protected override void OnAuthorization(AuthorizationContext filterContext)
{
var httpContext = filterContext.HttpContext;
if (httpContext.Request.RequestType == "GET" &&
!httpContext.Request.IsAjaxRequest() &&
filterContext.IsChildAction == false) // do no overwrite if we do child action.
{
HttpContext.Session["PrevUrl"] = HttpContext.Session["CurUrl"] ?? httpContext.Request.Url;
HttpContext.Session["CurUrl"] = httpContext.Request.Url;
}
if (filterContext.HttpContext.User.Identity.IsAuthenticated)
{
var controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
var actionName = filterContext.ActionDescriptor.ActionName;
var claims = (ClaimsIdentity)filterContext.HttpContext.User.Identity;
var model = new ActionFilterModel
{
ID = claims.Claims.First(m => m.Type == ClaimTypes.Role).Value,
Action = actionName,
Controller = controllerName + "Controller"
};
var res = new AuthorizationRepository();
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
if (res.CheckAuthorized(model))
{
return;
}
var result = new ViewResult {
ViewName = "NoAccess"
};
filterContext.Result = result;
}
else
{
filterContext.Result = new RedirectToRouteResult(
new System.Web.Routing.RouteValueDictionary {
{ "controller", "Anonymous" }, { "action", "Login" }
}
);
}
}
public bool CheckAuthorized(ActionFilterModel model)
{
if (model == null)
{
return(false);
}
try
{
var item = (from u in
_db.SysRoleMapping
where
u.RoleId.ToString() == model.ID && u.ControllerId == model.Controller &&
u.ActionId == model.Action
select u).FirstOrDefault();
return(item != null && item.IsAllow);
}
catch (Exception ex)
{
LogHelper.Error("AuthorizationRepository:CheckAuthorized: " + ex.Message + " Inner Exception: " + ex.InnerException.Message);
return(false);
}
}
