public class RequireAllPermissions : AuthorizeAttribute
{
readonly Permission.PermissionKey[] _permissions;
IUserLogic _userLogic { get { return UnityConfig.GetConfiguredContainer().Resolve<IUserLogic>(); } }
IPermissionLogic _permissionLogic { get { return UnityConfig.GetConfiguredContainer().Resolve<IPermissionLogic>(); } }
public RequireAllPermissions(params Permission.PermissionKey[] permissions)
{
_permissions = permissions;
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
return RequireAllPermissionsValidator.Validate(actionContext, _permissions, _userLogic, _permissionLogic);
}
}
public static class RequireAllPermissionsValidator
{
internal static bool Validate(HttpActionContext actionContext, Permission.PermissionKey[] permissions, IUserLogic userLogic, IPermissionLogic permissionLogic)
{
var identity = System.Threading.Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity;
if (identity == null)
ValidatorHelpers.ChallengeAuthRequest(actionContext, HttpStatusCode.Forbidden);
if (permissions == null)
ValidatorHelpers.ChallengeAuthRequest(actionContext, HttpStatusCode.Forbidden);
var user = userLogic.GetUserByThreadIdentity();
foreach (var permissionKey in permissions)
{
if (!permissionLogic.UserHasPermissionInRole(user, permissionKey))
ValidatorHelpers.ChallengeAuthRequest(actionContext, HttpStatusCode.Forbidden);
}
return true;
}
}
{"html5":"htmlmixed","css":"css","javascript":"javascript","php":"php","python":"python","ruby":"ruby","lua":"text\/x-lua","bash":"text\/x-sh","go":"go","c":"text\/x-csrc","cpp":"text\/x-c++src","diff":"diff","latex":"stex","sql":"sql","xml":"xml","apl":"apl","asterisk":"asterisk","c_loadrunner":"text\/x-csrc","c_mac":"text\/x-csrc","coffeescript":"text\/x-coffeescript","csharp":"text\/x-csharp","d":"d","ecmascript":"javascript","erlang":"erlang","groovy":"text\/x-groovy","haskell":"text\/x-haskell","haxe":"text\/x-haxe","html4strict":"htmlmixed","java":"text\/x-java","java5":"text\/x-java","jquery":"javascript","mirc":"mirc","mysql":"sql","ocaml":"text\/x-ocaml","pascal":"text\/x-pascal","perl":"perl","perl6":"perl","plsql":"sql","properties":"text\/x-properties","q":"text\/x-q","scala":"scala","scheme":"text\/x-scheme","tcl":"text\/x-tcl","vb":"text\/x-vb","verilog":"text\/x-verilog","yaml":"text\/x-yaml","z80":"text\/x-z80"}