public override void OnAuthorization(AuthorizationContext filterContext)
{
if (String.IsNullOrEmpty(PermissionName))
{
throw new ApplicationException("No permission supplied");
}
//No authorization if permission is AllowAnonymous
if (String.Equals(PermissionName, "AllowAnonymous", StringComparison.InvariantCultureIgnoreCase))
{
return;
}
WorkContext workContext = filterContext.GetWorkContext();
IAuthorizer authorizer = workContext.Resolve <IAuthorizer>();
Permission permission = new Permission {
Name = PermissionName
};
if (authorizer.Authorize(permission,
new LocalizedString("Access is denied")))
{
return;
}
//Access is denied
filterContext.Result = new HttpUnauthorizedResult();
}
