public static bool IsAccessAllowed(string Controller, string Action, CustomPrincipal User, string IP, ActivityType activity)
        {
            IMenuService menuService = UnityConfigurator.GetConfiguredContainer().Resolve<IMenuService>();

            if (User != null)
            {
                //default controller for all user
                if (Controller.ToLower().Contains("account") || Controller.ToLower().Contains("home"))
                {
                    return true;
                }
                else
                {
                    bool allowed = false;
                    //check if user have access to controller
                    //ensure that 1 form/modul = 1 controller
                    allowed = menuService.isAccessAllowed(Controller, User.RoleId);

                    //if activity type is supplied, check the activity permission too
                    if (activity != ActivityType.None)
                    {
                        allowed = allowed && menuService.isAccessAllowed(Controller, activity.ToString(), User.RoleId);
                    }

                    return allowed;
                }
            }
            else
            {
                return false;
            }
        }
Beispiel #2
0
        protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
        {
            HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];

            if (authCookie != null)
            {
                FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

                JavaScriptSerializer serializer = new JavaScriptSerializer();

                CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);

                CustomPrincipal newUser = new CustomPrincipal(authTicket.Name)
                {
                    UserId = serializeModel.UserId,
                    EmpId = serializeModel.EmpId,
                    UserName = serializeModel.UserName,
                    FullName = serializeModel.FullName,
                    RoleId = serializeModel.RoleId,
                    RoleCode = serializeModel.RoleCode,
                    RoleName = serializeModel.RoleName,
                    Culture = serializeModel.Culture
                };

                UserContext userContext = new UserContext()
                {
                    FullName = serializeModel.FullName,
                    UserName = serializeModel.UserName,
                    UserId = serializeModel.UserId
                };

                HttpContext.Current.User = newUser;
                UserContextThreadLocal.Value = userContext;

            }
        }