diff --git a/Yavsc/src/AuthorisationHandlers.cs b/Yavsc/src/AuthorisationHandlers.cs index 7b5f3698..c99a9278 100644 --- a/Yavsc/src/AuthorisationHandlers.cs +++ b/Yavsc/src/AuthorisationHandlers.cs @@ -1,4 +1,5 @@ using System; +using System.IO; using System.Security.Claims; using Microsoft.AspNet.Authorization; using Yavsc.Models; @@ -15,6 +16,18 @@ namespace Yavsc { } } + public class FileSpotInfo : IAuthorizationRequirement + { + public DirectoryInfo PathInfo { get; private set; } + public FileSpotInfo(string path, Blog b) { + PathInfo = new DirectoryInfo(path); + AuthorId = b.AuthorId; + BlogEntryId = b.Id; + } + public string AuthorId { get; private set; } + public long BlogEntryId { get; private set; } + + } public class ViewRequirement : IAuthorizationRequirement { public ViewRequirement() @@ -25,7 +38,7 @@ namespace Yavsc { { protected override void Handle(AuthorizationContext context, EditRequirement requirement, Blog resource) { - if (context.User.IsInRole("Moderator")) + if (context.User.IsInRole(Constants.BlogModeratorGroupName)) context.Succeed(requirement); else if (context.User.Identity.IsAuthenticated) if (resource.AuthorId == context.User.GetUserId()) @@ -33,6 +46,22 @@ namespace Yavsc { } } + public class PostUserFileHandler : AuthorizationHandler + { + protected override void Handle(AuthorizationContext context, EditRequirement requirement, FileSpotInfo resource) + { + if (context.User.IsInRole(Constants.BlogModeratorGroupName) + || context.User.IsInRole(Constants.AdminGroupName)) + context.Succeed(requirement); + if (!context.User.Identity.IsAuthenticated) + context.Fail(); + if (resource.AuthorId == context.User.GetUserId()) + context.Succeed(requirement); + else context.Fail(); + } + + } + public class BlogViewHandler : AuthorizationHandler { protected override void Handle(AuthorizationContext context, ViewRequirement requirement, Blog resource)