public override void OnActionExecuting(ActionExecutingContext filterContext) { string ctrller = ""; string act = ""; string searchValue = ""; TaskModelDAL tmDal = new TaskModelDAL(); //UserModelDAL umDal = null; zdkMembershipProvider mp = new zdkMembershipProvider(); zdkUserModel zdkUser; zdkUser = (zdkUserModel)mp.GetUser(filterContext.HttpContext.User.Identity.Name, true); ctrller = filterContext.HttpContext.Request.RequestContext.RouteData.Values["Controller"].ToString(); act = filterContext.HttpContext.Request.RequestContext.RouteData.Values["Action"].ToString(); if (null != zdkUser.User) { zdkUser.Tasks = tmDal.GetByUserId(zdkUser.User.UserId); } //check to see if user has access to this controller searchValue = ctrller + "/" + act; TaskModel wt; wt = (from w in zdkUser.Tasks where w.Controller == ctrller & w.Action == act select w).FirstOrDefault(); if (null == wt) { filterContext.HttpContext.Response.Redirect("/Home/NotAuthorized", true); } }
public override bool ValidateUser(string username, string password) { UserModel currentUser = default(UserModel); zdkMembershipProvider zdkmp = new zdkMembershipProvider(); string encPassword = zdkmp.EncryptPassword(password); UserModelDAL umd = new UserModelDAL(); //to set password for testing ////UserModel eraseMe = new UserModel(); ////eraseMe.Password = encPassword; //umd.Update(eraseMe); currentUser = umd.GetByUserName(username);// userRep.GetByUserName(username); if (currentUser != null) { if ((currentUser.Password == encPassword) && (true == currentUser.IsActive)) //password) { return(true); } else { return(false); } } else { return(false); } }