vgquotes/Src/VideoGameQuotes.Web/Security/IsValidUserAttribute.cs

31 lines
911 B
C#
Raw Normal View History

using System.Net;
using System.Web.Mvc;
using Portoa.Web;
using Portoa.Web.ErrorHandling;
using VideoGameQuotes.Api;
namespace VideoGameQuotes.Web.Security {
[NeedsBuildUp]
public class IsValidUserAttribute : ActionFilterAttribute {
public IsValidUserAttribute() {
Group = UserGroup.User;
}
public ICurrentUserProvider UserProvider { get; set; }
public UserGroup Group { get; set; }
public override void OnActionExecuting(ActionExecutingContext filterContext) {
var allowedToExecuteAction = UserProvider != null
&& UserProvider.CurrentUser != null
&& UserProvider.CurrentUser.Group >= Group;
if (!allowedToExecuteAction) {
filterContext.Result = new ErrorViewResult {
Message = "You are not a verified user (are you hiding your IP address?)",
StatusCode = HttpStatusCode.Forbidden,
ViewName = "Forbidden"
};
}
}
}
}