31 lines
911 B
C#
31 lines
911 B
C#
|
using System.Net;
|
|||
|
using System.Web.Mvc;
|
|||
|
using Portoa.Web;
|
|||
|
using Portoa.Web.ErrorHandling;
|
|||
|
using VideoGameQuotes.Api;
|
|||
|
|
|||
|
namespace VideoGameQuotes.Web.Security {
|
|||
|
[NeedsBuildUp]
|
|||
|
public class IsValidUserAttribute : ActionFilterAttribute {
|
|||
|
public IsValidUserAttribute() {
|
|||
|
Group = UserGroup.User;
|
|||
|
}
|
|||
|
|
|||
|
public ICurrentUserProvider UserProvider { get; set; }
|
|||
|
public UserGroup Group { get; set; }
|
|||
|
|
|||
|
public override void OnActionExecuting(ActionExecutingContext filterContext) {
|
|||
|
var allowedToExecuteAction = UserProvider != null
|
|||
|
&& UserProvider.CurrentUser != null
|
|||
|
&& UserProvider.CurrentUser.Group >= Group;
|
|||
|
|
|||
|
if (!allowedToExecuteAction) {
|
|||
|
filterContext.Result = new ErrorViewResult {
|
|||
|
Message = "You are not a verified user (are you hiding your IP address?)",
|
|||
|
StatusCode = HttpStatusCode.Forbidden,
|
|||
|
ViewName = "Forbidden"
|
|||
|
};
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|