AuthorizeAttributeAclModule multiple AutorizeAttribute

Nov 17, 2010 at 5:01 PM

hi,

I use multiple Authorize attribute on my controller.

In the AuthorizeAttributeAclModule.IsAccessibleToUser

 	foreach (var authorizeAttribute in authorizeAttributesToCheck)
                {
                    try
                    {
                        var currentAuthorizationAttributeType = authorizeAttribute.GetType();

                        var builder = new AuthorizeAttributeBuilder();
                        var subclassedAttribute = (currentAuthorizationAttributeType == typeof (AuthorizeAttribute))
                                                      ? new InternalAuthorize(authorizeAttribute)
                                                      : // No need to use Reflection.Emit when ASP.NET MVC built-in attribute is used
                                                  (IAuthorizeAttribute)
                                                  builder.Build(currentAuthorizationAttributeType).Invoke(null);

                        subclassedAttribute.Order = authorizeAttribute.Order;
                        subclassedAttribute.Roles = authorizeAttribute.Roles;
                        subclassedAttribute.Users = authorizeAttribute.Users;

                        if (!subclassedAttribute.IsAuthorized(authorizationContext.HttpContext))
                            return false;
                        //return subclassedAttribute.IsAuthorized(authorizationContext.HttpContext);
                    }
                    catch
                    {
                        // do not allow on exception
                        return false;
                    }
                }

I put

return subclassedAttribute.IsAuthorized(authorizationContext.HttpContext);

in comment

and change the line for

                        if (!subclassedAttribute.IsAuthorized(authorizationContext.HttpContext))
                            return false;

I just whant to share this with other or if my solution is wrong please let me know

 

Coordinator
Nov 18, 2010 at 5:58 AM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.