protected BaseController() { NewsService = new NewsRepository(); NewsGroupService = new NewsGroupRepository(); AccountService = new AccountRepository(); ContactService = new ContactRepository(); ProductTypeService = new Respository.ProductTypeRepository(); SiteConfigService = new SiteConfigRespository(); EmailConfigService = new EmailConfigRepository(); MenuConfigService = new MenuConfigRespository(); ProductBrandService = new ProductBrandRespository(); ProductManufacturerService = new ProductManufacturerRespository(); ProductDistributorService = new ProductDistributorRespository(); ProductStoreService = new StoreRespository(); UnitService = new UnitRespository(); ColorService = new ColorRespository(); CountryService = new CountryRespository(); SizeService = new SizeRespository(); ProductAttributeService = new ProductAttributeRespository(); ProductImageService = new ProductImageRespository(); UserService = new UserRespository(); RoleService = new RoleRespository(); PermissionService = new PermissionRespository(); ProductSizeService = new ProductSizeRespository(); ProductColorService = new ProductColorRespository(); ProductSaleOffService = new ProductSaleOffRespository(); ProductService = new ProductRespository(); AdminAccountService = new AdminRespository(); BannerService = new BannerRespository(); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var currentUser = filterContext.HttpContext.User as CustomPrincipal; if (currentUser == null) { return; } var controller = filterContext.RouteData.Values["controller"].ToString(); //Bo qua cac controller co CheckGroupPermissionAttribute va HasCheckPermission = false var checkGroupPermission = (CheckGroupPermissionAttribute)filterContext.Controller.GetType().GetCustomAttributes(typeof(CheckGroupPermissionAttribute), false) .FirstOrDefault(); if (checkGroupPermission != null && checkGroupPermission.HasCheckPermission == false) { return; } //Bo qua cac action co SkipCheckPermissionAttribute va SkipCheckPermission = true var skipCheckPermission = (SkipCheckPermissionAttribute)filterContext.ActionDescriptor.GetCustomAttributes(typeof(SkipCheckPermissionAttribute), true).FirstOrDefault(); if (skipCheckPermission != null && skipCheckPermission.SkipCheckPermission) { return; } //Bo qua cac action khong co CheckPermissionAttribute var checkPermission = (CheckPermissionAttribute)filterContext.ActionDescriptor.GetCustomAttributes(typeof(CheckPermissionAttribute), true).FirstOrDefault(); if (checkPermission == null) { return; } var permissionService = new PermissionRespository(); var permission = permissionService.GetPermissionValueByGroupAndRole(controller + "Permission", currentUser.RoleId); if (((int)Math.Pow(2, checkPermission.Index) & permission) == 0) { filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Error", action = "AccessDenied" })); } base.OnActionExecuting(filterContext); }