public void OnAuthorization(AuthorizationFilterContext context)
{
var userIdentity = (ClaimsIdentity)context.HttpContext.User.Identity;
if (!userIdentity.IsAuthenticated)
{
context.Result = new ForbidResult();
return;
}
var claims = userIdentity.Claims;
var roleClaimType = userIdentity.RoleClaimType;
var roles = claims.Where(c => c.Type == ClaimTypes.Role).ToList();
//List<string> skipPermissions = new List<string>() { "Sear"};
//var rolePermissions = _moduleService.GetModulesByCriteria(new List<string>(), roles.Select(x => x.Value).ToList());
if (!_userService.IsPharmixAdmin(context.HttpContext.User.Identity.Name))
{
var permissionKeys = _moduleService.GetAvailablePermissionsByUserName(context.HttpContext.User.Identity.Name);
string pageKey = ConstructPageKey(context);
GetRelaventPermissions(pageKey, ref permissionKeys);
if (!permissionKeys.Contains(pageKey))
{
context.Result = new ForbidResult();
}
//if (!(rolePermissions.Where(x => x.Key.Equals(pageKey) && x.IsHaveAccess).Count() > 0) && !(rolePermissions.Where(x => x.Key.Equals(pageKey)).Count() <= 0))
//{
// //Shos access denied
// context.Result = new ForbidResult();
// //Redirect to login page
// //context.Result = new RedirectToRouteResult(new
// // RouteValueDictionary(new { controller = "Account", action = "Login"}));
//}
}
}