using System; using System.Collections.Generic; using System.Data; using System.Linq; using System.Net; using System.Security.Claims; using System.Web.Mvc; using Kreta.BusinessLogic.Helpers; using Kreta.BusinessLogic.Security; using Kreta.Core.FeatureToggle; using Kreta.Enums; using Kreta.Framework; using Kreta.Resources; using Kreta.Web.Helpers; using AuthorizationContext = System.Web.Mvc.AuthorizationContext; namespace Kreta.Web.Security { public class AuthorizeHelper { public static string[] ConvertRolesToAuthorizeProperty(KretaSecurityActions type, SzerepkorTipusEnum[] claimValue) { var pramList = new List(); if (type.Equals(KretaSecurityActions.Deny)) { var allEnum = GetAllRole(); foreach (SzerepkorTipusEnum item in claimValue) { allEnum.Remove(item); } pramList = allEnum.Select(e => e.ToString()).ToList(); } else { pramList = claimValue.Select(e => e.ToString()).ToList(); } return pramList.ToArray(); } public static List GetAllRole() { return Enum.GetValues(typeof(SzerepkorTipusEnum)).Cast().ToList(); } public static void MvcRequestAuthorizeFail(AuthorizationContext filterContext) { var url = new UrlHelper(filterContext.RequestContext); var redirectUrl = string.Empty; if (filterContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden, ErrorResource.NincsJogaAzOldalMegtekintesehez); return; } if (ClaimData.FelhasznaloSzerepkor == SzerepkorTipusEnum.Adminisztrator) { redirectUrl = "~/Adminisztracio/RendszerHibaErtesites"; } //loginnál, ha nem várja meg, amíg átírányírjuk, akkor nem lesz szerepköre else if (ClaimData.FelhasznaloSzerepkor == SzerepkorTipusEnum.Nincs_beallitva) { redirectUrl = "~/Adminisztracio/SzerepkorValaszto"; } else { redirectUrl = url.Action("AccessDenied", "ErrorHandler", new { area = string.Empty }); } filterContext.Result = new RedirectResult(redirectUrl); } public static bool CheckRoleAccess(string[] claimValue, ClaimsPrincipal principal) { var claimType = KretaClaimTypes.KretaFelhasznaloSzerepkor; bool access = claimValue == null ? principal.ClaimExists(claimType) : principal.ClaimExists(claimType, claimValue); return access; } public static bool CheckPackageAccess(string[] claimValue) { var packages = ClaimData.FelhasznaloSzerepCsomagok; bool access = false; foreach (var item in claimValue) { if (packages.Contains(item)) { access = true; break; } } return access; } public static bool CheckFeatureAccess(string[] featureNames) { var featureContext = DependencyResolver.Current.GetService(); bool access = false; foreach (var item in featureNames) { if (featureContext.IsEnabled(item, instituteId: ClaimData.IntezmenyAzonosito)) { access = true; break; } } return access; } public static DataRow CheckMaintenanceInProgress(string featureName) { try { var helper = new AdminHelper(ConnectionTypeExtensions.GetSessionConnectionType()); var result = helper.GetFeatureMaintenanceDashboardUzenet(featureName); if (result.Tables[0].Rows.Count > 0) { return result.Tables[0].Rows[0]; } } catch (Exception ex) { SDAServer.Instance.Logger.ExceptionThrown(ex); } return null; } } }