public static bool hasAccess(IPrincipal user, string action, string controller) { PapayaEntities db = new PapayaEntities(); if (user.Identity.Name.Equals("papaya")) { return(true); } else { int groupId = (user.Identity is FormsIdentity) ? int.Parse(((FormsIdentity)user.Identity).Ticket.UserData) : 0; rs_useracl acl = db.rs_useracl.FirstOrDefault(e => e.GroupId == groupId && e.rs_action.Name == action && e.FlagActive == true && e.rs_action.rs_module.Controller == controller); if (acl == null) { return(false); } else { return(true); } } }
public ActionResult Manage(FormCollection fc) { if (AclHelper.hasAccess(User, currentAction, currentController)) { int group_id = Convert.ToInt32(fc["group_id"]); List <int> user_acl = db.rs_useracl.Where(e => e.GroupId == group_id).Select(e => e.UserAclId).ToList(); foreach (var x in user_acl) { rs_useracl deleted = db.rs_useracl.Where(e => e.UserAclId == x).SingleOrDefault(); db.rs_useracl.Remove(deleted); } if (fc["input"] != null) { string[] action_ids = fc["input"].Split(','); foreach (string action_id in action_ids) { rs_useracl rs_useracl = new rs_useracl(); rs_useracl.GroupId = group_id; rs_useracl.ActionId = Convert.ToInt32(action_id); rs_useracl.FlagActive = true; rs_useracl.DateEntry = DateTime.Now; rs_useracl.UserEntry = User.Identity.Name; db.rs_useracl.Add(rs_useracl); } } db.SaveChanges(); TempData["Notification"] = NotificationHelper.Inform("ACL has been set for Group ID : " + group_id); return(RedirectToAction("Index")); } else { return(RedirectToAction("NotAuthenticated", "Home")); } }