private void SetAuthentications(EmployeesExperiencesViewModel VM)
{
AuthenticationResult Authentication = (AuthenticationResult)Session["Authentication"];
if (Authentication != null && Authentication.User != null && Authentication.User.IsAdmin)
{
VM.HasCreatingAccess
= VM.HasDeletingAccess
= VM.HasUpdatingAccess = true;
}
else
{
GroupsObjects Privilage = Authentication.Privilages.FirstOrDefault(e => e.Object.ObjectID == (int)ObjectsEnum.EmployeesExperiencesManage);
if (Privilage != null)
{
VM.HasCreatingAccess = Privilage.Creating;
VM.HasDeletingAccess = Privilage.Deleting;
VM.HasUpdatingAccess = Privilage.Updating;
}
else
{
VM.HasCreatingAccess
= VM.HasDeletingAccess
= VM.HasUpdatingAccess = false;
}
}
}
public List <VacationsActionsBLL> GetVacationsActions(AuthenticationResult Authentication)
{
try
{
List <VacationsActions> VacationsActionsList = new VacationsActionsDAL().GetVacationsActions();
List <VacationsActionsBLL> VacationsActionsBLLList = new List <VacationsActionsBLL>();
if (Authentication != null && Authentication.User != null && Authentication.User.IsAdmin)
{
foreach (var item in VacationsActionsList)
{
VacationsActionsBLLList.Add(new VacationsActionsBLL()
{
VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName
});
}
}
else
{
foreach (var item in VacationsActionsList)
{
GroupsObjects Privilage = Authentication.Privilages.FirstOrDefault(e => e.Object.ObjectID == (int)ObjectsEnum.HCMVacations);
if (Privilage != null)
{
if (Privilage.Creating && item.VacationActionID == (int)VacationsActionsEnum.Add)
{
VacationsActionsBLLList.Add(new VacationsActionsBLL()
{
VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName
});
}
else if (Privilage.Updating && (item.VacationActionID == (int)VacationsActionsEnum.Extend || item.VacationActionID == (int)VacationsActionsEnum.Break))
{
VacationsActionsBLLList.Add(new VacationsActionsBLL()
{
VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName
});
}
else if (Privilage.Deleting && item.VacationActionID == (int)VacationsActionsEnum.Cancel)
{
VacationsActionsBLLList.Add(new VacationsActionsBLL()
{
VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName
});
}
}
}
}
return(VacationsActionsBLLList);
}
catch (Exception)
{
throw;
}
}
public bool IsCreatePermission(string URL)
{
AuthenticationResult AuthenticationResult = (AuthenticationResult)System.Web.HttpContext.Current.Session["Authentication"];
if (AuthenticationResult.User.IsAdmin)
{
return(true);
}
string ControllerName = UIUtilities.GetControllerName(URL);
string ActionName = UIUtilities.GetActionName(URL);
GroupsObjects Privilage = AuthenticationResult.Privilages.FirstOrDefault(p => p.Object.ObjectURL.Equals("/" + ControllerName + "/" + ActionName));
if (Privilage != null)
{
return(Privilage.Creating);
}
return(false);
}
//protected override bool AuthorizeCore(HttpContextBase httpContext)
//{
//if (System.Web.HttpContext.Current.Session["UserID"] != null)
// return IsAuthorize = true;
//else
// return IsAuthorize = false;
//return base.AuthorizeCore(httpContext);
//}
/*
* Old Code
*
* public override void OnAuthorization(AuthorizationContext filterContext)
* {
* if (System.Web.HttpContext.Current.Session["UserID"] == null)
* {
* RedirectToLogin(filterContext);
* }
* else
* {
* string ControllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
* string ActionName = filterContext.ActionDescriptor.ActionName;
* AuthenticationResult AuthenticationResult = (AuthenticationResult)System.Web.HttpContext.Current.Session["Authentication"];
* if (ControllerName.Equals("Account")) // no need to authorize this controller.
