/// <summary> /// Check for user Cookie /// and fill the settion by /// the current user ata if he has valid cookie. /// </summary> /// <returns></returns> public bool CheckCookie() { bool result = false; if (HttpContext.Current.Request.Cookies["UserData"] != null) { string userName = QvLib.Security.DataProtection.Decrypt(HttpContext.Current.Request.Cookies["UserData"]["userName"]); string password = HttpContext.Current.Request.Cookies["UserData"]["password"]; QvLib.Identity.LogIn(userName, QvLib.Security.DataProtection.Decrypt(password), false); var user = new EDLQ_AppEntities().CU_Employee.AsQueryable().Where(e => e.LoginName == userName && e.Password == password).FirstOrDefault(); if (user != null) { var userData = new Security.UserData { userId = user.ID, userName = user.LoginName, password = user.Password }; // fill session MvcApplication.UserData = userData; result = true; } } return(result); }
/// <summary> /// check the user permission over all actions /// of passed controller. /// </summary> /// <param name="strController"></param> private void GetPermission(string controller, string action = "") { string page = controller + (string.IsNullOrEmpty(action) ? "/" + action : ""); EDLQ_AppEntities edm = new EDLQ_AppEntities(); Permission = new Dictionary <QVEnterprise.ActionType, bool>(); Permission = new QVEnterprise.ActionSecurity(page).Permission; }