public override void OnAuthorization(AuthorizationContext filterContext) { var CurrentUser = HttpContext.Current.User; if (CurrentUser != null && CurrentUser.Identity != null && filterContext.HttpContext.Request.IsAuthenticated) { if (HttpContext.Current.Session["CurrentUser"] != null) { Authentication auth = new Authentication(); auth.UserContext = (UserModel)HttpContext.Current.Session["CurrentUser"]; if (!string.IsNullOrEmpty(Permissions)) { if (CurrentUser != null) { EnumHelper.Role userRole = (EnumHelper.Role) int.Parse(auth.UserContext.RoleId.ToString()); string[] permissionList = Permissions.Replace(" ", "").Split(','); var isValidated = false; foreach (var permission in permissionList) { if (permission == userRole.ToString()) { isValidated = true; break; } } if (!isValidated) { filterContext.Controller.TempData["ErrorMessage"] = "Unauthorized Access."; filterContext.Result = new RedirectResult("~/Account/Login"); } } } auth.Identity = HttpContext.Current.User.Identity; HttpContext.Current.User = auth; } else { if (!filterContext.HttpContext.Request.IsAjaxRequest()) { FormsAuthentication.SignOut(); filterContext.Controller.TempData["WarningMessage"] = "Your Login Expired"; filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "Controller", "Account" }, { "Action", "Login" } }); } else { filterContext.Controller.TempData["WarningMessage"] = "Your Login Expired"; filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "Controller", "Account" }, { "Action", "Login" } }); } } } else { FormsAuthentication.SignOut(); filterContext.Controller.TempData["WarningMessage"] = "Your Login Expired"; if (filterContext.HttpContext.Request.IsAjaxRequest()) { HttpContext.Current.Response.StatusCode = 401; HttpContext.Current.Response.StatusDescription = "Authentication required"; HttpContext.Current.Response.SuppressFormsAuthenticationRedirect = true; filterContext.Result = new JsonResult { Data = new { Code = "888", message = "logOut" }, JsonRequestBehavior = JsonRequestBehavior.AllowGet }; } else { filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary { { "Controller", "Account" }, { "Action", "Login" } }); } } }
public List <ProjectModel> GetProjectsToAssign(int userPfid, int loggedinUserPfid, EnumHelper.Role loggedinUserRole) { log.Debug(MethodHelper.GetCurrentMethodName() + " Method execution start."); List <ProjectModel> projectList = new List <ProjectModel>(); try { using (UserDB userDB = new UserDB()) { // Projects already assigned to user. List <ProjectMappingModel> projectsAssigned = userDB.GetProjectMappingByUser(userPfid); // Projects owned by current loggedin user. List <ProjectModel> projectsOwned; // If loggedin user is superadmin, get all projects else get only assigned projects. if (loggedinUserRole == EnumHelper.Role.SuperAdmin) { projectsOwned = userDB.GetAllProjects().Where(p => p.IsActive == 1).ToList(); } else { projectsOwned = userDB.GetProjectsByUser(loggedinUserPfid).Where(p => p.IsActive == 1).ToList(); } foreach (var projectOwned in projectsOwned) { // Only select those projects which are not yet assigned to the user. bool isAlreadyAssigned = projectsAssigned.FirstOrDefault(p => p.ProjectId == projectOwned.Id) != null; if (!isAlreadyAssigned) { projectList.Add(projectOwned); } } return(projectList); } } catch (Exception exception) { errorLog.Fatal("Exception " + exception.Message + "\n" + exception.StackTrace); throw; } finally { log.Debug(MethodHelper.GetCurrentMethodName() + " Method execution end."); } }