RexMorgan/CustomAuthorizationFailureHandler.cs

## CustomAuthorizationFailureHandler.cs
public class CustomAuthorizationFailureHandler : IAuthorizationFailureHandler
{
    private readonly IOutputWriter _writer;
    private readonly IUrlRegistry _urlRegistry;

    public CustomAuthorizationFailureHandler(IOutputWriter writer, IUrlRegistry urlRegistry)
    {
        _writer = writer;
        _urlRegistry = urlRegistry;
    }

    public void Handle()
    {
        // Get the url to the login page, and redirect the user there!
        var url = _urlRegistry.UrlFor(new LoginRequestModel());
        _writer.RedirectToUrl(url);
    }
}

## CustomFubuRegistry.cs
Services(x =>
                {
                    x.ReplaceService<IAuthorizationFailureHandler, CustomAuthorizationFailureHandler>();
                });

## EditBlogInputModel.cs
public interface IPostModel
{
    int PostId { get; }
}

public class EditPostInputModel : IPostModel
{
    public int PostId { get; set; }
    public string Title { get; set; }
    public string Body { get; set; }
    public string Slug { get; set; }
}

public class EditPostRequestModel : IPostModel
{
    public int PostId { get; set; }
    public string Title { get; set; }
    public string Body { get; set; }
    public string Slug { get; set; }
}

## FubuRegistry.cs
Policies.Add<PostAuthorizationConvention>();

## PostAuthorizationConvention.cs
public class PostAuthorizationConvention : IConfigurationAction
{
    public void Configure(BehaviorGraph graph)
    {
        graph
            .Behaviors
            .Where(c => typeof (IPostModel).IsAssignableFrom(c.InputType()))
            .Each(chain => chain
                                .Authorization
                                .AddPolicy(typeof (PostAuthorizationPolicy<>).MakeGenericType(chain.InputType())));
    }
}

## PostAuthorizationPolicy.cs
public class PostAuthorizationPolicy<TModel> : IAuthorizationPolicy
    where TModel : class, IPostModel
{
    private readonly IPostRepository _postRepository;
    private readonly CurrentUser _currentUser;

    public PostAuthorizationPolicy(IPostRepository postRepository, CurrentUser currentUser)
    {
        _postRepository = postRepository;
        _currentUser = currentUser;
    }

    public AuthorizationRight RightsFor(IFubuRequest request)
    {
        var model = request.Get<TModel>();
        if (model == null)
        {
            return AuthorizationRight.Deny;
        }

        var post = _postRepository.GetById(model.PostId);
        if (post == null)
        {
            return AuthorizationRight.Deny;
        }

        return post.User.Id == _currentUser.UserId
                    ? AuthorizationRight.Allow
                    : AuthorizationRight.Deny;
    }
}
	public class CustomAuthorizationFailureHandler : IAuthorizationFailureHandler
	{
	private readonly IOutputWriter _writer;
	private readonly IUrlRegistry _urlRegistry;

	public CustomAuthorizationFailureHandler(IOutputWriter writer, IUrlRegistry urlRegistry)
	{
	_writer = writer;
	_urlRegistry = urlRegistry;
	}

	public void Handle()
	{
	// Get the url to the login page, and redirect the user there!
	var url = _urlRegistry.UrlFor(new LoginRequestModel());
	_writer.RedirectToUrl(url);
	}
	}
	Services(x =>
	{
	x.ReplaceService<IAuthorizationFailureHandler, CustomAuthorizationFailureHandler>();
	});
	public interface IPostModel
	{
	int PostId { get; }
	}

	public class EditPostInputModel : IPostModel
	{
	public int PostId { get; set; }
	public string Title { get; set; }
	public string Body { get; set; }
	public string Slug { get; set; }
	}

	public class EditPostRequestModel : IPostModel
	{
	public int PostId { get; set; }
	public string Title { get; set; }
	public string Body { get; set; }
	public string Slug { get; set; }
	}
	public class PostAuthorizationConvention : IConfigurationAction
	{
	public void Configure(BehaviorGraph graph)
	{
	graph
	.Behaviors
	.Where(c => typeof (IPostModel).IsAssignableFrom(c.InputType()))
	.Each(chain => chain
	.Authorization
	.AddPolicy(typeof (PostAuthorizationPolicy<>).MakeGenericType(chain.InputType())));
	}
	}
	public class PostAuthorizationPolicy<TModel> : IAuthorizationPolicy
	where TModel : class, IPostModel
	{
	private readonly IPostRepository _postRepository;
	private readonly CurrentUser _currentUser;

	public PostAuthorizationPolicy(IPostRepository postRepository, CurrentUser currentUser)
	{
	_postRepository = postRepository;
	_currentUser = currentUser;
	}

	public AuthorizationRight RightsFor(IFubuRequest request)
	{
	var model = request.Get<TModel>();
	if (model == null)
	{
	return AuthorizationRight.Deny;
	}

	var post = _postRepository.GetById(model.PostId);
	if (post == null)
	{
	return AuthorizationRight.Deny;
	}

	return post.User.Id == _currentUser.UserId
	? AuthorizationRight.Allow
	: AuthorizationRight.Deny;
	}
	}