Mercurial > altnet-hispano
annotate Agendas/trunk/src/Agendas.Web/Controllers/CustomAuthorizeAttribute.cs @ 292:1408ac17cb64
Patrocinadores: Faltaba aplicar seguridad a la Api de Patrocinadores.
author | juanjose.montesdeocaarbos |
---|---|
date | Thu, 09 Feb 2012 08:40:38 -0300 |
parents | 2d02adb79322 |
children |
rev | line source |
---|---|
185
2d02adb79322
Se agrega fecha de termino de un Evento y se incluye la hora a la fecha de inicio.
alabra
parents:
179
diff
changeset
|
1 using System.Web; |
179 | 2 using System.Web.Mvc; |
3 using AltNetHispano.Agendas.Domain; | |
4 using AltNetHispano.Agendas.Factories; | |
5 | |
6 namespace AltNetHispano.Agendas.Web.Controllers | |
7 { | |
8 public class CustomAuthorizeAttribute : AuthorizeAttribute | |
9 { | |
10 public string RedirectResultUrl { get; set; } | |
11 | |
12 public CustomAuthorizeAttribute() | |
13 { | |
14 RedirectResultUrl = "~/Error/NoAutorizado"; | |
15 } | |
16 | |
17 protected override bool AuthorizeCore(HttpContextBase httpContext) | |
18 { | |
19 if (!httpContext.User.Identity.IsAuthenticated || !IdentityContext.IsAuthenticated()) | |
20 return false; | |
21 | |
22 if (!string.IsNullOrWhiteSpace(Roles)) | |
23 { | |
24 using (NHibernateFactory.GetSessionScope()) | |
25 { | |
26 var roles = Roles.Split(','); | |
27 if (!IdentityContext.IsInRole(roles)) | |
28 { | |
29 httpContext.Response.StatusCode = 403; | |
30 return false; | |
31 } | |
32 } | |
33 } | |
34 | |
35 return true; | |
36 } | |
37 | |
38 protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext) | |
39 { | |
40 if (filterContext.HttpContext.Response.StatusCode == 403) | |
41 filterContext.Result = new RedirectResult(RedirectResultUrl); | |
42 else | |
43 base.HandleUnauthorizedRequest(filterContext); | |
44 } | |
45 } | |
46 } |