Facebook
From Beefy Hamster, 5 Years ago, written in C#.
Embed
Download Paste or View Raw
Hits: 228
  1.  
  2.  
  3.  
  4.   public class RequireAllPermissions : AuthorizeAttribute
  5.     {
  6.         readonly Permission.PermissionKey[] _permissions;
  7.  
  8.         IUserLogic _userLogic { get { return UnityConfig.GetConfiguredContainer().Resolve<IUserLogic>(); } }
  9.         IPermissionLogic _permissionLogic { get { return UnityConfig.GetConfiguredContainer().Resolve<IPermissionLogic>(); } }
  10.  
  11.         public RequireAllPermissions(params Permission.PermissionKey[] permissions)
  12.         {
  13.             _permissions = permissions;
  14.         }
  15.  
  16.         protected override bool IsAuthorized(HttpActionContext actionContext)
  17.         {
  18.             return RequireAllPermissionsValidator.Validate(actionContext, _permissions, _userLogic, _permissionLogic);
  19.         }
  20.     }
  21.  
  22.   public static class RequireAllPermissionsValidator
  23.     {
  24.         internal static bool Validate(HttpActionContext actionContext, Permission.PermissionKey[] permissions, IUserLogic userLogic, IPermissionLogic permissionLogic)
  25.         {
  26.             var identity = System.Threading.Thread.CurrentPrincipal.Identity as BasicAuthenticationIdentity;
  27.  
  28.             if (identity == null)
  29.                 ValidatorHelpers.ChallengeAuthRequest(actionContext, HttpStatusCode.Forbidden);
  30.             if (permissions == null)
  31.                 ValidatorHelpers.ChallengeAuthRequest(actionContext, HttpStatusCode.Forbidden);
  32.             var user = userLogic.GetUserByThreadIdentity();
  33.  
  34.             foreach (var permissionKey in permissions)
  35.             {
  36.                 if (!permissionLogic.UserHasPermissionInRole(user, permissionKey))
  37.                     ValidatorHelpers.ChallengeAuthRequest(actionContext, HttpStatusCode.Forbidden);
  38.             }
  39.  
  40.             return true;
  41.         }
  42.    }