public static bool hasAccess(IPrincipal user, string action, string controller)
{
PapayaEntities db = new PapayaEntities();
if (user.Identity.Name.Equals("papaya"))
{
return(true);
}
else
{
int groupId = (user.Identity is FormsIdentity) ? int.Parse(((FormsIdentity)user.Identity).Ticket.UserData) : 0;
rs_useracl acl = db.rs_useracl.FirstOrDefault(e => e.GroupId == groupId &&
e.rs_action.Name == action &&
e.FlagActive == true &&
e.rs_action.rs_module.Controller == controller);
if (acl == null)
{
return(false);
}
else
{
return(true);
}
}
}
public ActionResult Manage(FormCollection fc)
{
if (AclHelper.hasAccess(User, currentAction, currentController))
{
int group_id = Convert.ToInt32(fc["group_id"]);
List <int> user_acl = db.rs_useracl.Where(e => e.GroupId == group_id).Select(e => e.UserAclId).ToList();
foreach (var x in user_acl)
{
rs_useracl deleted = db.rs_useracl.Where(e => e.UserAclId == x).SingleOrDefault();
db.rs_useracl.Remove(deleted);
}
if (fc["input"] != null)
{
string[] action_ids = fc["input"].Split(',');
foreach (string action_id in action_ids)
{
rs_useracl rs_useracl = new rs_useracl();
rs_useracl.GroupId = group_id;
rs_useracl.ActionId = Convert.ToInt32(action_id);
rs_useracl.FlagActive = true;
rs_useracl.DateEntry = DateTime.Now;
rs_useracl.UserEntry = User.Identity.Name;
db.rs_useracl.Add(rs_useracl);
}
}
db.SaveChanges();
TempData["Notification"] = NotificationHelper.Inform("ACL has been set for Group ID : " + group_id);
return(RedirectToAction("Index"));
}
else
{
return(RedirectToAction("NotAuthenticated", "Home"));
}
}
