public void AppendTrailingSlash() { Assert.AreEqual("/hithere/", VPU.AppendTrailingSlash("/hithere"), "A1"); Assert.AreEqual("/hithere/", VPU.AppendTrailingSlash("/hithere/"), "A2"); Assert.AreEqual("/", VPU.AppendTrailingSlash("/"), "A3"); Assert.AreEqual("", VPU.AppendTrailingSlash(""), "A4"); Assert.AreEqual(null, VPU.AppendTrailingSlash(null), "A5"); }
public virtual bool IsAccessibleToUser(HttpContext context, SiteMapNode node) { if (context == null) { throw new ArgumentNullException("context"); } if (node == null) { throw new ArgumentNullException("node"); } if (!SecurityTrimmingEnabled) { return(true); } /* The node is accessible (according to msdn2) if: * * 1. The Roles exists on node and the current user is in at least one of the specified roles. * * 2. The current thread has an associated WindowsIdentity that has file access to the requested URL and * the URL is located within the directory structure for the application. * * 3. The current user is authorized specifically for the requested URL in the authorization element for * the current application and the URL is located within the directory structure for the application. */ /* 1. */ IList roles = node.Roles; if (roles != null && roles.Count > 0) { foreach (string rolename in roles) { if (rolename == "*" || context.User.IsInRole(rolename)) { return(true); } } } /* 2. */ /* XXX */ /* 3. */ string url = node.Url; if (!String.IsNullOrEmpty(url)) { // TODO check url is located within the current application if (VirtualPathUtility.IsAppRelative(url) || !VirtualPathUtility.IsAbsolute(url)) { url = VirtualPathUtility.Combine(VirtualPathUtility.AppendTrailingSlash(HttpRuntime.AppDomainAppVirtualPath), url); } AuthorizationSection config = (AuthorizationSection)WebConfigurationManager.GetSection( "system.web/authorization", url); if (config != null) { return(config.IsValidUser(context.User, context.Request.HttpMethod)); } } return(false); }
void RewritePath(string filePath, string pathInfo, string queryString, bool setClientFilePath) { if (filePath == null) { throw new ArgumentNullException("filePath"); } if (!VirtualPathUtility.IsValidVirtualPath(filePath)) { throw new HttpException("'" + HttpUtility.HtmlEncode(filePath) + "' is not a valid virtual path."); } filePath = VirtualPathUtility.Canonize(filePath); bool pathRelative = VirtualPathUtility.IsAppRelative(filePath); bool pathAbsolute = pathRelative ? false : VirtualPathUtility.IsAbsolute(filePath); HttpRequest req = Request; if (req == null) { return; } if (pathRelative || pathAbsolute) { if (pathRelative) { filePath = VirtualPathUtility.ToAbsolute(filePath); } else { filePath = filePath; } } else { filePath = VirtualPathUtility.AppendTrailingSlash(req.BaseVirtualDir) + filePath; } if (!StrUtils.StartsWith(filePath, HttpRuntime.AppDomainAppVirtualPath)) { throw new HttpException(404, "The virtual path '" + HttpUtility.HtmlEncode(filePath) + "' maps to another application.", filePath); } req.SetCurrentExePath(filePath); req.SetFilePath(filePath); if (setClientFilePath) { req.ClientFilePath = filePath; } // A null pathInfo or queryString is ignored and previous values remain untouched if (pathInfo != null) { req.SetPathInfo(pathInfo); } if (queryString != null) { req.QueryStringRaw = queryString; } }