ServiceStack.RequiredRoleAttribute.AssertRequiredRoles C# (CSharp) Method

RequiredRoleAttribute Class Documentation Exibir arquivo Open project: nustack/ServiceStack

AssertRequiredRoles() public static method

Check all session is in all supplied roles otherwise a 401 HttpError is thrown

public static AssertRequiredRoles ( IRequest request ) : void
request	IRequest
return	void

        public static void AssertRequiredRoles(IRequest request, params string[] requiredRoles)
        {
            if (requiredRoles.IsEmpty()) return;

            if (HostContext.HasValidAuthSecret(request))
                return;

            var session = request.GetSession();

            if (session != null && session.HasRole(RoleNames.Admin))
                return;

            if (session != null && requiredRoles.All(session.HasRole))
                return;

            session.UpdateFromUserAuthRepo(request);

            if (session != null && requiredRoles.All(session.HasRole))
                return;

            var statusCode = session != null && session.IsAuthenticated
                ? (int)HttpStatusCode.Forbidden
                : (int)HttpStatusCode.Unauthorized;

            throw new HttpError(statusCode, "Invalid Role");
        }
    }

RequiredRoleAttribute

AssertRequiredRoles

Execute

HasAllRoles

RequiredRoleAttribute