Egalware/cms_thermo_active
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94de2a49aecec243efa619b8107215dd3494b543
cms_thermo_active/Step/Attributes/SignalRAuthorizeAttribute.cs
T
CMS4390\marantalu 2b9f74a1b2 * Added Logger and Exception manager 
* Added autocreate database if not exists
2017-12-05 17:21:10 +01:00

79 lines
2.6 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Security.Principal;
using System.Text;
using System.Threading.Tasks;
using Microsoft.AspNet.SignalR;
using Microsoft.AspNet.SignalR.Hubs;
using Step.Config;
using Step.Database.Controllers;
using Step.Model;
using static Step.Utils.Constants;
using Step.Utils;
namespace Step.Attributes
{
class SignalRAuthorizeAttribute : AuthorizeAttribute
{
public string FunctionAccess;
public ACTIONS Action;
protected override bool UserAuthorized(IPrincipal user)
{
if (!base.UserAuthorized(user))
return false;
// Get user level stored in the bearer token
ClaimsIdentity identity = user.Identity as ClaimsIdentity;
var userRoleLevel = identity.Claims.Where(c => c.Type == ROLE_LEVEL_KEY).SingleOrDefault();
// User data not found -> not authorized
if (userRoleLevel == null)
return false;
// check authorization
if (!CheckAuthorization(Convert.ToInt32(userRoleLevel.Value), FunctionAccess))
return false;
return true;
}
private bool CheckAuthorization(int userLevel, string functionName)
{
try
{
using (FunctionAccessController acController = new FunctionAccessController())
{
// Read from db category levels
FunctionAccessModel functionAccess = acController.FindEnabledFunctionByName(functionName);
if (functionAccess != null && StartupConfigController.CheckAreaStatus(functionAccess.Area))
{
if (Action == ACTIONS.READ)
{ // Check read permissions
if (functionAccess.ReadLevelMin > userLevel)
return false; // Not authorized
}
else
{ // Check write permissions
if (functionAccess.WriteLevelMin > userLevel)
return false; // Not authorized
}
}
else
{
return false;
}
}
}
catch (Exception ex)
{
ExceptionManager.Manage(ex);
}
// Authorized
return true;
}
}
}
Reference in New Issue View Git Blame Copy Permalink