protected BaseController()
{
NewsService = new NewsRepository();
NewsGroupService = new NewsGroupRepository();
AccountService = new AccountRepository();
ContactService = new ContactRepository();
ProductTypeService = new Respository.ProductTypeRepository();
SiteConfigService = new SiteConfigRespository();
EmailConfigService = new EmailConfigRepository();
MenuConfigService = new MenuConfigRespository();
ProductBrandService = new ProductBrandRespository();
ProductManufacturerService = new ProductManufacturerRespository();
ProductDistributorService = new ProductDistributorRespository();
ProductStoreService = new StoreRespository();
UnitService = new UnitRespository();
ColorService = new ColorRespository();
CountryService = new CountryRespository();
SizeService = new SizeRespository();
ProductAttributeService = new ProductAttributeRespository();
ProductImageService = new ProductImageRespository();
UserService = new UserRespository();
RoleService = new RoleRespository();
PermissionService = new PermissionRespository();
ProductSizeService = new ProductSizeRespository();
ProductColorService = new ProductColorRespository();
ProductSaleOffService = new ProductSaleOffRespository();
ProductService = new ProductRespository();
AdminAccountService = new AdminRespository();
BannerService = new BannerRespository();
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var currentUser = filterContext.HttpContext.User as CustomPrincipal;
if (currentUser == null)
{
return;
}
var controller = filterContext.RouteData.Values["controller"].ToString();
//Bo qua cac controller co CheckGroupPermissionAttribute va HasCheckPermission = false
var checkGroupPermission = (CheckGroupPermissionAttribute)filterContext.Controller.GetType().GetCustomAttributes(typeof(CheckGroupPermissionAttribute), false)
.FirstOrDefault();
if (checkGroupPermission != null && checkGroupPermission.HasCheckPermission == false)
{
return;
}
//Bo qua cac action co SkipCheckPermissionAttribute va SkipCheckPermission = true
var skipCheckPermission = (SkipCheckPermissionAttribute)filterContext.ActionDescriptor.GetCustomAttributes(typeof(SkipCheckPermissionAttribute), true).FirstOrDefault();
if (skipCheckPermission != null && skipCheckPermission.SkipCheckPermission)
{
return;
}
//Bo qua cac action khong co CheckPermissionAttribute
var checkPermission = (CheckPermissionAttribute)filterContext.ActionDescriptor.GetCustomAttributes(typeof(CheckPermissionAttribute), true).FirstOrDefault();
if (checkPermission == null)
{
return;
}
var permissionService = new PermissionRespository();
var permission = permissionService.GetPermissionValueByGroupAndRole(controller + "Permission", currentUser.RoleId);
if (((int)Math.Pow(2, checkPermission.Index) & permission) == 0)
{
filterContext.Result = new RedirectToRouteResult(new
RouteValueDictionary(new { controller = "Error", action = "AccessDenied" }));
}
base.OnActionExecuting(filterContext);
}
