Last active
October 26, 2016 12:50
-
-
Save kwestground/668092b8179145796c57c166eb2a1279 to your computer and use it in GitHub Desktop.
PermissionRecord validation attribute for NopCommerce
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
namespace Nop.Web.Framework.Controllers | |
{ | |
using System; | |
using System.Web.Mvc; | |
using Core.Domain.Security; | |
using Core.Infrastructure; | |
using Services.Security; | |
[AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, AllowMultiple=true)] | |
public class PermissionRecordValidation : FilterAttribute, IAuthorizationFilter | |
{ | |
private readonly PermissionRecord _permissionRecord; | |
public PermissionRecordValidation(PermissionRecord permissionRecord) | |
{ | |
this._permissionRecord = permissionRecord; | |
} | |
public virtual void OnAuthorization(AuthorizationContext filterContext) | |
{ | |
if (filterContext == null) | |
throw new ArgumentNullException(nameof(filterContext)); | |
var permissionService = EngineContext.Current.Resolve<IPermissionService>(); | |
if (!permissionService.Authorize(_permissionRecord)) | |
filterContext.Result = new HttpUnauthorizedResult(); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment