init

KretaWeb/Security/MvcFeatureAuthorizeAttribute.cs

@@ -0,0 +1,51 @@
+using System;
+using System.Web;
+using System.Web.Mvc;
+
+namespace Kreta.Web.Security
+{
+    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
+    public class MvcFeatureAuthorizeAttribute : AuthorizeAttribute
+    {
+        private readonly string[] featureNames;
+
+        public MvcFeatureAuthorizeAttribute(params string[] features)
+        {
+            featureNames = features;
+        }
+
+        public override void OnAuthorization(AuthorizationContext filterContext)
+        {
+            if (AuthorizeCore(filterContext.HttpContext))
+            {
+                HttpCachePolicyBase cache = filterContext.HttpContext.Response.Cache;
+                cache.SetProxyMaxAge(new TimeSpan(0L));
+                cache.AddValidationCallback(new HttpCacheValidateHandler(CacheValidateHandler), null);
+            }
+            else
+            {
+                HandleUnauthorizedRequest(filterContext);
+            }
+        }
+
+        protected override bool AuthorizeCore(HttpContextBase httpContext)
+        {
+            return AuthorizeHelper.CheckFeatureAccess(featureNames);
+        }
+
+        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
+        {
+            AuthorizeHelper.MvcRequestAuthorizeFail(filterContext);
+        }
+
+        protected override HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext)
+        {
+            return !AuthorizeCore(httpContext) ? HttpValidationStatus.IgnoreThisRequest : HttpValidationStatus.Valid;
+        }
+
+        private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
+        {
+            validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
+        }
+    }
+}