* {
* // to do something
* }
* else if (!AuthenticationResult.User.IsAdmin)
* {
* int flag = 0; //this is for checking if this page was assigned to his groups or not
* if (AuthenticationResult.Groups.Count > 0) // may be the user has authentication but does not have authorization
* {
* GroupsObjects GroupObject = null;
* foreach (var item in AuthenticationResult.Groups)
* {
* if (!ActionName.Equals("Index") && !ActionName.Equals("Edit") && !ActionName.Equals("Delete") && !ActionName.Equals("Create") && !ActionName.Equals("Details"))
* {
* GroupObject = item.Group.Objects.SingleOrDefault(x => x.Object.ObjectURL.Equals("/" + ControllerName + "/" + ActionName));
* if (GroupObject != null)
* {
* flag = 0;
* break;
* }
* else
* flag += 1;
* }
* else
* {
* GroupObject = item.Group.Objects.FirstOrDefault(x => x.Object.ObjectURL.Equals("/" + ControllerName + "/Index"));
* if (GroupObject != null)
* {
* if (ActionName.Equals("Index") || ActionName.Equals("Details")) // that is mean if the user has privilage on index , directly he has privilage on details also
* {
* if (GroupObject.Reading.Equals(false))
* RedirectToNotAuthorized(filterContext);
* else
* {
* flag = 0;
* break;
* }
* }
* else if (ActionName.Equals("Edit"))
* {
* if (GroupObject.Updating.Equals(false))
* RedirectToNotAuthorized(filterContext);
* else
* {
* flag = 0;
* break;
* }
* }
* else if (ActionName.Equals("Delete"))
* {
* if (GroupObject.Deleting.Equals(false))
* RedirectToNotAuthorized(filterContext);
* else
* {
* flag = 0;
* break;
* }
* }
* else if (ActionName.Equals("Create"))
* {
* if (GroupObject.Creating.Equals(false))
* RedirectToNotAuthorized(filterContext);
* else
* {
* flag = 0;
* break;
* }
* }
* else
* RedirectToNotAuthorized(filterContext);
* }
* else
* flag += 1;
* }
* }
* }
* else // that is mean the user does not have authorization
* RedirectToNotAuthorized(filterContext);
*
*
* if (flag > 0) // that's mean that this page was not assigned to his groups
* RedirectToNotAuthorized(filterContext);
* }
* }
*
* // base.OnAuthorization(filterContext);
* }
*
*/
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (System.Web.HttpContext.Current.Session["UserID"] == null || System.Web.HttpContext.Current.Session["UserID"].ToString() == "0")
{
RedirectToLogin(filterContext);
}
else
{
string ControllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string ActionName = filterContext.ActionDescriptor.ActionName;
AuthenticationResult AuthenticationResult = (AuthenticationResult)System.Web.HttpContext.Current.Session["Authentication"];
if (ControllerName.Equals("Account")) // no need to authorize this controller.
{
// to do something
}
else if (!AuthenticationResult.User.IsAdmin)
{
if (AuthenticationResult.Groups.Count > 0) // may be the user has authentication but does not have authorization
{
if (!ActionName.Equals("Index") && !ActionName.Equals("Edit") && !ActionName.Equals("Delete") && !ActionName.Equals("Create") && !ActionName.Equals("Details"))
{
GroupsObjects Privilage = AuthenticationResult.Privilages.FirstOrDefault(p => p.Object.ObjectURL.Equals("/" + ControllerName + "/" + ActionName));
if (Privilage != null)
{
// He has a permission
}
else
{
RedirectToNotAuthorized(filterContext);
}
}
else
{
GroupsObjects Privilage = AuthenticationResult.Privilages.FirstOrDefault(p => p.Object.ObjectURL.Equals("/" + ControllerName + "/Index"));
if (Privilage != null)
{
if (ActionName.Equals("Index") || ActionName.Equals("Details")) // that is mean if the user has privilage on index , directly he has privilage on details also
{
if (Privilage.Reading.Equals(false))
{
RedirectToNotAuthorized(filterContext);
}
else
{
// He has a permission
}
}
else if (ActionName.Equals("Edit"))
{
if (Privilage.Updating.Equals(false))
{
RedirectToNotAuthorized(filterContext);
}
else
{
// He has a permission
}
}
else if (ActionName.Equals("Delete"))
{
if (Privilage.Deleting.Equals(false))
{
RedirectToNotAuthorized(filterContext);
}
else
{
// He has a permission
}
}
else if (ActionName.Equals("Create"))
{
if (Privilage.Creating.Equals(false))
{
RedirectToNotAuthorized(filterContext);
}
else
{
// He has a permission
}
}
else
{
RedirectToNotAuthorized(filterContext);
}
}
else
{
RedirectToNotAuthorized(filterContext);
}
}
//}
}
else // that is mean the user does not have authorization
{
RedirectToNotAuthorized(filterContext);
}
}
}
// base.OnAuthorization(filterContext);
}
