public ActionResult Permissions(long id)
{
var user = _service.UserRepository.Asset(id).Include(x => x.OperatorInfo).FirstOrDefault();
var p = _service.GetOperatorPermissions(id);
ViewBag.LayoutMenuList = OptPermission.LayoutMenu(Url).WhereNested(x => !x.Execlude);
ViewBag.Operator = user;
var model = Mapper.Map <List <MenuPermissionViewModel> >(p);
return(View(model));
}
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (!filterContext.HttpContext.Request.IsAjaxRequest())
{
var requestInfo = _userService.RequestInfo;
var allMenus = OptPermission.LayoutMenu(Url).WhereNested(x => !x.Hide);
var allowedMenus = allMenus;
if (requestInfo.IsOperator)
{
var permissions = GetOperatorPermissions(requestInfo.UserId);
var menuPermissions = permissions.Select(x => x.MenuId);
ViewBag.OperatorPermission = permissions;
allowedMenus = allMenus.WhereNested(x => menuPermissions.Contains(x.Key) || x.Execlude).ToList();
}
ViewBag.AllowedMenus = allowedMenus;
}
ViewBag.RequestInfo = _userService.RequestInfo;
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var requestInfo = _userService.RequestInfo;
if (!requestInfo.IsOperator || AttributeHelper.Has <IgnorePermissionAttribute>(filterContext))
{
base.OnActionExecuting(filterContext);
return;
}
var baseUrl = filterContext.GetBaseUrl().Url.ToLower();
var urlHelper = new UrlHelper(filterContext.RequestContext);
//Get all url that limited as permission.
var allMenus = OptPermission.LayoutMenu(urlHelper);
//Detect if request url was limited by permission or not.
var menu = allMenus.FirstNested(x => x.HasUrl(baseUrl));
var passed = true;
if (menu != null)
{
//Get operator permission.
var menuPermissions = GetOperatorPermission(requestInfo.UserId);
//Find Menu with same key.
var letMe = menuPermissions.FirstOrDefault(x => x.MenuId == menu.Key);
if (letMe == null)
{
passed = false;
}
else
{
if (menu.EditUrl.Eq(baseUrl) && (menu.EditUrl.Eq(menu.AddUrl) || IsUpdate(filterContext)) && !letMe.Edit ||
menu.AddUrl.Eq(baseUrl) && !letMe.Add ||
menu.DeleteUrl.Eq(baseUrl) && !letMe.Delete)
{
passed = false;
}
}
}
//Check operator has permission.
if (passed)
{
base.OnActionExecuting(filterContext);
}
else
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new JsonResult
{
Data = new AjaxResult("شما دسترسی لازم جهت انجام این عملیات را ندارید."),
JsonRequestBehavior = JsonRequestBehavior.AllowGet
}
}
;
else
{
filterContext.RouteData.Values["controller"] = "Home";
filterContext.RouteData.Values["action"] = "Index";
filterContext.Controller.TempData["Msg"] = "شما دسترسی لازم جهت انجام این عملیات را ندارید";
filterContext.Controller.ViewData.Model = new DashboardViewModel();
}
}
}
