当前位置: 首页>>代码示例>>C#>>正文


C# IHttpContext.SetStatusToForbidden方法代码示例

本文整理汇总了C#中IHttpContext.SetStatusToForbidden方法的典型用法代码示例。如果您正苦于以下问题:C# IHttpContext.SetStatusToForbidden方法的具体用法?C# IHttpContext.SetStatusToForbidden怎么用?C# IHttpContext.SetStatusToForbidden使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在IHttpContext的用法示例。


在下文中一共展示了IHttpContext.SetStatusToForbidden方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。

示例1: IsInvalidUser

		private bool IsInvalidUser(IHttpContext ctx, out Action onRejectingRequest)
		{
			var invalidUser = (ctx.User == null ||
							   ctx.User.Identity.IsAuthenticated == false);
			if (invalidUser)
			{
				onRejectingRequest = () => ctx.SetStatusToForbidden();
				return true;
			}


			onRejectingRequest = () => ctx.SetStatusToUnauthorized();

			if (requiredGroups.Count > 0 || requiredUsers.Count > 0)
			{
			
				if (requiredGroups.Any(requiredGroup => ctx.User.IsInRole(requiredGroup)) ||
					requiredUsers.Any(requiredUser => string.Equals(ctx.User.Identity.Name, requiredUser, StringComparison.InvariantCultureIgnoreCase)))
					return false;

				return true;
			}
			
			return false;
		}
开发者ID:neiz,项目名称:ravendb,代码行数:25,代码来源:WindowsRequestAuthorizer.cs

示例2: Respond

        public override void Respond(IHttpContext context)
        {
            var match = urlMatcher.Match(context.GetRequestUrl());
            var index = match.Groups[1].Value;

            switch (context.Request.HttpMethod)
            {
                case "HEAD":
                    if(Database.IndexDefinitionStorage.IndexNames.Contains(index, StringComparer.InvariantCultureIgnoreCase) == false)
                        context.SetStatusToNotFound();
                    break;
                case "GET":
                    OnGet(context, index);
                    break;
                case "PUT":
                    Put(context, index);
                    break;
                case "DELETE":
                    if(index.StartsWith("Raven/",StringComparison.InvariantCultureIgnoreCase))
                    {
                        context.SetStatusToForbidden();
                        context.WriteJson(new
                        {
                            Url = context.Request.RawUrl,
                            Error = "Builtin indexes cannot be deleted, attempt to delete index '" + index + "' was rejected"
                        });
                        return;
                    }
                    context.SetStatusToDeleted();
                    Database.DeleteIndex(index);
                    break;
            }
        }
开发者ID:kenegozi,项目名称:ravendb,代码行数:33,代码来源:Index.cs

示例3: BuiltinIndex

		private static bool BuiltinIndex(string index, IHttpContext context)
		{
			if (!index.StartsWith("Raven/", StringComparison.InvariantCultureIgnoreCase))
				return false;

			context.SetStatusToForbidden();
			context.WriteJson(new
			{
				Url = context.Request.RawUrl,
				Error = "Builtin indexes cannot be modified, attempt to modifiy index '" + index + "' was rejected"
			});
			return true;
		}
开发者ID:ajaishankar,项目名称:ravendb,代码行数:13,代码来源:Index.cs

示例4: Respond

        public override void Respond(IHttpContext context)
        {
            if (context.IsAdministrator() == false)
            {
                context.SetStatusToForbidden();
                context.WriteJson(new
                {
                    Error = "Only administrators can stop indexing"
                });
                return;
            }


            Database.StopBackgroundWokers();
        }
开发者ID:nzdunic,项目名称:ravendb,代码行数:15,代码来源:AdminStopIndexing.cs

