Example #1
0
        /// <summary>
        /// //Load user data and set user role (login User type)
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void Application_AuthenticateRequest(Object sender, EventArgs e)
        {
            if (HttpContext.Current.User != null)
            {
                if (HttpContext.Current.User.Identity.IsAuthenticated)
                {
                    //Load user data and set user role (login User type)
                    if (HttpContext.Current.User.Identity is FormsIdentity)
                    {
                        string   strUserData;
                        UserData objUserData;

                        //1. Get Authentication Data
                        strUserData = WebSecurity.GetAuthData();
                        objUserData = new UserData(strUserData);

                        //2. Check whether user role has been changed(only check administrator)
                        //if changed, signout and redirect to login page
                        if (objUserData.UserType != UserType.User)
                        {
                            UserType enmUserType          = UserType.User;
                            BusinessServices.User objUser = new BusinessServices.User();
                            //try
                            //{
                            int uid = UserContext.UserID;
                            enmUserType = objUser.GetUserType(uid);
                            //}
                            //catch (Exception ex)
                            //{
                            //     throw new ApplicationException("Convert UserID to int32 failed, UserID = '" + UserContext.UserID.ToString() + "'");
                            //}
                            if (enmUserType != objUserData.UserType)
                            {
                                WebSecurity.SignOut();
                            }
                        }

                        //3.Save the user data in the current context
                        UserContext.UserData = objUserData;

                        //4. Set User Roles (Login User type act as user role, they are: SaltAdmin = 1, OrgAdmin = 2, UnitAdmin = 3, User = 4
                        string[] roles = new string[1];
                        roles[0] = UserContext.UserData.UserType.ToString();
                        HttpContext.Current.User = new GenericPrincipal(HttpContext.Current.User.Identity, roles);
                    }
                }
            }
        }