AuthorizationInfo.cs :  » Content-Management-Systems-CMS » Kooboo » Everest » Library » Mvc » Authorization » C# / CSharp Open Source

/*
Kooboo is a content management system based on ASP.NET MVC framework. Copyright 2009 Yardi Technology Limited.

This program is free software: you can redistribute it and/or modify it under the terms of the
GNU General Public License version 3 as published by the Free Software Foundation.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program.
If not, see http://www.kooboo.com/gpl3/.
*/
//http://weblogs.asp.net/jigardesai/archive/2008/10/30/authorization-in-asp-net-mvc-using-xml-configuration.aspx
using System;
using System.Linq;
using System.Configuration;
using System.Collections.Generic;
using System.Xml.Serialization;

namespace Everest.Library.Mvc.Authorization{


    /// <summary>
    /// Authorization Info
    /// </summary>
    public abstract class AuthorizationInfo
    {
        private string name;

        /// <summary>
        /// Gets or sets the name.
        /// </summary>
        /// <value>The name.</value>
        [XmlAttribute("name")]
        public string Name
        {
            get { return name; }
            set { name = value; }
        }


        private string[] roles;

        /// <summary>
        /// Gets or sets the roles.
        /// </summary>
        /// <value>The roles.</value>
        [XmlArray(ElementName = "roles")]
        [XmlArrayItem(ElementName = "role")]
        public string[] Roles
        {
            get { return roles; }
            set { roles = value; }
        }

        private string[] users;
        [XmlArray(ElementName = "users")]
        [XmlArrayItem(ElementName = "user")]
        public string[] Users
        {
            get { return users; }
            set { users = value; }
        }


        /// <summary>
        /// Determines whether [is in any roles] [the specified user].
        /// </summary>
        /// <param name="user">The user.</param>
        /// <returns>
        ///   <c>true</c> if [is in any roles] [the specified user]; otherwise, <c>false</c>.
        /// </returns>
        public bool IsAllowUser(System.Security.Principal.IPrincipal user)
        {
            if (user == null)
                return false;

            // no-roles is same as free free everyone..
            if ((roles == null || roles.Length == 0) && (users == null || users.Length == 0))
            {
                return true;
            }

            if (users != null)
            {
                //allow all authenticated users
                if (user.Identity.IsAuthenticated && users.Contains("*"))
                {
                    return true;
                }
                if (users.Contains(user.Identity.Name, StringComparer.InvariantCultureIgnoreCase))
                {
                    return true;
                }
            }
            if (roles != null)
            {
                foreach (string role in roles)
                {
                    if (user.IsInRole(role))
                    {
                        return true;
                    }
                }
            }

            return false;
        }

    }
}