public void OnAuthorization(AuthorizationFilterContext context) { var userId = int.Parse(context.HttpContext.Request.Headers["userId"][0]); // assume from the database for user with [userId]: Models.InformationRequestDto informationRequestDto = new Models.InformationRequestDto() { AccessLevel = Enumerations.AccessLevel.Unknown, StartTime = new DateTime(2000, 1, 1), EndTime = new DateTime(3000, 12, 1), //or new DateTime(2000, 12, 1) for a different result }; DateTime currentDate = DateTime.Now; bool isEligibleDate = currentDate >= informationRequestDto.StartTime || currentDate <= informationRequestDto.EndTime; var auth = int.Parse(context.HttpContext.Request.Headers["auth"][0]); if (auth != (int)ApprovalStatus.Approved || !isEligibleDate) { context.Result = new JsonResult( new { Message = "You do not have permissions/The admin doesn't yet approve your request/requests", RequestsIds = new[] { 1, 4, 7 }, // assume from the database, after checking.. }); } }
public void OnActionExecuted(ActionExecutedContext context) { // Do something after the action executes. // assume from the database: Models.InformationRequestDto informationRequestDto = new Models.InformationRequestDto() { AccessLevel = Enumerations.AccessLevel.Unknown, StartTime = new DateTime(2000, 1, 1), EndTime = new DateTime(2000, 12, 1), //or new DateTime(3000, 12, 1) for a different result }; var myResult = (OkObjectResult)context.Result; var doctorDtoList = (IEnumerable <DoctorDto>)myResult.Value; var network = int.Parse(context.HttpContext.Request.Headers["network"][0]); if (network == (int)NetworkType.Internal && informationRequestDto.AccessLevel != AccessLevel.Redacted) { foreach (var doctor in doctorDtoList) { doctor.DoctorName = "Redacted"; } } }