示例5: Respond

		public override void Respond(IHttpContext context)
		{
			if(context.User.Identity.IsAuthenticated == false ||
				context.User.IsInRole("Administrators"))
			{
				context.SetStatusToForbidden();
				context.WriteJson(new
				{
					Error = "Only administrators can initiate a backup procedure"
				});
			}

			var backupRequest = context.ReadJsonObject<BackupRequest>();
			Database.StartBackup(backupRequest.BackupLocation);
			context.SetStatusToCreated(BackupStatus.RavenBackupStatusDocumentKey);
		}
开发者ID:dplaskon,项目名称:ravendb,代码行数:16,代码来源:AdminBackup.cs

示例6: Respond

        public override void Respond(IHttpContext context)
        {
            if (context.User.Identity.IsAuthenticated == false ||
                context.User.IsInRole("Administrators"))
            {
                context.SetStatusToForbidden();
                context.WriteJson(new
                {
                    Error = "Only administrators can stop indexing"
                });
                return;
            }


            Database.StopBackgroundWokers();
        }
开发者ID:philiphoy,项目名称:ravendb,代码行数:16,代码来源:AdminStopIndexing.cs

示例7: Respond

        public override void Respond(IHttpContext context)
        {
            if (context.IsAdministrator() == false)
            {
                context.SetStatusToForbidden();
                context.WriteJson(new
                {
                    Error = "Only administrators can start indexing"
                });
                return;
            }

            var concurrency = context.Request.QueryString["concurrency"];

            if(string.IsNullOrEmpty(concurrency)==false)
            {
                Database.Configuration.MaxNumberOfParallelIndexTasks = Math.Max(1, int.Parse(concurrency));
            }
            
            Database.SpinBackgroundWorkers();
        }
开发者ID:nzdunic,项目名称:ravendb,代码行数:21,代码来源:AdminStartIndexing.cs

示例8: Put

		private void Put(IHttpContext context, string index)
		{
			if (index.StartsWith("Raven/", StringComparison.InvariantCultureIgnoreCase))
			{
				context.SetStatusToForbidden();
				context.WriteJson(new
				{
					Url = context.Request.RawUrl,
					Error = "Builtin indexes cannot be modified, attempt to modifiy index '" + index + "' was rejected"
				});
				return;
			}
			var data = context.ReadJsonObject<IndexDefinition>();
			if (data.Map == null)
			{
				context.SetStatusToBadRequest();
				context.Write("Expected json document with 'Map' property");
				return;
			}
			context.SetStatusToCreated("/indexes/" + index);
			context.WriteJson(new { Index = Database.PutIndex(index, data) });
		}
开发者ID:nathanpalmer,项目名称:ravendb,代码行数:22,代码来源:Index.cs

示例9: TryCreateUser

		private bool TryCreateUser(IHttpContext ctx, string databaseName, out Action onRejectingRequest)
		{
			var invalidUser = (ctx.User == null || ctx.User.Identity.IsAuthenticated == false);
			if (invalidUser)
			{
				onRejectingRequest = () =>
				{
					ProvideDebugAuthInfo(ctx, new
					{
						Reason = "User is null or not authenticated"
					});
					ctx.Response.AddHeader("Raven-Required-Auth", "Windows");
					if (string.IsNullOrEmpty(Settings.OAuthTokenServer) == false)
					{
						ctx.Response.AddHeader("OAuth-Source", Settings.OAuthTokenServer);
					}
					ctx.SetStatusToUnauthorized();
				};
				return false;
			}

			var dbUsersIaAllowedAccessTo = requiredUsers
				.Where(data => ctx.User.Identity.Name.Equals(data.Name, StringComparison.InvariantCultureIgnoreCase))
				.SelectMany(source => source.Databases)
				.Concat(requiredGroups.Where(data => ctx.User.IsInRole(data.Name)).SelectMany(x => x.Databases))
				.ToList();
			var user = UpdateUserPrincipal(ctx, dbUsersIaAllowedAccessTo);

			onRejectingRequest = () =>
			{
				ctx.SetStatusToForbidden();

