57 lines
1.9 KiB
C#
57 lines
1.9 KiB
C#
using System;
|
|
using System.Net;
|
|
using System.Net.Http;
|
|
using System.Web;
|
|
using System.Web.Http;
|
|
using System.Web.Http.Controllers;
|
|
using Kreta.BusinessLogic.Security;
|
|
|
|
namespace Kreta.Web.Security
|
|
{
|
|
public class ApiRolePackageDenyAuthorizeAttribute : ApiRolePackageAuthorizeAttribute
|
|
{
|
|
public ApiRolePackageDenyAuthorizeAttribute(params string[] claimValue) : base(KretaSecurityActions.Deny, claimValue) { }
|
|
}
|
|
|
|
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
|
|
public class ApiRolePackageAuthorizeAttribute : AuthorizeAttribute
|
|
{
|
|
private string[] claimPackages;
|
|
private KretaSecurityActions actionType = KretaSecurityActions.Demand;
|
|
|
|
public ApiRolePackageAuthorizeAttribute(params string[] claimValue)
|
|
{
|
|
claimPackages = claimValue;
|
|
}
|
|
|
|
public ApiRolePackageAuthorizeAttribute(KretaSecurityActions type, params string[] claimValue)
|
|
{
|
|
claimPackages = claimValue;
|
|
actionType = type;
|
|
}
|
|
|
|
public override void OnAuthorization(HttpActionContext actionContext)
|
|
{
|
|
if (IsAuthorized(actionContext))
|
|
return;
|
|
HandleUnauthorizedRequest(actionContext);
|
|
}
|
|
|
|
protected override bool IsAuthorized(HttpActionContext actionContext)
|
|
{
|
|
var result = AuthorizeHelper.CheckPackageAccess(claimPackages);
|
|
if (actionType == KretaSecurityActions.Deny)
|
|
{
|
|
result = !result;
|
|
}
|
|
|
|
return result;
|
|
}
|
|
|
|
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
|
|
{
|
|
HttpContext.Current.Response.AddHeader("AuthenticationStatus", "NotAuthorized");
|
|
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden);
|
|
}
|
|
}
|
|
}
|