MCVXMLAuthorizer.cs :  » Content-Management-Systems-CMS » Kooboo » Everest » Library » Mvc » Authorization » C# / CSharp Open Source

/*
Kooboo is a content management system based on ASP.NET MVC framework. Copyright 2009 Yardi Technology Limited.

This program is free software: you can redistribute it and/or modify it under the terms of the
GNU General Public License version 3 as published by the Free Software Foundation.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program.
If not, see http://www.kooboo.com/gpl3/.
*/
//http://weblogs.asp.net/jigardesai/archive/2008/10/30/authorization-in-asp-net-mvc-using-xml-configuration.aspx
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.IO;
using System.Web;
using System.Web.Caching;

namespace Everest.Library.Mvc.Authorization{
    public class MCVXMLAuthorizer : IMVCAuthorizer
    {

        ControllerAuthorizationInfoCollection controllers = null;


        #region IMVCAuthorizer Members

        /// <summary>
        /// Determines whether the user is authorized to access specified controller .
        /// </summary>
        /// <param name="controllerName">Name of the controller.</param>
        /// <param name="actionName">Name of the action.</param>
        /// <param name="user">The user.</param>
        /// <returns>
        ///   <c>true</c> if the specified controller name is authorized; otherwise, <c>false</c>.
        /// </returns>
        public bool IsAuthorized(string controllerName, string actionName, System.Security.Principal.IPrincipal user)
        {
            return controllers.CanAccessAction(controllerName, actionName, user);
        }

        /// <summary>
        /// Initilizes the Authorizer using connection string.
        /// </summary>
        /// <param name="connectionString">The connection string.</param>
        public void Initilize(string connectionString)
        {
            string path = HttpContext.Current.Server.MapPath(connectionString);

            controllers = getControllerAuthorizationInfoCollection(path);

            CacheDependency = new CacheDependency(path);
        }



        #endregion

        private ControllerAuthorizationInfoCollection getControllerAuthorizationInfoCollection(string path)
        {
            ControllerAuthorizationInfoCollection rVal = null;

            XmlSerializer ser = new XmlSerializer(typeof(ControllerAuthorizationInfoCollection));
            using (FileStream fs = File.OpenRead(path))
            {
                rVal = (ControllerAuthorizationInfoCollection)ser.Deserialize(fs);
            }

            return rVal;
        }

        #region IMVCAuthorizer Members

        public System.Web.Caching.CacheDependency CacheDependency
        {
            get;
            set;
        }

        #endregion
    }
}