/*
Kooboo is a content management system based on ASP.NET MVC framework. Copyright 2009 Yardi Technology Limited.
This program is free software: you can redistribute it and/or modify it under the terms of the
GNU General Public License version 3 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program.
If not, see http://www.kooboo.com/gpl3/.
*/
using System;
using System.Web.Mvc;
using Everest.Library;
using Everest.CmsServices.Models;
using Everest.CmsServices.Services;
using Everest.Library.ExtensionMethod;
namespace Everest.CmsServices.Controllers{
public class PermissionFilterAttribute : ActionFilterAttribute
{
public FolderType Permission { get; set; }
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string application = filterContext.HttpContext.Request.Form["application"];
if (StringExtensions.IsNullOrEmptyTrim(application))
{
application = CmsGlobal.RootApplicationName;
}
PermissionService permissionService = UnityManager.Resolve<PermissionService>();
if (!permissionService.IsAllowed(filterContext.HttpContext.User.Identity.Name, Permission.ToString(), application, ActionType.View))
{
throw new UnauthorizedAccessException(Resources.UnauthorizedAccess);
}
base.OnActionExecuting(filterContext);
}
}
}
|