本文整理汇总了C#中IHttpContext.SetStatusToForbidden方法的典型用法代码示例。如果您正苦于以下问题:C# IHttpContext.SetStatusToForbidden方法的具体用法?C# IHttpContext.SetStatusToForbidden怎么用?C# IHttpContext.SetStatusToForbidden使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类IHttpContext
的用法示例。
在下文中一共展示了IHttpContext.SetStatusToForbidden方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: IsInvalidUser
private bool IsInvalidUser(IHttpContext ctx, out Action onRejectingRequest)
{
var invalidUser = (ctx.User == null ||
ctx.User.Identity.IsAuthenticated == false);
if (invalidUser)
{
onRejectingRequest = () => ctx.SetStatusToForbidden();
return true;
}
onRejectingRequest = () => ctx.SetStatusToUnauthorized();
if (requiredGroups.Count > 0 || requiredUsers.Count > 0)
{
if (requiredGroups.Any(requiredGroup => ctx.User.IsInRole(requiredGroup)) ||
requiredUsers.Any(requiredUser => string.Equals(ctx.User.Identity.Name, requiredUser, StringComparison.InvariantCultureIgnoreCase)))
return false;
return true;
}
return false;
}
示例2: Respond
public override void Respond(IHttpContext context)
{
var match = urlMatcher.Match(context.GetRequestUrl());
var index = match.Groups[1].Value;
switch (context.Request.HttpMethod)
{
case "HEAD":
if(Database.IndexDefinitionStorage.IndexNames.Contains(index, StringComparer.InvariantCultureIgnoreCase) == false)
context.SetStatusToNotFound();
break;
case "GET":
OnGet(context, index);
break;
case "PUT":
Put(context, index);
break;
case "DELETE":
if(index.StartsWith("Raven/",StringComparison.InvariantCultureIgnoreCase))
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Url = context.Request.RawUrl,
Error = "Builtin indexes cannot be deleted, attempt to delete index '" + index + "' was rejected"
});
return;
}
context.SetStatusToDeleted();
Database.DeleteIndex(index);
break;
}
}
示例3: BuiltinIndex
private static bool BuiltinIndex(string index, IHttpContext context)
{
if (!index.StartsWith("Raven/", StringComparison.InvariantCultureIgnoreCase))
return false;
context.SetStatusToForbidden();
context.WriteJson(new
{
Url = context.Request.RawUrl,
Error = "Builtin indexes cannot be modified, attempt to modifiy index '" + index + "' was rejected"
});
return true;
}
示例4: Respond
public override void Respond(IHttpContext context)
{
if (context.IsAdministrator() == false)
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "Only administrators can stop indexing"
});
return;
}
Database.StopBackgroundWokers();
}
示例5: Respond
public override void Respond(IHttpContext context)
{
if(context.User.Identity.IsAuthenticated == false ||
context.User.IsInRole("Administrators"))
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "Only administrators can initiate a backup procedure"
});
}
var backupRequest = context.ReadJsonObject<BackupRequest>();
Database.StartBackup(backupRequest.BackupLocation);
context.SetStatusToCreated(BackupStatus.RavenBackupStatusDocumentKey);
}
示例6: Respond
public override void Respond(IHttpContext context)
{
if (context.User.Identity.IsAuthenticated == false ||
context.User.IsInRole("Administrators"))
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "Only administrators can stop indexing"
});
return;
}
Database.StopBackgroundWokers();
}
示例7: Respond
public override void Respond(IHttpContext context)
{
if (context.IsAdministrator() == false)
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "Only administrators can start indexing"
});
return;
}
var concurrency = context.Request.QueryString["concurrency"];
if(string.IsNullOrEmpty(concurrency)==false)
{
Database.Configuration.MaxNumberOfParallelIndexTasks = Math.Max(1, int.Parse(concurrency));
}