				ProvideDebugAuthInfo(ctx, new
				{
					user.Identity.Name,
					user.AdminDatabases,
					user.ReadOnlyDatabases,
					user.ReadWriteDatabases,
					DatabaseName = databaseName
				});
			};
			return true;
		}
开发者ID:925coder,项目名称:ravendb,代码行数:43,代码来源:WindowsRequestAuthorizer.cs

示例10: AuthorizeUsingleUseAuthToken

		private bool AuthorizeUsingleUseAuthToken(IHttpContext context, string token)
		{
			OneTimeToken value;
			if (singleUseAuthTokens.TryRemove(token, out value) == false)
			{
				context.SetStatusToForbidden();
				context.WriteJson(new
				{
					Error = "Unknown single use token, maybe it was already used?"
				});
				return false;
			}
			if (string.Equals(value.DatabaseName, TenantId, StringComparison.InvariantCultureIgnoreCase) == false)
			{
				context.SetStatusToForbidden();
				context.WriteJson(new
				{
					Error = "This single use token cannot be used for this database"
				});
				return false;
			}
			if ((SystemTime.UtcNow - value.GeneratedAt).TotalMinutes > 2.5)
			{
				context.SetStatusToForbidden();
				context.WriteJson(new
				{
					Error = "This single use token has expired"
				});
				return false;
			}

			if (value.User != null)
			{
				CurrentOperationContext.Headers.Value[Constants.RavenAuthenticatedUser] = value.User.Identity.Name;
			}
			CurrentOperationContext.User.Value = value.User;
			context.User = value.User;
			return true;
		}
开发者ID:925coder,项目名称:ravendb,代码行数:39,代码来源:MixedModeRequestAuthorizer.cs

示例11: TryCreateUser

		private bool TryCreateUser(IHttpContext ctx, string databaseName, out Action onRejectingRequest)
		{
			var invalidUser = (ctx.User == null || ctx.User.Identity.IsAuthenticated == false);
			if (invalidUser)
			{
				onRejectingRequest = () =>
				{
					ProvideDebugAuthInfo(ctx, new
					{
						Reason = "User is null or not authenticated"
					});
					ctx.Response.AddHeader("Raven-Required-Auth", "Windows");
					if (string.IsNullOrEmpty(Settings.OAuthTokenServer) == false)
					{
						ctx.Response.AddHeader("OAuth-Source", Settings.OAuthTokenServer);
					}
					ctx.SetStatusToUnauthorized();
				};
				return false;
			}

			var databaseAccessLists = GenerateDatabaseAccessLists(ctx);
			var user = UpdateUserPrincipal(ctx, databaseAccessLists);

			onRejectingRequest = () =>
			{
				ctx.SetStatusToForbidden();

				ProvideDebugAuthInfo(ctx, new
				{
					user.ExplicitlyConfigured,
					user.Identity.Name,
					user.AdminDatabases,
					user.ReadOnlyDatabases,
					user.ReadWriteDatabases,
					DatabaseName = databaseName
				});
			};
			return true;
		}
开发者ID:synhershko,项目名称:ravendb,代码行数:40,代码来源:WindowsRequestAuthorizer.cs

示例12: RespondToAdmin

		public override void RespondToAdmin(IHttpContext context)
		{
			if (EnsureSystemDatabase(context) == false)
				return;

			var match = urlMatcher.Match(context.GetRequestUrl());
			var db = Uri.UnescapeDataString(match.Groups[1].Value);
			
			DatabaseDocument dbDoc;
			var docKey = "Raven/Databases/" + db;
			switch (context.Request.HttpMethod)
			{
				case "GET":
					if (db.Equals(Constants.SystemDatabase,StringComparison.OrdinalIgnoreCase))
					{
						//fetch fake (empty) system database document
						var systemDatabaseDocument = new DatabaseDocument { Id = Constants.SystemDatabase };
						var serializedDatabaseDocument = RavenJObject.FromObject(systemDatabaseDocument);

						context.WriteJson(serializedDatabaseDocument);
					}
					else
					{
						dbDoc = GetDatabaseDocument(context, docKey, db);
						context.WriteJson(dbDoc);
					}

					break;
				case "PUT":
					if (!db.Equals(Constants.SystemDatabase, StringComparison.OrdinalIgnoreCase))
					{
						dbDoc = context.ReadJsonObject<DatabaseDocument>();
						server.Protect(dbDoc);
						var json = RavenJObject.FromObject(dbDoc);
						json.Remove("Id");

