Permalink
Browse files

AuthorizeAttributeAclModule now tries getting filter providers from M…

…VC DependencyResolver first, before checking FilterProviders.Providers. This works better if using custom IoC filter providers (such as Autofac) and filter property injection.

Also, as per issue #21, AuthorizeAttributeAclModule now releases controllers built via ControllerFactory.  This fixes a memory leak problem when using IoC / DI, which tend to hang on to controller references.
  • Loading branch information...
1 parent 3dcc203 commit a89e53d5422ac8c9fcc725173603e875b9a3ba28 @aflatten committed Feb 20, 2012
Showing with 23 additions and 1 deletion.
  1. +23 −1 src/MvcSiteMapProvider/MvcSiteMapProvider/AuthorizeAttributeAclModule.cs
@@ -97,10 +97,14 @@ public bool IsAccessibleToUser(IControllerTypeResolver controllerTypeResolver, D
// Create controller context
var controllerContext = new ControllerContext();
controllerContext.RequestContext = requestContext;
+
+ // Whether controller is built by the ControllerFactory (or otherwise by Activator)
+ bool factoryBuiltController = false;
try
{
string controllerName = requestContext.RouteData.GetRequiredString("controller");
controllerContext.Controller = ControllerBuilder.Current.GetControllerFactory().CreateController(requestContext, controllerName) as ControllerBase;
+ factoryBuiltController = true;
}
catch
{
@@ -149,8 +153,22 @@ public bool IsAccessibleToUser(IControllerTypeResolver controllerTypeResolver, D
controllerDescriptor.GetCustomAttributes(typeof(AuthorizeAttribute), true).OfType
<AuthorizeAttribute>().ToList());
#else
+ IFilterProvider filterProvider = DependencyResolver.Current.GetService<IFilterProvider>();
+ IEnumerable<Filter> filters;
+
+ // If depencency resolver has an IFilterProvider registered, use it
+ if (filterProvider != null)
+ {
+ filters = filterProvider.GetFilters(controllerContext, actionDescriptor);
+ }
+ // Otherwise use FilterProviders.Providers
+ else
+ {
+ filters = FilterProviders.Providers.GetFilters(controllerContext, actionDescriptor);
+ }
+
IEnumerable<AuthorizeAttribute> authorizeAttributesToCheck =
- FilterProviders.Providers.GetFilters(controllerContext, actionDescriptor)
+ filters
.Where(f => typeof(AuthorizeAttribute).IsAssignableFrom(f.Instance.GetType()))
.Select(f => f.Instance as AuthorizeAttribute);
#endif
@@ -191,6 +209,10 @@ public bool IsAccessibleToUser(IControllerTypeResolver controllerTypeResolver, D
{
// Restore HttpContext
httpContext.RewritePath(originalPath, true);
+
+ // Release controller
+ if (factoryBuiltController)
+ ControllerBuilder.Current.GetControllerFactory().ReleaseController(controllerContext.Controller);
}
}

0 comments on commit a89e53d

Please sign in to comment.