/BlogEngine/DotNetSlave.BusinessLogic/Security/SecuritySiteMapProvider.cs

# · C# · 67 lines · 45 code · 9 blank · 13 comment · 10 complexity · 346cbe45ea7992c7a118495fc1abb04a MD5 · raw file 

    

  1. namespace BlogEngine.Core

    2. 

  2. {

    3. 

  3.     using System;

    4. 

  4.     using System.Collections.Generic;

    5. 

  5.     using System.Linq;

    6. 

  6.     using System.Text;

    7. 

  7.     using System.Web;

    8. 

  8. 

    9. 

  9.     /// <summary>

    10. 

  10.     /// Implementation of the XmlSiteMapProvider that is Rights aware.

    11. 

  11.     /// </summary>

    12. 

  12.     public class SecuritySiteMapProvider : XmlSiteMapProvider

    13. 

  13.     {

    14. 

  14.         /// <summary>

    15. 

  15.         /// Returns whether the SiteMapNode is accessible to the current user.

    16. 

  16.         /// </summary>

    17. 

  17.         public override bool IsAccessibleToUser(HttpContext context, SiteMapNode node)

    18. 

  18.         {

    19. 

  19.             // We are checking Rights, and other custom attributes here.

    20. 

  20.             // Roles may also be part of the SiteMapNode.  Let the base class

    21. 

  21.             // check for that.  If false, return false, otherwise, continue

    22. 

  22.             // with our checks.

    23. 

  23. 

    24. 

  24.             if (!base.IsAccessibleToUser(context, node))

    25. 

  25.                 return false;

    26. 

  26. 

    27. 

  27.             bool primaryBlogInstanceOnly;

    28. 

  28.             if (!string.IsNullOrWhiteSpace(node["primaryBlogInstanceOnly"]) && bool.TryParse(node["primaryBlogInstanceOnly"], out primaryBlogInstanceOnly))

    29. 

  29.             {

    30. 

  30.                 if (primaryBlogInstanceOnly && !Blog.CurrentInstance.IsPrimary)

    31. 

  31.                 {

    32. 

  32.                     return false;

    33. 

  33.                 }

    34. 

  34.             }

    35. 

  35. 

    36. 

  36.             if (!Utils.StringIsNullOrWhitespace(node["rights"]))

    37. 

  37.             {

    38. 

  38.                 // By default, all specified Rights must exist.

    39. 

  39.                 // We allow this to be overridden via the "rightsAuthorizationCheck"

    40. 

  40.                 // attribute.

    41. 

  41. 

    42. 

  42.                 AuthorizationCheck authCheck = AuthorizationCheck.HasAll;

    43. 

  43.                 if (!Utils.StringIsNullOrWhitespace(node["rightsAuthorizationCheck"]))

    44. 

  44.                 {

    45. 

  45.                     authCheck = Utils.ParseEnum<AuthorizationCheck>(node["rightsAuthorizationCheck"], AuthorizationCheck.HasAll);

    46. 

  46.                 }

    47. 

  47. 

    48. 

  48.                 string[] rightsRaw = node["rights"].Split(new char[] { ';', ',' }, StringSplitOptions.RemoveEmptyEntries);

    49. 

  49. 

    50. 

  50.                 List<Rights> rightsToCheck = new List<Rights>();

    51. 

  51.                 foreach (string r in rightsRaw)

    52. 

  52.                 {

    53. 

  53.                     Rights right = Utils.ParseEnum<Rights>(r.Trim(), Rights.None);

    54. 

  54.                     if (right != Rights.None)

    55. 

  55.                         rightsToCheck.Add(right);

    56. 

  56.                 }

    57. 

  57. 

    58. 

  58.                 if (rightsToCheck.Count > 0)

    59. 

  59.                 {

    60. 

  60.                     return Security.IsAuthorizedTo(authCheck, rightsToCheck.ToArray());

    61. 

  61.                 }

    62. 

  62.             }

    63. 

  63. 

    64. 

  64.             return true;

    65. 

  65.         }

    66. 

  66.     }

    67. 

  67. }
    68.