/*
Kooboo is a content management system based on ASP.NET MVC framework. Copyright 2009 Yardi Technology Limited.
This program is free software: you can redistribute it and/or modify it under the terms of the
GNU General Public License version 3 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program.
If not, see http://www.kooboo.com/gpl3/.
*/
using System;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Collections.Generic;
using Everest.Library.ExtensionMethod;
namespace Everest.CmsServices.Extension.Module{
public class ModuleControllerActionInvoker : ControllerActionInvoker
{
/// <summary>
/// Initializes a new instance of the <see cref="ModuleControllerActionInvoker"/> class.
/// </summary>
/// <param name="moduleInfo">The module info.</param>
public ModuleControllerActionInvoker(ModuleInfo moduleInfo)
{
this.ModuleInfo = moduleInfo;
Authorizer = new ModuleAuthorizer();
}
/// <summary>
/// Gets or sets the module info.
/// </summary>
/// <value>The module info.</value>
public ModuleInfo ModuleInfo { get; set; }
/// <summary>
/// Gets or sets the authorizer.
/// </summary>
/// <value>The authorizer.</value>
public virtual ModuleAuthorizer Authorizer { get; set; }
private static void ValidateRequest(HttpRequestBase request)
{
request.ValidateInput();
}
/// <summary>
/// Gets the filters.
/// </summary>
/// <param name="controllerContext">The controller context.</param>
/// <param name="actionName">Name of the action.</param>
/// <returns></returns>
protected FilterInfo GetFilters(ControllerContext controllerContext, string actionName)
{
ControllerDescriptor controllerDescriptor = this.GetControllerDescriptor(controllerContext);
ActionDescriptor actionDescriptor = this.FindAction(controllerContext, controllerDescriptor, actionName);
if (actionDescriptor == null)
{
return null;
}
return this.GetFilters(controllerContext, actionDescriptor);
}
/// <summary>
/// Executes the action result.
/// </summary>
/// <param name="controllerContext">The controller context.</param>
/// <param name="actionName">Name of the action.</param>
/// <param name="actionResult">The action result.</param>
public void ExecuteActionResult(ControllerContext controllerContext, string actionName, ActionResult actionResult)
{
FilterInfo filters = this.GetFilters(controllerContext, actionName);
this.InvokeActionResultWithFilters(controllerContext, filters.ResultFilters, actionResult);
}
/// <summary>
/// Invokes the action return ActionResult
/// </summary>
/// <param name="controllerContext">The controller context.</param>
/// <param name="actionName">Name of the action.</param>
/// <returns></returns>
public virtual ActionResult InvokeActionWithoutExecuteResult(ControllerContext controllerContext, string actionName)
{
if (controllerContext == null)
{
throw new ArgumentNullException("controllerContext");
}
if (StringExtensions.IsNullOrEmptyTrim(actionName))
{
throw new ArgumentException("actionName");
}
ControllerDescriptor controllerDescriptor = this.GetControllerDescriptor(controllerContext);
ActionDescriptor actionDescriptor = this.FindAction(controllerContext, controllerDescriptor, actionName);
if (actionDescriptor == null)
{
return null;
}
FilterInfo filters = this.GetFilters(controllerContext, actionDescriptor);
try
{
//Default AuthorizationFilter
AuthorizationContext context = this.InvokeAuthorizationFilters(controllerContext, filters.AuthorizationFilters, actionDescriptor);
if (context.Result != null)
{
return context.Result;
}
ActionResult authorizationResult = this.OnAuthorization(controllerContext, GetFilter<FunctionAttribute>((ReflectedActionDescriptor)actionDescriptor));
if (authorizationResult != null)
{
return authorizationResult;
}
else
{
if (controllerContext.Controller.ValidateRequest)
{
ValidateRequest(controllerContext.HttpContext.Request);
}
IDictionary<string, object> parameterValues = this.GetParameterValues(controllerContext, actionDescriptor);
ActionExecutedContext context2 = this.InvokeActionMethodWithFilters(controllerContext, filters.ActionFilters, actionDescriptor, parameterValues);
//this.InvokeActionResultWithFilters(controllerContext, filters.ResultFilters, context2.Result);
return context2.Result;
}
}
catch (Exception exception)
{
ExceptionContext context3 = this.InvokeExceptionFilters(controllerContext, filters.ExceptionFilters, exception);
if (!context3.ExceptionHandled)
{
throw;
}
return context3.Result;
}
}
protected virtual ActionResult OnAuthorization(ControllerContext controllerContext, IEnumerable<FunctionAttribute> functions)
{
if (functions != null && functions.Count() > 0)
{
var lastFunction = functions.Last();
var modulePermission = ModuleInfo.Permissions.Where(mp => mp.FunctionName == lastFunction.Name).FirstOrDefault();
var user = controllerContext.RequestContext.HttpContext.User;
bool authorizated = ModuleInfo.IsAuthorized(lastFunction.Name, user);
if (!authorizated)
{
ActionResult actionResult = null;
if (actionResult == null && !StringExtensions.IsNullOrEmptyTrim(ModuleInfo.ModuleSettings.UnauthorizedUrl))
{
actionResult = ((ModuleController)controllerContext.Controller).ActionResultHelper.Redirect(controllerContext.HttpContext.Response.ApplyAppPathModifier(ModuleInfo.ModuleSettings.UnauthorizedUrl));
}
if (actionResult == null)
{
actionResult = new ContentResult() { Content = Resources.ModuleUnauthorizated };
}
return actionResult;
}
}
return null;
}
private IEnumerable<T> GetFilter<T>(ReflectedActionDescriptor actionDescriptor)
where T : FilterAttribute
{
T[] customAttributes = (T[])actionDescriptor.MethodInfo.ReflectedType.GetCustomAttributes(typeof(T), true);
T[] second = (T[])actionDescriptor.MethodInfo.GetCustomAttributes(typeof(T), true);
List<T> allFilters = (from attr in customAttributes.Concat<T>(second)
orderby attr.Order
select attr).ToList<T>();
return allFilters;
}
}
}
|