Release 8.1.6. Fixes for use of Authorize attribute to support not ha…

…rdcoding urls but having them come from sitecore settings.
benmccallum · Mar 22, 2016 · 7786c87 · 7786c87
1 parent fbeb6a8
commit 7786c87
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 21 deletions.
diff --git a/CoreSitecore.Tests/Properties/AssemblyInfo.cs b/CoreSitecore.Tests/Properties/AssemblyInfo.cs
@@ -32,5 +32,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("8.1.5.0")]
-[assembly: AssemblyFileVersion("8.1.5.0")]
+[assembly: AssemblyVersion("8.1.6.0")]
+[assembly: AssemblyFileVersion("8.1.6.0")]
diff --git a/CoreSitecore/Properties/AssemblyInfo.cs b/CoreSitecore/Properties/AssemblyInfo.cs
@@ -32,5 +32,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("8.1.5.0")]
-[assembly: AssemblyFileVersion("8.1.5.0")]
+[assembly: AssemblyVersion("8.1.6.0")]
+[assembly: AssemblyFileVersion("8.1.6.0")]
diff --git a/CoreSitecore/Sys/Web/Mvc/AuthorizeByDomainAttribute.cs b/CoreSitecore/Sys/Web/Mvc/AuthorizeByDomainAttribute.cs
@@ -1,4 +1,5 @@
-using Sitecore.Data;
+using Sitecore.Configuration;
+using Sitecore.Data;
 using System;
 using System.Web;
 using System.Web.Mvc;
@@ -13,15 +14,14 @@ public class AuthorizeByDomainAttribute : AuthorizeAttribute
  private readonly string _domainName;
 
  /// <summary>
- /// If specified, on an unauthorized request, user will be redirected to this url.
+ /// If specified, on an unauthorized request, user will be redirected to a url found by inspecting this setting.
+ ///
+ /// If this setting is an Sitecore.Data.ID, the url to that item will be used.
+ /// Else, it will be assumed to be a URL that can be redirected to as is.
+ ///
+ /// Default: CoreSitecore.AuthorizeByDomainAttribute.DefaultRedirectUrl
  /// </summary>
- public string RedirectToUrl { get; set; }
-
- /// <summary>
- /// If specified, on an unauthorized request, user will be redirected to Sitecore Item with this ID.
- /// RedirectToUrl takes precedence though if set.
- /// </summary>
- public Guid? RedirectToItemWithId { get; set; }
+ public string RedirectUrlSettingName { get; set; }
 
  /// <summary>
  /// If true, will append returnUrl querystring to url of redirected to page to support kickback later.
@@ -53,16 +53,25 @@ protected override bool AuthorizeCore(HttpContextBase httpContext)
  protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
  {
  var redirectionUrl = string.Empty;
- if (!string.IsNullOrWhiteSpace(RedirectToUrl))
- {
-  redirectionUrl = RedirectToUrl;
- }
- else if (RedirectToItemWithId.HasValue)
+
+ var settingName = string.IsNullOrWhiteSpace(RedirectUrlSettingName) ? "CoreSitecore.AuthorizeByDomainAttribute.DefaultRedirectUrl" : RedirectUrlSettingName;
+ var settingValue = Settings.GetSetting(settingName);
+
+ if (!string.IsNullOrWhiteSpace(settingValue))
  {
- var itemToRedirectTo = Sitecore.Context.Database.GetItem(new ID(RedirectToItemWithId.Value));
- if (itemToRedirectTo != null)
+ // If ID, lookup item by ID and figure out it's URL
+ if (ID.IsID(settingValue))
+ {
+ var itemToRedirectTo = Sitecore.Context.Database.GetItem(new ID(settingValue));
+ if (itemToRedirectTo != null)
+ {
+ redirectionUrl = itemToRedirectTo.GetItemUrl();
+ }
+ }
+ else
  {
- redirectionUrl = itemToRedirectTo.GetItemUrl();
+ // Assume is url
+ redirectionUrl = settingValue;
  }
  }