Database.SpinBackgroundWorkers();
}
示例8: Put
private void Put(IHttpContext context, string index)
{
if (index.StartsWith("Raven/", StringComparison.InvariantCultureIgnoreCase))
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Url = context.Request.RawUrl,
Error = "Builtin indexes cannot be modified, attempt to modifiy index '" + index + "' was rejected"
});
return;
}
var data = context.ReadJsonObject<IndexDefinition>();
if (data.Map == null)
{
context.SetStatusToBadRequest();
context.Write("Expected json document with 'Map' property");
return;
}
context.SetStatusToCreated("/indexes/" + index);
context.WriteJson(new { Index = Database.PutIndex(index, data) });
}
示例9: TryCreateUser
private bool TryCreateUser(IHttpContext ctx, string databaseName, out Action onRejectingRequest)
{
var invalidUser = (ctx.User == null || ctx.User.Identity.IsAuthenticated == false);
if (invalidUser)
{
onRejectingRequest = () =>
{
ProvideDebugAuthInfo(ctx, new
{
Reason = "User is null or not authenticated"
});
ctx.Response.AddHeader("Raven-Required-Auth", "Windows");
if (string.IsNullOrEmpty(Settings.OAuthTokenServer) == false)
{
ctx.Response.AddHeader("OAuth-Source", Settings.OAuthTokenServer);
}
ctx.SetStatusToUnauthorized();
};
return false;
}
var dbUsersIaAllowedAccessTo = requiredUsers
.Where(data => ctx.User.Identity.Name.Equals(data.Name, StringComparison.InvariantCultureIgnoreCase))
.SelectMany(source => source.Databases)
.Concat(requiredGroups.Where(data => ctx.User.IsInRole(data.Name)).SelectMany(x => x.Databases))
.ToList();
var user = UpdateUserPrincipal(ctx, dbUsersIaAllowedAccessTo);
onRejectingRequest = () =>
{
ctx.SetStatusToForbidden();
ProvideDebugAuthInfo(ctx, new
{
user.Identity.Name,
user.AdminDatabases,
user.ReadOnlyDatabases,
user.ReadWriteDatabases,
DatabaseName = databaseName
});
};
return true;
}
示例10: AuthorizeUsingleUseAuthToken
private bool AuthorizeUsingleUseAuthToken(IHttpContext context, string token)
{
OneTimeToken value;
if (singleUseAuthTokens.TryRemove(token, out value) == false)
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "Unknown single use token, maybe it was already used?"
});
return false;
}
if (string.Equals(value.DatabaseName, TenantId, StringComparison.InvariantCultureIgnoreCase) == false)
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "This single use token cannot be used for this database"
});
return false;
}
if ((SystemTime.UtcNow - value.GeneratedAt).TotalMinutes > 2.5)
{
context.SetStatusToForbidden();
context.WriteJson(new
{
Error = "This single use token has expired"
});
return false;
}
if (value.User != null)
{
CurrentOperationContext.Headers.Value[Constants.RavenAuthenticatedUser] = value.User.Identity.Name;
}
CurrentOperationContext.User.Value = value.User;
context.User = value.User;
return true;
}
示例11: TryCreateUser
private bool TryCreateUser(IHttpContext ctx, string databaseName, out Action onRejectingRequest)
{
var invalidUser = (ctx.User == null || ctx.User.Identity.IsAuthenticated == false);
if (invalidUser)
{
onRejectingRequest = () =>
{
ProvideDebugAuthInfo(ctx, new
{
Reason = "User is null or not authenticated"
});
ctx.Response.AddHeader("Raven-Required-Auth", "Windows");
if (string.IsNullOrEmpty(Settings.OAuthTokenServer) == false)
{
ctx.Response.AddHeader("OAuth-Source", Settings.OAuthTokenServer);
}
ctx.SetStatusToUnauthorized();
};
return false;
}
var databaseAccessLists = GenerateDatabaseAccessLists(ctx);
var user = UpdateUserPrincipal(ctx, databaseAccessLists);
onRejectingRequest = () =>
{
ctx.SetStatusToForbidden();
ProvideDebugAuthInfo(ctx, new
{
user.ExplicitlyConfigured,
user.Identity.Name,
