public IHttpActionResult GetCurrentUser() { try { var userPrincipal = new ClaimsPrincipal(User); var accountName = userPrincipal.Claims.FirstOrDefault(f => f.Type == ClaimTypes.Name).Value; accountName = accountName.ToLower().Replace("willmottdixon\\", string.Empty); var user = _user.GetUserByAdAccount(accountName); if (user == null) //User does not Admin have permissions { user = _user.GetAdDetailsByAccountName(accountName); var userViewModel = new CurrentUserViewModel { EmailAddress = user.Email, Forename = user.Forename, Surname = user.Surname, DisplayName = user.DisplayName, IsAdmin = false, Username = user.UserName }; return(Ok(userViewModel)); } var userRoles = _user.GetUserRoles(user.Id).ToList(); var adminViewModel = new CurrentUserViewModel { Id = user.Id, EmailAddress = user.Email, Forename = user.Forename, Surname = user.Surname, DisplayName = (_user.GetAdDetailsByAccountName(accountName) ?? new ApplicationUser()).DisplayName, IsAdmin = userRoles.Any(a => a.Equals(Roles.Administrator, StringComparison.CurrentCultureIgnoreCase)), Roles = userRoles, Username = user.UserName }; return(Ok(adminViewModel)); } catch (Exception ex) { return(WebApiErrorHandler.Throw(ex)); } }
public override void OnAuthorization(HttpActionContext actionContext) { var valid = false; var user = _user.GetUserByAdAccount(HttpContext.Current.User.Identity.Name.ToLower().Replace("willmottdixon\\", string.Empty)); if (user != null) { var userRoles = _user.GetUserRoles(user.Id); valid = userRoles.Any(a => a.Equals(Model.Constants.Roles.Administrator)); } if (!valid) { actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden); } }