return true;
}
- bool userMatch;
- bool roleMatch;
- bool verbMatch;
foreach (UserData data in list) {
- if (data.Users == null)
+ if (data.Verbs != null && !data.CheckVerb (verb))
continue;
- userMatch = (data.Users == null);
- if (!userMatch)
- userMatch = data.CheckUser (user.Identity.Name);
-
- roleMatch = (data.Roles == null);
- if (!roleMatch)
- roleMatch = data.CheckRole (user);
-
- verbMatch = (data.Verbs == null);
- if (data.Verbs != null)
- verbMatch = data.CheckVerb (verb);
+ if (data.Users != null && !data.CheckUser (user.Identity.Name))
+ continue;
+ else if (data.Roles != null && !data.CheckRole (user))
+ continue;
- if (userMatch && roleMatch && verbMatch)
- return data.Allow;
+ return data.Allow;
}
if (parent != null)
+2004-06-22 Gonzalo Paniagua Javier <gonzalo@ximian.com>
+
+ * AuthorizationConfig.cs: we must match [verb +] (role|user). Fixes bug
+ #60482.
+
2004-06-15 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* WebConfigurationSettings.cs: allow empty <configSections>.