protected override bool AuthorizeCore(HttpContextBase httpContext)
{
var isAuthorized = base.AuthorizeCore(httpContext) && httpContext.User.Identity.IsAuthenticated;
if (!isAuthorized)
{
return(false);
}
var userPermissions = RolesManager.GetUserPermissions(httpContext.User.Identity.Name.ToString());
if (userPermissions != null)
{
string permissions = string.Join("", userPermissions);
return(permissions.Contains(this.AccessLevel));
}
return(false);
}
