protected override bool AuthorizeCore(HttpContextBase httpContext)
{
bool retVal = base.AuthorizeCore(httpContext);
if (!retVal)
{
var maNhaThuoc = nhaThuoc.MaNhaThuoc;
if (!string.IsNullOrEmpty(maNhaThuoc))
{
var id = (httpContext.Request.RequestContext.RouteData.Values["id"] as string)
?? (httpContext.Request["id"] as string);
int maPhieuNhap = 0;
int.TryParse(id, out maPhieuNhap);
retVal = FunctionsService.AuthorizeInputBill(WebSecurity.GetCurrentUserId, maNhaThuoc, maPhieuNhap);
}
}
return(retVal);
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
//Get the current claims principal
var prinicpal = (ClaimsPrincipal)Thread.CurrentPrincipal;
//Make sure they are authenticated
if (!prinicpal.Identity.IsAuthenticated)
{
return(false);
}
//allows if SuperUser.
if (prinicpal.IsInRole(Constants.Security.Roles.SuperUser.Value))
{
return(true);
}
//var roles = prinicpal.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToArray();
//Check if they are authorized
return(FunctionsService.Authorize(controller, action, nhaThuoc, checkRoles));
}
