/*
Kooboo is a content management system based on ASP.NET MVC framework. Copyright 2009 Yardi Technology Limited.
This program is free software: you can redistribute it and/or modify it under the terms of the
GNU General Public License version 3 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program.
If not, see http://www.kooboo.com/gpl3/.
*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Everest.Library.Security;
using Everest.Library.ExtensionMethod;
using Everest.CmsServices.Models;
namespace Everest.CmsServices.Services{
public class CmsRoleAuthorizer : RoleAuthorizer
{
public bool IsAuthorized(string application, string denies, string allows, System.Security.Principal.IPrincipal user)
{
if (string.IsNullOrEmpty(denies) && string.IsNullOrEmpty(allows))
{
return true;
}
if (user.Identity.IsAuthenticated)
{
var dataContext = EverestCmsEntities.GetDataContext();
var applications = CachedData.GetApplicationsByUser(user.Identity.Name);
if (!applications.Contains(application, StringComparer.InvariantCultureIgnoreCase))
{
return false;
}
}
return base.IsAuthorized(denies, allows, user);
}
}
}
|