diff --git a/src/Umbraco.Core/UriExtensions.cs b/src/Umbraco.Core/UriExtensions.cs
index 53ca85e0a8..e5de22456b 100644
--- a/src/Umbraco.Core/UriExtensions.cs
+++ b/src/Umbraco.Core/UriExtensions.cs
@@ -2,6 +2,7 @@ using System;
using System.IO;
using System.Linq;
using System.Text;
+using Umbraco.Core.Configuration;
using Umbraco.Core.IO;
namespace Umbraco.Core
diff --git a/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs b/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs
index ae62f7acee..0f99a6c6c7 100644
--- a/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs
+++ b/src/Umbraco.Web/Mvc/UmbracoAuthorizedController.cs
@@ -20,20 +20,8 @@ namespace Umbraco.Web.Mvc
[UmbracoAuthorize]
public abstract class UmbracoAuthorizedController : UmbracoController
{
-
- private User _user;
private bool _userisValidated = false;
- ///
- /// The current user ID
- ///
- private int _uid = 0;
-
- ///
- /// The page timeout in seconds.
- ///
- private long _timeout = 0;
-
///
/// Returns the currently logged in Umbraco User
///
@@ -41,40 +29,15 @@ namespace Umbraco.Web.Mvc
{
get
{
- if (!_userisValidated) ValidateUser();
- return _user;
- }
- }
-
- private void ValidateUser()
- {
- if ((UmbracoContext.Security.UmbracoUserContextId != ""))
- {
- _uid = UmbracoContext.Security.GetUserId(UmbracoContext.Security.UmbracoUserContextId);
- _timeout = UmbracoContext.Security.GetTimeout(UmbracoContext.Security.UmbracoUserContextId);
-
- if (_timeout > DateTime.Now.Ticks)
+ //throw exceptions if not valid (true)
+ if (!_userisValidated)
{
- _user = global::umbraco.BusinessLogic.User.GetUser(_uid);
-
- // Check for console access
- if (_user.Disabled || (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext)))
- {
- throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator");
- }
+ Security.ValidateCurrentUser(HttpContext, true);
_userisValidated = true;
- UmbracoContext.Security.UpdateLogin(_timeout);
}
- else
- {
- throw new ArgumentException("User has timed out!!");
- }
- }
- else
- {
- throw new InvalidOperationException("The user has no umbraco contextid - try logging in");
- }
+ return Security.CurrentUser;
+ }
}
}
diff --git a/src/Umbraco.Web/WebApi/UmbracoApiController.cs b/src/Umbraco.Web/WebApi/UmbracoApiController.cs
index acbf82f161..b8ba3f9a7b 100644
--- a/src/Umbraco.Web/WebApi/UmbracoApiController.cs
+++ b/src/Umbraco.Web/WebApi/UmbracoApiController.cs
@@ -1,4 +1,5 @@
using System;
+using System.Web;
using System.Web.Http;
using Umbraco.Core;
using Umbraco.Core.Services;
@@ -22,6 +23,29 @@ namespace Umbraco.Web.WebApi
Umbraco = new UmbracoHelper(umbracoContext);
}
+ ///
+ /// Tries to retreive the current HttpContext if one exists.
+ ///
+ ///
+ protected Attempt TryGetHttpContext()
+ {
+ object context;
+ if (Request.Properties.TryGetValue("MS_HttpContext", out context))
+ {
+ var httpContext = context as HttpContextBase;
+ if (httpContext != null)
+ {
+ return new Attempt(true, httpContext);
+ }
+ }
+ if (HttpContext.Current != null)
+ {
+ return new Attempt(true, new HttpContextWrapper(HttpContext.Current));
+ }
+
+ return Attempt.False;
+ }
+
///
/// Returns the current ApplicationContext
///
diff --git a/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs b/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs
index 9101e3ac66..d0ede6fcda 100644
--- a/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs
+++ b/src/Umbraco.Web/WebApi/UmbracoAuthorizedApiController.cs
@@ -19,20 +19,9 @@ namespace Umbraco.Web.WebApi
: base(umbracoContext)
{
}
-
- private User _user;
+
private bool _userisValidated = false;
-
- ///
- /// The current user ID
- ///
- private int _uid = 0;
-
- ///
- /// The page timeout in seconds.
- ///
- private long _timeout = 0;
-
+
///
/// Returns the currently logged in Umbraco User
///
@@ -40,40 +29,19 @@ namespace Umbraco.Web.WebApi
{
get
{
- if (!_userisValidated) ValidateUser();
- return _user;
- }
- }
-
- private void ValidateUser()
- {
- if ((UmbracoContext.Security.UmbracoUserContextId != ""))
- {
- _uid = UmbracoContext.Security.GetUserId(UmbracoContext.Security.UmbracoUserContextId);
- _timeout = UmbracoContext.Security.GetTimeout(UmbracoContext.Security.UmbracoUserContextId);
-
- if (_timeout > DateTime.Now.Ticks)
+ //throw exceptions if not valid (true)
+ if (!_userisValidated)
{
- _user = global::umbraco.BusinessLogic.User.GetUser(_uid);
-
- // Check for console access
- if (_user.Disabled || (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext.Current) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext.Current)))
- {
- throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator");
- }
+ var ctx = TryGetHttpContext();
+ if (ctx.Success == false)
+ throw new InvalidOperationException("To get a current user, this method must occur in a web request");
+ Security.ValidateCurrentUser(ctx.Result, true);
_userisValidated = true;
- UmbracoContext.Security.UpdateLogin(_timeout);
}
- else
- {
- throw new ArgumentException("User has timed out!!");
- }
- }
- else
- {
- throw new InvalidOperationException("The user has no umbraco contextid - try logging in");
- }
+ return Security.CurrentUser;
+ }
}
+
}
}
\ No newline at end of file