Exemple #1
0
        public JsonResult savePermission(ModelViewPermission model)
        {
            //if (!FachadaSeguridad.Autorizado(HttpContext.User.Identity.Name, "/Usuario/Index", AuditoriaAccion.Actualizar))
            //    return Json("Unauthorized");
            FacadePermission.Update(model);

            return(Json("{ Result: 'Success'}"));
        }
Exemple #2
0
        public ActionResult GetAllList_Permission([DataSourceRequest] DataSourceRequest request, int ProfileID)
        {
            // if (!FachadaSeguridad.Autorizado(HttpContext.User.Identity.Name, "/Usuario/Index", AuditoriaAccion.Lectura))
            //     throw new Exception("Sin acceso");

            var ls = FacadePermission.GetAll(ProfileID);

            return(Json(ls.ToDataSourceResult(request), JsonRequestBehavior.DenyGet));
        }
Exemple #3
0
        public override void OnAuthorization(AuthorizationContext filterContext)


        {
            //filterContext.RequestContext.HttpContext.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

            var UserToken = filterContext.RequestContext.HttpContext.Request.Cookies["ServiPlus"];

            if (UserToken == null)

            {
                filterContext.Result = new RedirectResult("/Security/Index");
            }

            else
            {
                var usrData = FacadeUsers.GetUserByToken(UserToken.Values["TokenUser"]);

                var ruta = filterContext.HttpContext.Request.Url.AbsolutePath;
                if (ruta == "/")
                {
                    ruta = "/Home/Index";
                }

                var access = (from a in FacadeModule.GetAll().Where(p => p.URL == ruta)
                              join b in FacadePermission.GetAll(usrData.ProfileID) on a.ModuleID equals b.ModuleID
                              select new ModelViewPermission
                {
                    ModuleID = a.ModuleID,
                    ProfileID = b.ProfileID,
                    Module = a.Module,
                    URL = a.URL,
                    Access = b.Access
                }).First();

                if (!access.Access)
                {
                    filterContext.Result = new RedirectResult("/Security/Error");
                }
                else
                {
                    if (usrData == null)
                    {
                        filterContext.Result = new RedirectResult("/Security/Index");
                    }
                    filterContext.Controller.ViewBag.Profile = FacadeProfile.GetAll().Where(p => p.ProfileID == usrData.ProfileID).Single().Profile;
                    filterContext.Controller.ViewBag.User    = usrData.Name;
                    filterContext.Controller.ViewBag.Module  = "Global";
                }

                //if (usrData == null) filterContext.Result = new RedirectResult("/Security/Index");
                //filterContext.Controller.ViewBag.Profile = FacadeProfile.GetAll().Where(p => p.ProfileID == usrData.ProfileID).Single().Profile;
                //filterContext.Controller.ViewBag.User = usrData.Name;
                //filterContext.Controller.ViewBag.Module = "Global";
            }
        }