protected bool AuthorizeCore(IEmployee _emp, ActionExecutingContext context) { if (string.IsNullOrWhiteSpace(context.HttpContext.User.Identity.Name)) { return(false); } else { if (RoleCode != null && RoleCode.Length > 0) { return(RoleCode.Contains(_emp.RoleCode)); } if (PositionCode != null && PositionCode.Length > 0) { return(PositionCode.Contains(_emp.PositionCode)); } return(_emp.CheckProgramAuthority(_emp.EmpNo, ProgramID)); } }