public override void OnActionExecuting(ActionExecutingContext filterContext) { if(filterContext == null) { throw new ArgumentNullException("filterContext"); } var cookies = new CookieManager(filterContext); var users = new UserManager(new DataManager(filterContext.HttpContext)); // only check when we actually have users if(users.GetUserCount() > 0) { User user = users.GetUser(cookies.GetUserToken()); if(user == null) { filterContext.Result = new HttpUnauthorizedResult("U heeft geen toegang."); } else { if(!string.IsNullOrEmpty(Role)) { var prop = user.GetType().GetProperty(Role); if(prop != null && !((bool)prop.GetValue(user))) { filterContext.Result = new HttpUnauthorizedResult("U heeft geen toegang."); } } } } }
internal static void AssignCustomerToRoles(UserManager userManager, RoleManager roleManager, CatalogManager catalogManager, Guid userId, Order order) { using (new ElevatedModeRegion(roleManager)) { bool associationsFound = false; foreach (OrderDetail detail in order.Details) { var product = catalogManager.GetProduct(detail.ProductId); if (product.AssociateBuyerWithRole != Guid.Empty) { var user = userManager.GetUser(userId); try { var role = roleManager.GetRole(product.AssociateBuyerWithRole); roleManager.AddUserToRole(user, role); associationsFound = true; } catch (ItemNotFoundException) { // skip over the role if it no longer exists } } } if (associationsFound) { roleManager.SaveChanges(); } } }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { Data = new DataManager(filterContext.HttpContext); Mailer = new SiteMailer(); Mailer.EmailLogoPath = filterContext.HttpContext.Server.MapPath("~/email-logo.png"); Cookies = new CookieManager(this); Users = new UserManager(Data); base.OnActionExecuting(filterContext); if(filterContext.HttpContext.Request.HttpMethod.Equals("GET", StringComparison.InvariantCultureIgnoreCase) && !filterContext.HttpContext.Request.IsSecureConnection && Cookies.UseHttps()) { string url = Environment.GetAbsoluteDomain(true) + filterContext.HttpContext.Request.RawUrl; filterContext.Result = new RedirectResult(url); } else { UserToken token = Cookies.GetUserToken(); User user = Users.GetUser(token); ViewBag.CurrentUser = CurrentUser = user; /* Set user context for API calls */ if(CurrentUser == null) { var apiToken = new HeaderManager().GetApiToken(Request.Headers); ViewBag.CurrentUser = CurrentUser = Users.GetApiUser(apiToken); } ViewBag.Message = Cookies.GetMessage(); Cookies.ClearMessage(); if(CurrentUser == null || !CurrentUser.EnableProfiler) { MiniProfiler.Stop(true); } else { ViewBag.IncludeProfiler = true; } } }