public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
if (filterContext == null)
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(
new { controller = "Auth", action = "Authenticate" }));
return;
}
PmcsUserPrincipal user = filterContext.HttpContext.User as PmcsUserPrincipal;
if (user == null)
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(
new { controller = "Auth", action = "Authenticate" }));
return;
}
if (!user.Identity.IsAuthenticated)
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(
new { controller = "Auth", action = "Authenticate" }));
return;
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
if (filterContext != null)
{
PmcsUserPrincipal user = filterContext.HttpContext.User as PmcsUserPrincipal;
if (filterContext.HttpContext.User == null ||
!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(
new { controller = "Auth", action = "index" }));
}
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
FormsAuthentication.SignOut();
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(
new { controller = "Auth", action = "index" }));
}
//if(filterContext.HttpContext.User != null
// && !((PmcsUserPrincipal)filterContext.HttpContext.User).IsAdministrator)
//{
//}
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
if (filterContext == null)
{
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" }));
}
if (filterContext.HttpContext.User == null)
{
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" }));
}
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" }));
}
var actionName = filterContext.ActionDescriptor.ActionName;
var controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
PmcsUserPrincipal principal = filterContext.HttpContext.User as PmcsUserPrincipal;
var sheet = authService.GetUserMappingsSheet(principal.UserId);
bool canAccess;
if (principal.IsAdministrator)
{
canAccess = true;
}
else
{
canAccess = UserRoleViewAccessAuthenticator.CanAccessResource(modulesService, rolesService, authService, sheet, controllerName, actionName);
}
if (actionName.ToLower() == "dashboard" && controllerName.ToLower() == "dashboards")
{
canAccess = true;
}
if (!canAccess)
{
filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "StatusCodes", action = "NotAuthorized401" }));
}
}
