public ActionResult AddRole(M_PersonelRoles Role, List <string> Permissions)
{
object result = "";
try
{
B_PersonelRoles bPersonelRole = new B_PersonelRoles();
B_PersonelRoleValues bPersonelRoleValue = new B_PersonelRoleValues();
Role = bPersonelRole.Add(Role);
if (!Role.HasFullControl)
{
foreach (var li in Permissions)
{
bPersonelRoleValue.Add(new M_PersonelRoleValues
{
AccessName = li,
PersonelRoleId = Role.Id
});
}
}
result = "Success";
}
catch (Exception ex)
{
M_SystemLog exx = new M_SystemLog(E_SystemType.SHAHRDARI_WEB_APPLICATION, E_LogType.ERROR, ex);
result = "Error";
if (ex.Source == E_LogType.SYSTEM_ERROR.ToString())
{
exx.LogType = E_LogType.SYSTEM_ERROR;
result = exx;
}
L_Log.SubmitLog(exx);
}
return(Json(result));
}
public ActionResult ModifyRole(int Id)
{
ViewBag.Route = new List <MFRoute>
{
new MFRoute {
ActionName = "Roles", ControllerName = "Personels", Title = "لیست نقش ها", Priority = 1
}
};
B_PersonelRoles bRole = new B_PersonelRoles();
var role = bRole.GetPersonelRoles(Id);
if (role == null)
{
return(RedirectToAction("Roles"));
}
B_PersonelRoleValues bRoleVal = new B_PersonelRoleValues();
ViewBag.RoleValue = bRoleVal.GetPersonelRoleValues(Id);
ViewBag.Actions = getActions();
return(View(role));
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
M_Personels user = null;
M_PersonelRoles role = null;
List <M_PersonelRoleValues> roleValue = null;
if (filterContext.HttpContext.Request.Cookies[MFCookies.USER_KEY] != null)
{
string key = filterContext.HttpContext.Request.Cookies[MFCookies.USER_KEY].Value;
B_Personels ub = new B_Personels();
try
{
user = ub.GetPersonels(key);
}
catch { }
if (user == null)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Login", action = "Index", area = "Admin" }));
filterContext.Result.ExecuteResult(filterContext.Controller.ControllerContext);
}
else
{
B_PersonelRoles ru = new B_PersonelRoles();
role = ru.GetPersonelRoles(user.PersonelRoleId);
if (role == null)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Dashboard", action = "NoPermission", area = "Admin" }));
filterContext.Result.ExecuteResult(filterContext.Controller.ControllerContext);
}
if (role.HasFullControl == true)
{
return;
}
B_PersonelRoleValues bRoleValue = new B_PersonelRoleValues();
roleValue = bRoleValue.GetPersonelRoleValues(role.Id);
if (roleValue == null || roleValue.Count == 0)
{
if (role == null)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Dashboard", action = "NoPermission", area = "Admin" }));
filterContext.Result.ExecuteResult(filterContext.Controller.ControllerContext);
}
}
var rd = filterContext.HttpContext.Request.RequestContext.RouteData;
string currentAction = rd.GetRequiredString("action");
string currentController = rd.GetRequiredString("controller") + "Controller";
Assembly asm = Assembly.GetAssembly(typeof(Global));
var action = asm.GetTypes()
.Where(type => typeof(System.Web.Mvc.Controller).IsAssignableFrom(type) && type.Namespace.Contains("Shahrdari.WebApplication.Areas.Admin.Controllers"))
.SelectMany(type => type.GetMethods(BindingFlags.Instance | BindingFlags.DeclaredOnly | BindingFlags.Public))
.Where(m => !m.GetCustomAttributes(typeof(System.Runtime.CompilerServices.CompilerGeneratedAttribute), true).Any() &&
m.DeclaringType.Name == currentController && m.Name == currentAction)
.Select(x => new { Attributes = x.GetCustomAttributes().ToList() }).FirstOrDefault();
if (action != null && action.Attributes.Where(c => c.GetType().Name.ToUpper().IndexOf("HTTPPOST") != -1).Count() > 0)
{
return;
}
if (roleValue.Where(c => c.AccessName.ToUpper() == (currentController + " | " + currentAction).ToUpper()).Count() == 0)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Dashboard", action = "NoPermission", area = "Admin" }));
filterContext.Result.ExecuteResult(filterContext.Controller.ControllerContext);
}
}
}
else
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Login", action = "Index", area = "Admin" }));
filterContext.Result.ExecuteResult(filterContext.Controller.ControllerContext);
}
}