user.AdminDatabases,
user.ReadOnlyDatabases,
user.ReadWriteDatabases,
DatabaseName = databaseName
});
};
return true;
}
示例12: RespondToAdmin
public override void RespondToAdmin(IHttpContext context)
{
if (EnsureSystemDatabase(context) == false)
return;
var match = urlMatcher.Match(context.GetRequestUrl());
var db = Uri.UnescapeDataString(match.Groups[1].Value);
DatabaseDocument dbDoc;
var docKey = "Raven/Databases/" + db;
switch (context.Request.HttpMethod)
{
case "GET":
if (db.Equals(Constants.SystemDatabase,StringComparison.OrdinalIgnoreCase))
{
//fetch fake (empty) system database document
var systemDatabaseDocument = new DatabaseDocument { Id = Constants.SystemDatabase };
var serializedDatabaseDocument = RavenJObject.FromObject(systemDatabaseDocument);
context.WriteJson(serializedDatabaseDocument);
}
else
{
dbDoc = GetDatabaseDocument(context, docKey, db);
context.WriteJson(dbDoc);
}
break;
case "PUT":
if (!db.Equals(Constants.SystemDatabase, StringComparison.OrdinalIgnoreCase))
{
dbDoc = context.ReadJsonObject<DatabaseDocument>();
server.Protect(dbDoc);
var json = RavenJObject.FromObject(dbDoc);
json.Remove("Id");
Database.Put(docKey, null, json, new RavenJObject(), null);
}
else
{
context.SetStatusToForbidden(); //forbidden to edit system database document
}
break;
case "DELETE":
if (!db.Equals(Constants.SystemDatabase, StringComparison.OrdinalIgnoreCase))
{
var configuration = server.CreateTenantConfiguration(db);
var databasedocument = Database.Get(docKey, null);
if (configuration == null)
return;
Database.Delete(docKey, null, null);
bool result;
if (bool.TryParse(context.Request.QueryString["hard-delete"], out result) && result)
{
IOExtensions.DeleteDirectory(configuration.DataDirectory);
IOExtensions.DeleteDirectory(configuration.IndexStoragePath);
if (databasedocument != null)
{
dbDoc = databasedocument.DataAsJson.JsonDeserialization<DatabaseDocument>();
if (dbDoc != null && dbDoc.Settings.ContainsKey(Constants.RavenLogsPath))
IOExtensions.DeleteDirectory(dbDoc.Settings[Constants.RavenLogsPath]);
}
}
}
else
{
context.SetStatusToForbidden(); //forbidden to delete system database document
}
break;
}
}
示例13: IsInvalidUser
private bool IsInvalidUser(IHttpContext ctx, out Action onRejectingRequest)
{
//TODO: kiil this method and change it to TryCreateUser
var invalidUser = (ctx.User == null || ctx.User.Identity.IsAuthenticated == false);
if (invalidUser)
{
onRejectingRequest = () =>
{
ctx.Response.AddHeader("Raven-Required-Auth", "Windows");
ctx.SetStatusToForbidden();
};
return true;
}
onRejectingRequest = ctx.SetStatusToUnauthorized;
List<DatabaseAccess> databasesForGroups;
var databasesForUsers = GenerateDatabaseAccessLists(ctx, out databasesForGroups);
var adminList = GenerateAdminList(databasesForUsers, databasesForGroups);
if (ctx.User is PrincipalWithDatabaseAccess == false)
ctx.User = new PrincipalWithDatabaseAccess((WindowsPrincipal)ctx.User, adminList);
var readOnlyList = GenerateReadOnlyList(databasesForUsers, databasesForGroups);
if ((requiredGroups.Count > 0 || requiredUsers.Count > 0))
{
var databaseName = database().Name;
if (readOnlyList.Any(selectedDatabaseName => string.Equals(selectedDatabaseName, databaseName)))
return true;
if (requiredGroups.Any(requiredGroup => ctx.User.IsInRole(requiredGroup.Name)
&& requiredGroup.Databases.Any(access => access.TenantId == databaseName))
|| requiredUsers.Any(requiredUser => string.Equals(ctx.User.Identity.Name, requiredUser.Name, StringComparison.InvariantCultureIgnoreCase)
&& requiredUser.Databases.Any(access => access.TenantId == databaseName)))
return false;
return true;
}
return false;
}