public static bool HasAdminPermission(this ControllerBase controller)
{
bool bFound = false;
try
{
//Check if the requesting user has the specified application permission...
bFound = new FreezeDownUser(controller.ControllerContext.HttpContext.User.Identity.Name).HasAdminPermission();
}
catch { }
return(bFound);
}
public static bool HasRole(this ControllerBase controller, string role)
{
bool bFound = false;
try
{
//Check if the requesting user has the specified role...
bFound = new FreezeDownUser(controller.ControllerContext.HttpContext.User.Identity.Name).HasRole(role);
}
catch { }
return(bFound);
}
public static bool HasRoles(this ControllerBase controller, string roles)
{
bool bFound = false;
try
{
//Check if the requesting user has any of the specified roles...
//Make sure you separate the roles using ; (ie "Sales Manager;Sales Operator"
bFound = new FreezeDownUser(controller.ControllerContext.HttpContext.User.Identity.Name).HasRoles(roles);
}
catch { }
return(bFound);
}
public static bool IsSysAdmin(this ControllerBase controller)
{
bool bIsSysAdmin = false;
try
{
string UserName = GetUID();
//Check if the requesting user has the System Administrator privilege...
//bIsSysAdmin = new FreezeDownUser(controller.ControllerContext.HttpContext.User.Identity.Name).IsSysAdmin;
bIsSysAdmin = new FreezeDownUser(UserName).IsSysAdmin;
}
catch (Exception ex)
{ var x = ex.Message; }
return(bIsSysAdmin);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
string UserName = FreezeDown_ExtendedMethods.GetUID();
//Create permission string based on the requested controller name and action name in the format 'controllername-action'
string requiredPermission = String.Format("{0}-{1}", filterContext.ActionDescriptor.ControllerDescriptor.ControllerName, filterContext.ActionDescriptor.ActionName);
//FreezeDownUser requestingUser = new FreezeDownUser(filterContext.RequestContext.HttpContext.User.Identity.Name);
FreezeDownUser requestingUser = new FreezeDownUser(UserName);
//Check if the requesting user has the permission to run the controller's action
if (!requestingUser.HasPermission(requiredPermission) & !requestingUser.IsSysAdmin)
{
//User doesn't have the required permission and is not a SysAdmin, return our custom “401 Unauthorized” access error
//Since we are setting filterContext.Result to contain an ActionResult page, the controller's action will not be run.
//The custom “401 Unauthorized” access error will be returned to the browser in response to the initial request.
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary {
{ "action", "Index" }, { "controller", "Unauthorized" }
});
}
//If the user has the permission to run the controller's action, then filterContext.Result will be uninitialized and
//executing the controller's action is dependant on whether filterContext.Result is uninitialized.
}