public static bool IsSysAdmin(this ControllerBase controller)
{
bool IsSysAdmin = false;
try
{
//Check if the requesting user has the System Administrator privilege...
IsSysAdmin = new UserAccessRules(controller.ControllerContext
.HttpContext.User.Identity.Name).IsAdmin;
}
catch { }
return(IsSysAdmin);
}
public static List <int> HasPermission(this ControllerBase controller, int modulecode)
{
List <int> Found = new List <int>();
try
{
//Check if the requesting user has the specified application permission...
Found = new UserAccessRules(controller.ControllerContext
.HttpContext.User.Identity.Name).HasPermission(modulecode);
}
catch { }
return(Found);
}
public static bool HasRole(this ControllerBase controller, int role)
{
bool Found = false;
try
{
//Check if the requesting user has the specified role...
Found = new UserAccessRules(controller.ControllerContext
.HttpContext.User.Identity.Name).HasRole(role);
}
catch { }
return(Found);
}
public static bool HasRoles(this ControllerBase controller, string roles)
{
bool bFound = false;
try
{
//Check if the requesting user has any of the specified roles...
//Make sure you separate the roles using ';' (ie "Sales Manager;Sales Operator")
bFound = new UserAccessRules(controller.ControllerContext
.HttpContext.User.Identity.Name).HasRoles(roles);
}
catch { }
return(bFound);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
int moduleCode = Convert.ToInt32(_moduleCode);
int roleID = Convert.ToInt32(_roleID);
/*Create permission string based on the requested controller
* name and action name in the format 'controllername-action'*/
string requiredPermission = String.Format("{0}_{1}",
filterContext.ActionDescriptor.ControllerDescriptor.ControllerName,
filterContext.ActionDescriptor.ActionName);
/*Create an instance of our custom user authorisation object passing requesting
* user's 'Windows Username' into constructor*/
UserAccessRules requestingUser = new UserAccessRules(filterContext.RequestContext
.HttpContext.User.Identity.Name);
if (HttpContext.Current.Session[PageConstants.SESSION_USER_ID] == null)
{
var context = filterContext.HttpContext;
string redirectTo = "~/Account/Login";
if (!string.IsNullOrEmpty(context.Request.RawUrl))
{
redirectTo = string.Format("~/Account/Login?ReturnUrl={0}",
HttpUtility.UrlEncode(context.Request.RawUrl));
}
filterContext.Controller.ViewBag.ShowPopup = true;
filterContext.Controller.ViewBag.IsSuccess = false;
filterContext.Controller.ViewBag.Message = "There was no activity since last 30 minutes. Your session is expired.";
}
else if (requestingUser.HasPermission(moduleCode) == null & !requestingUser.IsAdmin)
{
/*The custom '401 Unauthorized' access error will be returned to the
* browser in response to the initial request.*/
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary {
{ "action", "UnAuthorizedUser" },
{ "controller", "Account" }
});
}
}
