<AuthorizeAttribute>();
return controllerAttributes.Concat(actionAttributes);
}
