finished #646 and fixed #664

2025-08-15 19:16:55 -07:00 · 2016-11-14 13:16:02 +00:00 · 2016-11-14 13:16:02 +00:00 · 55f1309140
commit 55f1309140
parent 05bdfcd550
41 changed files with 494 additions and 261 deletions
--- a/PlexRequests.UI/Helpers/HtmlSecurityHelper.cs
+++ b/PlexRequests.UI/Helpers/HtmlSecurityHelper.cs
@ -25,6 +25,8 @@
 //  ************************************************************************/
 #endregion

+using Nancy;
+using Nancy.Linker;
 using Nancy.Security;
 using Nancy.ViewEngines.Razor;
 using Ninject;
@ -41,22 +43,37 @@ namespace PlexRequests.UI.Helpers
            get
            {
                var userRepo = ServiceLocator.Instance.Resolve<IUserRepository>();
-                return _security ?? (_security = new SecurityExtensions(userRepo, null));
+                var linker = ServiceLocator.Instance.Resolve<IResourceLinker>();
+                return _security ?? (_security = new SecurityExtensions(userRepo, null, linker));
            }
        }

        private static SecurityExtensions _security;


-        public static bool HasAnyPermission(this HtmlHelpers helper, int permission)
+        public static bool HasAnyPermission(this HtmlHelpers helper, int permission, bool authenticated = true)
        {
-            return helper.CurrentUser.IsAuthenticated() 
-                && Security.HasPermissions(helper.CurrentUser, (Permissions) permission);
+            if (authenticated)
+            {
+                return helper.CurrentUser.IsAuthenticated()
+                       && Security.HasPermissions(helper.CurrentUser, (Permissions) permission);
+            }
+            return Security.HasPermissions(helper.CurrentUser, (Permissions)permission);
        }

        public static bool DoesNotHavePermission(this HtmlHelpers helper, int permission)
        {
            return Security.DoesNotHavePermissions(permission, helper.CurrentUser);
        }
+
+        public static bool IsAdmin(this HtmlHelpers helper, bool isAuthenticated = true)
+        {
+            return HasAnyPermission(helper, (int) Permissions.Administrator, isAuthenticated);
+        }
+
+        public static bool IsLoggedIn(this HtmlHelpers helper, NancyContext context)
+        {
+            return Security.IsLoggedIn(context);
+        }
    }
 }
--- a/PlexRequests.UI/Helpers/SecurityExtensions.cs
+++ b/PlexRequests.UI/Helpers/SecurityExtensions.cs
@ -30,6 +30,8 @@ using System.Collections.Generic;
 using System.Linq;
 using Nancy;
 using Nancy.Extensions;
+using Nancy.Linker;
+using Nancy.Responses;
 using Nancy.Security;
 using Ninject;
 using PlexRequests.Helpers.Permissions;
@ -40,14 +42,16 @@ namespace PlexRequests.UI.Helpers
 {
    public class SecurityExtensions
    {
-        public SecurityExtensions(IUserRepository userRepository, NancyModule context)
+        public SecurityExtensions(IUserRepository userRepository, NancyModule context, IResourceLinker linker)
        {
            UserRepository = userRepository;
            Module = context;
+            Linker = linker;
        }
        
        private IUserRepository UserRepository { get; }
        private NancyModule Module { get; }
+        private IResourceLinker Linker { get; }

        public bool IsLoggedIn(NancyContext context)
        {
@ -117,7 +121,7 @@ namespace PlexRequests.UI.Helpers
            if (dbUser == null) return false;

            var permissions = (Permissions)dbUser.Permissions;
-            var result = permissions.HasFlag((Permissions)perm);
+            var result = permissions.HasFlag(perm);
            return !result;
        }

@ -134,10 +138,11 @@ namespace PlexRequests.UI.Helpers
            return result;
        }

-        public void HasPermissionsResponse(Permissions perm)
+        public Response HasPermissionsRedirect(Permissions perm, NancyContext context, string routeName, HttpStatusCode code)
        {
-            Module.AddBeforeHookOrExecute(
-            ForbiddenIfNot(ctx =>
+            var url = Linker.BuildRelativeUri(context, routeName);
+
+            var response = ForbiddenIfNot(ctx =>
            {
                if (ctx.CurrentUser == null) return false;

@ -145,13 +150,24 @@ namespace PlexRequests.UI.Helpers

                if (dbUser == null) return false;

-                var permissions = (Permissions)dbUser.Permissions;
+                var permissions = (Permissions) dbUser.Permissions;
                var result = permissions.HasFlag(perm);
                return result;
-            }), "Requires Claims");
+            });
+
+            var r = response(context);
+            return r.StatusCode == code
+                ? new RedirectResponse(url.ToString()) 
+                : null;
        }


+        public Response AdminLoginRedirect(Permissions perm, NancyContext context)
+        {
+            // This will redirect us to the Login Page if we don't have the correct permission passed in (e.g. Admin with Http 403 status code).
+            return HasPermissionsRedirect(perm, context, "LocalLogin", HttpStatusCode.Forbidden);
+        }
+        
        // BELOW IS A COPY FROM THE SecurityHooks CLASS!

        /// <summary>