/*
* public static void LoadSecurityAccess()
* {
* using (OGDBEntities db = new OGDBEntities())
* {
* long? ROLE_NO = null;
* List<SET_ROLE_ACTION> per_list = new List<SET_ROLE_ACTION>();
* try
* {
* ROLE_NO = long.Parse(HttpContext.Current.Session["ROLE_NO"].ToString());
* }
* catch (Exception ex)
* {
* }
*
* if (ROLE_NO.HasValue)
* {
* var rd = HttpContext.Current.Request.RequestContext.RouteData;
*
* string controller_name = rd.GetRequiredString("controller").Trim();
* string action_name = rd.GetRequiredString("action").Trim();
*
* per_list = db.SET_ROLE_ACTION.Where(a => (a.ROLE_NO == ROLE_NO.Value)).ToList();
*
* }
* }
* }
*/
private static bool IsAllowed()
{
using (OGDBEntities db = new OGDBEntities())
{
long?ROLE_NO = null;
try
{
ROLE_NO = long.Parse(HttpContext.Current.Session["ROLE_NO"].ToString());
}
catch (Exception ex)
{
}
if (ROLE_NO.HasValue)
{
var rd = HttpContext.Current.Request.RequestContext.RouteData;
string controller_name = rd.GetRequiredString("controller").Trim();
string action_name = rd.GetRequiredString("action").Trim();
SET_ROLE_ACTION per = db.SET_ROLE_ACTION
.Where(a => a.ROLE_NO == ROLE_NO.Value).FirstOrDefault();
}
return(false);
}
}
public ActionResult Permissions(long id = 0)
{
SET_ROLE role = db.SET_ROLE.Where(a => a.ROLE_NO == id).FirstOrDefault();
ViewBag.ROLE_NAME = role.ROLE_NAME;
List <GEN_CONTROLLER_ACTION> controllerList = db.GEN_CONTROLLER_ACTION
.Where(a => a.IS_ACTIVE == 1 && a.IS_AUTO_INCLUDE == 0 && a.PARENT_ACTION_NO == null &&
(a.IS_PUBLIC == null || a.IS_PUBLIC == 0))
.OrderBy(a => a.ACTION_NAME).OrderBy(a => a.CONTROLLER_NAME)
.ToList();
List <SET_ROLE_ACTION> permit_list = db.SET_ROLE_ACTION.Where(a => a.ROLE_NO == id).ToList();
foreach (var item in controllerList)
{
SET_ROLE_ACTION actionPerm = (from p in permit_list
where p.ACTION_NO == item.ACTION_NO
select p).FirstOrDefault();
if (actionPerm == null)
{
item.IS_ACTIVE = 0;
}
else
{
item.IS_ACTIVE = actionPerm.IS_ACTIVE;
}
}
ViewBag.controllerList = controllerList;
ViewBag.userType = id;
TempData["USER_ROLE"] = id;
TempData.Keep();
return(View());
}
public ActionResult Permissions(SET_ROLE_ACTION[] permissions)
{
decimal?USER_NO = Session["sess_USER_NO"] as decimal?;
decimal?LOGON_NO = Session["sess_LOGON_NO"] as decimal?;
SET_ROLE_ACTION permission = permissions.FirstOrDefault();
if (permission != null)
{
List <GEN_CONTROLLER_ACTION> allowedControllerList = db.GEN_CONTROLLER_ACTION
.Where(a => a.IS_ACTIVE == 1 && (a.IS_AUTO_INCLUDE == 1 || a.IS_PUBLIC == 1)).ToList();
foreach (var allowed in allowedControllerList)
{
SET_ROLE_ACTION allowedRecord = db.SET_ROLE_ACTION.
Where(a => a.ACTION_NO == allowed.ACTION_NO && a.ROLE_NO == permission.ROLE_NO).
FirstOrDefault();
if (allowedRecord == null)
{
db.SET_ROLE_ACTION_INSERT(USER_NO, LOGON_NO, permission.ROLE_NO,
allowed.ACTION_NO, 1, "Automatically Allowed");
}
}
}
foreach (var perm in permissions)
{
SET_ROLE_ACTION record = db.SET_ROLE_ACTION.
Where(a => a.ACTION_NO == perm.ACTION_NO && a.ROLE_NO == perm.ROLE_NO).
FirstOrDefault();
if (record == null)
{
SET_ROLE_ACTION rolac = new SET_ROLE_ACTION();
rolac.ACTION_NO = perm.ACTION_NO;
rolac.ROLE_NO = perm.ROLE_NO;
rolac.IS_ACTIVE = perm.IS_ACTIVE;
//db.GEN_USERS_PERMISSIONS.Add(gen_user_permission);
db.SET_ROLE_ACTION_INSERT(USER_NO, LOGON_NO, rolac.ROLE_NO, rolac.ACTION_NO,
rolac.IS_ACTIVE, rolac.DETAILS);
}
else
{
record.IS_ACTIVE = perm.IS_ACTIVE;
//db.Entry(record).State = EntityState.Modified;
db.SET_ROLE_ACTION_UPDATE(record.ROLE_ACTION_NO, USER_NO, LOGON_NO, record.ROLE_NO,
record.ACTION_NO, record.IS_ACTIVE, record.DETAILS);
}
List <GEN_CONTROLLER_ACTION> childActions = db.GEN_CONTROLLER_ACTION
.Where(a => a.PARENT_ACTION_NO == perm.ACTION_NO).ToList();
foreach (var child in childActions)
{
SET_ROLE_ACTION childRecord = db.SET_ROLE_ACTION.
