public override void OnAuthorization(AuthorizationContext filterContext)
{
if (!filterContext.IsChildAction)
{
if (!filterContext.HasAttribute(typeof(AllowAnonymousAttribute)))
{
string area = filterContext.RouteData.DataTokens["area"] != null ? filterContext.RouteData.DataTokens["area"].ToString().ToLower() : "";
string controller = filterContext.RouteData.Values["controller"].ToString().ToLower();
string action = filterContext.RouteData.Values["action"].ToString().ToLower();
string returnUrl = filterContext.RequestContext.HttpContext.Request.Url.AbsoluteUri;
var username = HttpContext.Current.Session[SessionConstant.userid];
if (username == null)
{
// Redirect to Login Page
FormsAuthentication.SignOut();
HttpContext.Current.Session[SessionConstant.SessionPreviousUrl] = filterContext.HttpContext.Request.Url;
filterContext.RedirectToLogin();
}
else //nếu đang còn session
{
string method = HttpContext.Current.Request.HttpMethod;
bool check = HDBH.Lib.Library.checkAction(area, controller, action, HttpContext.Current.Request.HttpMethod);
if (!check)
{
bool isAllowAccess = false;
string currentUrl = "/" + area + "/" + controller + "/" + action;
var lsUserPermission = _cached.Get <List <UserLoginPermission> >(CachedKey.loginModuleKeyCache + RDAuthorize.UserId);
if (lsUserPermission != null && lsUserPermission.Any())
{
isAllowAccess = lsUserPermission.Any(x => PermissionIDs.Contains(x.permissionCode.ToUpper().Trim()));
}
else
{
filterContext.RedirectToLogin();
}
if (!isAllowAccess)
{
HDBH.Log.WriteLog.Error("Permission => " + currentUrl + " - User: " + RDAuthorize.UserId, null);
filterContext.RedirectTo403();
}
}
}
}
}
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.HasAttribute(typeof(AllowAnonymousAttribute)))
{
return;
}
var username = HttpContext.Current.Session[SessionConstant.userid];
if (username == null)
{
filterContext.RedirectToLogin();
}
else
{
if (filterContext.NonCheckAction())
{
return;
}
}
}
