Skip to content
This repository has been archived by the owner on Feb 20, 2021. It is now read-only.

Commit

Permalink
Merge pull request #347 from fsimonazzi/add-token-to-management-urls
Browse files Browse the repository at this point in the history 
add accessCode check in the conference controller
This will work as a poor man's authorization for the sample purposes (for now at least).
  • Loading branch information
@jdom
jdom committed May 5, 2012
2 parents aa89285 + 6c3ac14 commit 0770109
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 8 deletions.
25 changes: 18 additions & 7 deletions source/Conference/Conference.Web/Controllers/ConferenceController.cs
View file
Expand Up @@ -42,10 +42,21 @@ protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
this.ViewBag.Slug = slug;
this.Conference = this.Service.FindConference(slug);

if (this.Conference != null)
{
this.ViewBag.OwnerName = this.Conference.OwnerName;
this.ViewBag.WasEverPublished = this.Conference.WasEverPublished;
// check access
var accessCode = (string)this.ControllerContext.RequestContext.RouteData.Values["accessCode"];

if (accessCode == null || !string.Equals(accessCode, this.Conference.AccessCode, StringComparison.Ordinal))
{
filterContext.Result = new HttpUnauthorizedResult("Invalid access code.");
}
else
{
this.ViewBag.OwnerName = this.Conference.OwnerName;
this.ViewBag.WasEverPublished = this.Conference.WasEverPublished;
}
}
}

Expand Down Expand Up @@ -73,7 +84,7 @@ public ActionResult Locate(string email, string accessCode)
}

// TODO: not very secure ;).
return RedirectToAction("Index", new { slug = conference.Slug });
return RedirectToAction("Index", new { slug = conference.Slug, accessCode });
}

public ActionResult Index()
Expand Down Expand Up @@ -106,7 +117,7 @@ public ActionResult Create(ConferenceInfo conference)
return View(conference);
}

return RedirectToAction("Index", new { slug = conference.Slug });
return RedirectToAction("Index", new { slug = conference.Slug, accessCode = conference.AccessCode });
}

return View(conference);
Expand All @@ -131,7 +142,7 @@ public ActionResult Edit(ConferenceInfo conference)
if (ModelState.IsValid)
{
this.Service.UpdateConference(conference);
return RedirectToAction("Index", new { slug = conference.Slug });
return RedirectToAction("Index", new { slug = conference.Slug, accessCode = conference.AccessCode });
}

return View(conference);
Expand All @@ -147,7 +158,7 @@ public ActionResult Publish()

this.Service.Publish(this.Conference.Id);

return RedirectToAction("Index", new { slug = this.Conference.Slug });
return RedirectToAction("Index", new { slug = this.Conference.Slug, accessCode = this.Conference.AccessCode });
}

[HttpPost]
Expand All @@ -160,7 +171,7 @@ public ActionResult Unpublish()

this.Service.Unpublish(this.Conference.Id);

return RedirectToAction("Index", new { slug = this.Conference.Slug });
return RedirectToAction("Index", new { slug = this.Conference.Slug, accessCode = this.Conference.AccessCode });
}

#endregion
Expand Down
2 changes: 1 addition & 1 deletion source/Conference/Conference.Web/Global.asax.cs
View file
Expand Up @@ -55,7 +55,7 @@ public static void RegisterRoutes(RouteCollection routes)

routes.MapRoute(
name: "Conference",
url: "{slug}/{action}",
url: "{slug}/{accessCode}/{action}",
defaults: new { controller = "Conference", action = "Index" }
);

Expand Down

0 comments on commit 0770109

Please sign in to comment.