public static bool HasRole(this ControllerBase controller, string role)
{
bool bFound = false;
try
{
//Check if the requesting user has the specified role...
bFound = new FASMUser(HttpContext.Current.Session["user"].ToString()).HasRole(role);
}
catch { }
return(bFound);
}
public static bool HasPermission(this ControllerBase controller, string permission)
{
bool bFound = false;
try
{
//Check if the requesting user has the specified application permission...
bFound = new FASMUser(HttpContext.Current.Session["user"].ToString()).HasPermission(permission);
}
catch { }
return(bFound);
}
public static bool IsSysAdmin(this ControllerBase controller)
{
bool bIsSysAdmin = false;
try
{
//Check if the requesting user has the System Administrator privilege...
bIsSysAdmin = new FASMUser(HttpContext.Current.Session["user"].ToString()).IsSysAdmin;
}
catch { }
return(bIsSysAdmin);
}
public static bool HasRoles(this ControllerBase controller, string roles)
{
bool bFound = false;
try
{
//Check if the requesting user has any of the specified roles...
//Make sure you separate the roles using ; (ie "Sales Manager;Sales Operator"
bFound = new FASMUser(HttpContext.Current.Session["user"].ToString()).HasRoles(roles);
}
catch { }
return(bFound);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
bool skipAuthorization = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true);
if (skipAuthorization)
{
return;
}
//if (filterContext.HttpContext.Request.IsAjaxRequest())
//{
// if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
// {
// filterContext.HttpContext.Response.StatusCode = 401;
// filterContext.Result = new HttpStatusCodeResult(401, "Please login to continue");
// filterContext.HttpContext.Response.End();
// //FormsAuthentication.SignOut();
// }
//}
if (HttpContext.Current.Session["user"] == null)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary {
{ "action", "Login" }, { "controller", "Accounts" }
});
}
else
{
//Create permission string based on the requested controller name and action name in the format 'controllername-action'
string requiredPermission = String.Format("{0}-{1}", filterContext.ActionDescriptor.ControllerDescriptor.ControllerName, filterContext.ActionDescriptor.ActionName);
//Create an instance of our custom user authorization object passing requesting user's 'Windows Username' into constructor
FASMUser requestingUser = new FASMUser(HttpContext.Current.Session["user"].ToString());
//Check if the requesting user has the permission to run the controller's action
if (!(requestingUser.HasPermission(requiredPermission))) //& !requestingUser.IsSysAdmin
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary {
{ "action", "Index" }, { "controller", "Unauthorized" }
});
}
//If the user has the permission to run the controller's action, then filterContext.Result will be uninitialized and
//executing the controller's action is dependant on whether filterContext.Result is uninitialized.
}
}
