c# - Combine custom AuthorizeAttribute and RequireHttpsAttribute -

-

i have custom requirehttpsattribute , custom authorizeattribute apply in filterconfig ensure controllers uses https , authorizes in same way.

i have controller action need other authorization. in case must first use [overrideauthorization] override global authorization filter, , can set special authorization action.

but [overrideauthorization] override customrequirehttpsattribute since inherts iauthorizationfilter. can don't have readd customrequirehttpsattribute attribute every time override authorization?

public class filterconfig {     public static void registerglobalfilters(globalfiltercollection filters)     {         filters.add(new customrequirehttpsattribute());         filters.add(new customauthorizeattribute(role = "user"));     } }  public class mycontroller : basecontroller {     public actionresult dosomeuserstuff()     {     }      [overrideauthorization]     [customrequirehttpsattribute]     [customauthorizeattribute(role = "admin")]     public actionresult dosomeadminstuff()     {     } }

i ended creating own custom ifilterprovider based on modified version of this post.

i added attribute can use controllers or actions want override attribute set globally. nothing else extend customauthorizeattribute carries same functionality:

public class overridecustomauthorizeattribute : customauthorizeattribute {}

then create ifilterprovider checks presence of overridecustomauthorizeattributes in list of filters. if so, remove customauthorizeattributes list:

public class customfilterprovider : ifilterprovider {     private readonly filterprovidercollection _filterproviders;      public customfilterprovider(ilist<ifilterprovider> filters)     {         _filterproviders = new filterprovidercollection(filters);     }      public ienumerable<filter> getfilters(controllercontext controllercontext, actiondescriptor actiondescriptor)     {         var filters = _filterproviders.getfilters(controllercontext, actiondescriptor).toarray();          var shouldoverridecustomauthorizeattribute = filters.any(filter => filter.instance overridecustomauthorizeattribute);         if (shouldoverridecustomauthorizeattribute)         {             // there overridecustomauthorizefilterattribute present, remove customauthorizeattributes list of filters             return filters.where(filter => filter.instance.gettype() != typeof(customauthorizeattribute));         }          return filters;     } }

i register ifilterprovider in global.asax.cs:

public class mvcapplication : system.web.httpapplication {     protected void application_start()     {         // other stuff first....          var providers = filterproviders.providers.toarray();         filterproviders.providers.clear();         filterproviders.providers.add(new customfilterprovider(providers));     } }

and register global customauthorizeattribute in filterconfig.cs before:

public class filterconfig {     public static void registerglobalfilters(globalfiltercollection filters)     {         filters.add(new customrequirehttpsattribute());         filters.add(new customauthorizeattribute(role = "user"));     } }

the difference use overridecustomauthorizeattribute in controller instead:

public class mycontroller : basecontroller {     public actionresult dosomeuserstuff()     {     }      [overridecustomauthorizeattribute(role = "admin")]     public actionresult dosomeadminstuff()     {     } }

this way, customrequirehttpsattribute set globally , never overridden.


Comments

Post a Comment

Popular posts from this blog

Capture and play voice with Asterisk ARI -

-
there channel ari demo in wich can control channel state: ring, answer, play silence, play tone or audio-file ( https://github.com/asterisk/ari-examples/tree/master/channel-state , https://wiki.asterisk.org/wiki/display/ast/ari+and+channels%3a+manipulating+channel+state ) possible receive chunks (parts, buffers, etc.) of call voice (which created remote subscriber) or write chunks of voice, example array of bytes (not file) in audio format (alaw, ulow etc). you can use asterisk eagi interface voice data. other option use record or mixmonitor app record channel(channel have put stasis allow dialplan control ari) "write chunks of voice" can done application playback also can create own application using c/c++, compile asterisk , result want. no, can't redirect voice directly using ari.
Read more

c - Unrecognised emulation mode: elf_i386 on MinGW32 -

-
i'm trying make kernel, , cannot link c output assembly. ld . i'm getting error: unrecognized emulation mode: elf_i386 i'm using windows 10 professional mingw32 , msys. code using: link.ld /* * link.ld */ output_format(elf32-i386) entry(start) sections { . = 0x100000; .text : { *(.text) } .data : { *(.data) } .bss : { *(.bss) } } kernel.c /* * kernel.c */ void kmain(void) { const char *str = "my first kernel"; char *vidptr = (char*)0xb8000; //video mem begins here. unsigned int = 0; unsigned int j = 0; /* loops clears screen * there 25 lines each of 80 columns; each element takes 2 bytes */ while(j < 80 * 25 * 2) { /* blank character */ vidptr[j] = ' '; /* attribute-byte - light grey on black screen */ vidptr[j+1] = 0x07; j = j + 2; } j = 0; /* loop writes string video memory */ while(str[j] != '\0') { /...
Read more

magic numbers - Java's checkstyle, MagicNumberCheck -

-
i using checkstyle reportings source-code. question magicnumbercheck . i using date/(org.joda.)datetime in source code this: datetime datetime = new datetime(2013, 2, 27, 23, 0): datetime.plushours(57); is there way suppress magicnumbercheck notifications if magic number within date or datetime? you can use suppressioncommentfilter check this. configure properties values (in checkstyle configuration file) <module name="suppressioncommentfilter"> <property name="offcommentformat" value="check\:off\: ([\w\|]+)"/> <property name="oncommentformat" value="check\:on\: ([\w\|]+)"/> <property name="checkformat" value="$1"/> </module> now required lines, can like //check:off: magicnumber datetime datetime = new datetime(2013, 2, 27, 23, 0): datetime.plushours(57); //check:on: magicnumber this suppress magicnumber checks , rest checks work here. you can su...
Read more