/// <summary>
/// //Load user data and set user role (login User type)
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
//Load user data and set user role (login User type)
if (HttpContext.Current.User.Identity is FormsIdentity)
{
string strUserData;
UserData objUserData;
//1. Get Authentication Data
strUserData = WebSecurity.GetAuthData();
objUserData = new UserData(strUserData);
//2. Check whether user role has been changed(only check administrator)
//if changed, signout and redirect to login page
if (objUserData.UserType != UserType.User)
{
UserType enmUserType = UserType.User;
BusinessServices.User objUser = new BusinessServices.User();
//try
//{
int uid = UserContext.UserID;
enmUserType = objUser.GetUserType(uid);
//}
//catch (Exception ex)
//{
// throw new ApplicationException("Convert UserID to int32 failed, UserID = '" + UserContext.UserID.ToString() + "'");
//}
if (enmUserType != objUserData.UserType)
{
WebSecurity.SignOut();
}
}
//3.Save the user data in the current context
UserContext.UserData = objUserData;
//4. Set User Roles (Login User type act as user role, they are: SaltAdmin = 1, OrgAdmin = 2, UnitAdmin = 3, User = 4
string[] roles = new string[1];
roles[0] = UserContext.UserData.UserType.ToString();
HttpContext.Current.User = new GenericPrincipal(HttpContext.Current.User.Identity, roles);
}
}
}
}