						Database.Put(docKey, null, json, new RavenJObject(), null);
					}
					else
					{
						context.SetStatusToForbidden(); //forbidden to edit system database document
					}
					break;
				case "DELETE":
					if (!db.Equals(Constants.SystemDatabase, StringComparison.OrdinalIgnoreCase))
					{
						var configuration = server.CreateTenantConfiguration(db);
						var databasedocument = Database.Get(docKey, null);

						if (configuration == null)
							return;
						Database.Delete(docKey, null, null);
						bool result;
						if (bool.TryParse(context.Request.QueryString["hard-delete"], out result) && result)
						{
							IOExtensions.DeleteDirectory(configuration.DataDirectory);
							IOExtensions.DeleteDirectory(configuration.IndexStoragePath);

							if (databasedocument != null)
							{
								dbDoc = databasedocument.DataAsJson.JsonDeserialization<DatabaseDocument>();
								if (dbDoc != null && dbDoc.Settings.ContainsKey(Constants.RavenLogsPath))
									IOExtensions.DeleteDirectory(dbDoc.Settings[Constants.RavenLogsPath]);
							}
						}
					}
					else
					{
						context.SetStatusToForbidden(); //forbidden to delete system database document
					}
					break;
			}
		}
开发者ID:925coder,项目名称:ravendb,代码行数:73,代码来源:AdminDatabases.cs

示例13: IsInvalidUser

		private bool IsInvalidUser(IHttpContext ctx, out Action onRejectingRequest)
		{
			//TODO: kiil this method and change it to TryCreateUser
			var invalidUser = (ctx.User == null || ctx.User.Identity.IsAuthenticated == false);
			if (invalidUser)
			{
				onRejectingRequest = () =>
				{
					ctx.Response.AddHeader("Raven-Required-Auth", "Windows");
					ctx.SetStatusToForbidden();
				};
				return true;
			}

			onRejectingRequest = ctx.SetStatusToUnauthorized;

			List<DatabaseAccess> databasesForGroups;
			var databasesForUsers = GenerateDatabaseAccessLists(ctx, out databasesForGroups);

			var adminList = GenerateAdminList(databasesForUsers, databasesForGroups);

			if (ctx.User is PrincipalWithDatabaseAccess == false)
				ctx.User = new PrincipalWithDatabaseAccess((WindowsPrincipal)ctx.User, adminList);

			var readOnlyList = GenerateReadOnlyList(databasesForUsers, databasesForGroups);

			if ((requiredGroups.Count > 0 || requiredUsers.Count > 0))
			{
				var databaseName = database().Name;

				if (readOnlyList.Any(selectedDatabaseName => string.Equals(selectedDatabaseName, databaseName)))
					return true;
				if (requiredGroups.Any(requiredGroup => ctx.User.IsInRole(requiredGroup.Name)
					&& requiredGroup.Databases.Any(access => access.TenantId == databaseName))
					|| requiredUsers.Any(requiredUser => string.Equals(ctx.User.Identity.Name, requiredUser.Name, StringComparison.InvariantCultureIgnoreCase)
						&& requiredUser.Databases.Any(access => access.TenantId == databaseName)))
					return false;

				return true;
			}

			return false;
		}
开发者ID:denno-secqtinstien,项目名称:ravendb,代码行数:43,代码来源:WindowsRequestAuthorizer.cs


注:本文中的IHttpContext.SetStatusToForbidden方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。