From b86457f897a8c2feb8ce64716d15cf48709674fe Mon Sep 17 00:00:00 2001
From: ErikPorter <none@none>
Date: Sun, 20 Dec 2009 05:41:11 +0000
Subject: [PATCH] Added a filter to ensure all requests to anything under
 /admin must be an authenticated request.

--HG--
extra : convert_revision : svn%3A5ff7c347-ad56-4c35-b696-ccb81de16e03/trunk%4044345
---
 src/Orchard/Mvc/Filters/AdminFilter.cs | 14 ++++++++++++++
 src/Orchard/Orchard.csproj             |  1 +
 2 files changed, 15 insertions(+)
 create mode 100644 src/Orchard/Mvc/Filters/AdminFilter.cs

diff --git a/src/Orchard/Mvc/Filters/AdminFilter.cs b/src/Orchard/Mvc/Filters/AdminFilter.cs
new file mode 100644
index 000000000..5e4cda3db
--- /dev/null
+++ b/src/Orchard/Mvc/Filters/AdminFilter.cs
@@ -0,0 +1,14 @@
+using System.Web.Mvc;
+
+namespace Orchard.Mvc.Filters {
+    public class AdminFilter : FilterProvider, IActionFilter {
+        public void OnActionExecuting(ActionExecutingContext filterContext) {
+            //TODO: (erikpo) When Orchard needs to work from a virtual path, this check will need to be adjusted
+            if (filterContext.HttpContext.Request.RawUrl.StartsWith("/Admin") && !filterContext.HttpContext.Request.IsAuthenticated)
+                filterContext.Result = new HttpUnauthorizedResult();
+        }
+
+        public void OnActionExecuted(ActionExecutedContext filterContext) {
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Orchard/Orchard.csproj b/src/Orchard/Orchard.csproj
index 450afde28..b03ff4237 100644
--- a/src/Orchard/Orchard.csproj
+++ b/src/Orchard/Orchard.csproj
@@ -125,6 +125,7 @@
     <Compile Include="Environment\IOrchardShellEvents.cs" />
     <Compile Include="Extensions\ExtensionDescriptor.cs" />
     <Compile Include="Extensions\ExtensionEntry.cs" />
+    <Compile Include="Mvc\Filters\AdminFilter.cs" />
     <Compile Include="Mvc\Html\FileRegistrationContext.cs" />
     <Compile Include="Themes\ExtensionManagerExtensions.cs" />
     <Compile Include="Extensions\Helpers\PathHelpers.cs" />