Where(a => a.ACTION_NO == child.ACTION_NO && a.ROLE_NO == perm.ROLE_NO).
FirstOrDefault();
if (childRecord == null)
{
db.SET_ROLE_ACTION_INSERT(USER_NO, LOGON_NO, perm.ROLE_NO, child.ACTION_NO,
perm.IS_ACTIVE, "Child Perms");
}
else
{
db.SET_ROLE_ACTION_UPDATE(childRecord.ROLE_ACTION_NO, USER_NO, LOGON_NO, perm.ROLE_NO,
childRecord.ACTION_NO, perm.IS_ACTIVE, "Child Perms");
}
}
}
ViewBag.userRole = TempData.Peek("USER_ROLE");
decimal userRole = ViewBag.userRole;
SET_ROLE role = db.SET_ROLE.Where(a => a.ROLE_NO == userRole).FirstOrDefault();
ViewBag.ROLE_NAME = role.ROLE_NAME;
//db.SaveChanges();
List <GEN_CONTROLLER_ACTION> controllerList = db.GEN_CONTROLLER_ACTION
.Where(a => a.IS_ACTIVE == 1 && a.IS_AUTO_INCLUDE == 0 && a.PARENT_ACTION_NO == null &&
(a.IS_PUBLIC == null || a.IS_PUBLIC == 0))
.OrderBy(a => a.ACTION_NAME).OrderBy(a => a.CONTROLLER_NAME)
.ToList();
ViewBag.controllerList = controllerList;
return(View());
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
using (OGDBEntities db = new OGDBEntities())
{
HttpBrowserCapabilitiesBase browser = httpContext.Request.Browser;
string controllerName = httpContext.Request.RequestContext.RouteData.GetRequiredString("controller").Trim();
string actionName = httpContext.Request.RequestContext.RouteData.GetRequiredString("action").Trim();
List <GEN_CONTROLLER_ACTION> public_list = httpContext.Session["sess_PUBLIC_LIST"] as List <GEN_CONTROLLER_ACTION>;
if (public_list == null)
{
public_list = db.GEN_CONTROLLER_ACTION.Where(a => (a.IS_ACTIVE == 1) && (a.IS_PUBLIC == 1)).ToList();
httpContext.Session["sess_PUBLIC_LIST"] = public_list;
}
GEN_CONTROLLER_ACTION public_allow = public_list.Where(a =>
(a.CONTROLLER_NAME.Trim().ToUpper() == controllerName.Trim().ToUpper()) &&
(a.ACTION_NAME.Trim().ToUpper() == actionName.Trim().ToUpper())
).FirstOrDefault();
if (public_allow != null)
{
return(true);
}
SEC_USERS_LOGIN_Result1 user = httpContext.Session["sess_sec_users"] as SEC_USERS_LOGIN_Result1;
if (user != null && user.USER_TYPE_NO == (decimal)EUserTypes.GeneralUser)
{
List <SET_USER_ACTION> perm_list = httpContext.Session["sess_PERMISSION_LIST"] as List <SET_USER_ACTION>;
if (perm_list == null)
{
perm_list = db.SET_USER_ACTION.Include(a => a.GEN_CONTROLLER_ACTION)
.Where(a => a.USER_NO == user.USER_NO).ToList();
httpContext.Session["sess_PERMISSION_LIST"] = perm_list;
}
if ((perm_list == null) || (perm_list.Count == 0))
{
return(false);
}
else
{
SET_USER_ACTION action_allow = perm_list.Where(a =>
(a.GEN_CONTROLLER_ACTION.CONTROLLER_NAME.Trim().ToUpper() == controllerName.Trim().ToUpper()) &&
(a.GEN_CONTROLLER_ACTION.ACTION_NAME.Trim().ToUpper() == actionName.Trim().ToUpper())
/*&& (a.IS_ALLOWED == 1)*/).FirstOrDefault();
if (action_allow != null)
{
return(true);
}
}
}
else
{
List <SET_ROLE_ACTION> perm_list = httpContext.Session["sess_PERMISSION_LIST"] as List <SET_ROLE_ACTION>;
long?role_no = null;
if (httpContext.Session["ROLE_NO"] != null)
{
role_no = long.Parse(httpContext.Session["ROLE_NO"].ToString());
}
if (role_no == null)
{
//userType = (long)UserTypes.Public;
return(false);
}
if (perm_list == null)
{
perm_list = db.SET_ROLE_ACTION.Include(a => a.GEN_CONTROLLER_ACTION)
.Where(a => a.ROLE_NO == role_no).ToList();
httpContext.Session["sess_PERMISSION_LIST"] = perm_list;
}
if ((perm_list == null) || (perm_list.Count == 0))
{
return(false);
}
else
{
SET_ROLE_ACTION action_allow = perm_list.Where(a =>
(a.GEN_CONTROLLER_ACTION.CONTROLLER_NAME.Trim().ToUpper() == controllerName.Trim().ToUpper()) &&
(a.GEN_CONTROLLER_ACTION.ACTION_NAME.Trim().ToUpper() == actionName.Trim().ToUpper())
/*&& (a.IS_ALLOWED == 1)*/).FirstOrDefault();
if (action_allow != null)
{
return(true);
}
}
}
return(base.AuthorizeCore(httpContext));
}
}