private void SetAuthentications(EmployeesExperiencesViewModel VM) { AuthenticationResult Authentication = (AuthenticationResult)Session["Authentication"]; if (Authentication != null && Authentication.User != null && Authentication.User.IsAdmin) { VM.HasCreatingAccess = VM.HasDeletingAccess = VM.HasUpdatingAccess = true; } else { GroupsObjects Privilage = Authentication.Privilages.FirstOrDefault(e => e.Object.ObjectID == (int)ObjectsEnum.EmployeesExperiencesManage); if (Privilage != null) { VM.HasCreatingAccess = Privilage.Creating; VM.HasDeletingAccess = Privilage.Deleting; VM.HasUpdatingAccess = Privilage.Updating; } else { VM.HasCreatingAccess = VM.HasDeletingAccess = VM.HasUpdatingAccess = false; } } }
public List <VacationsActionsBLL> GetVacationsActions(AuthenticationResult Authentication) { try { List <VacationsActions> VacationsActionsList = new VacationsActionsDAL().GetVacationsActions(); List <VacationsActionsBLL> VacationsActionsBLLList = new List <VacationsActionsBLL>(); if (Authentication != null && Authentication.User != null && Authentication.User.IsAdmin) { foreach (var item in VacationsActionsList) { VacationsActionsBLLList.Add(new VacationsActionsBLL() { VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName }); } } else { foreach (var item in VacationsActionsList) { GroupsObjects Privilage = Authentication.Privilages.FirstOrDefault(e => e.Object.ObjectID == (int)ObjectsEnum.HCMVacations); if (Privilage != null) { if (Privilage.Creating && item.VacationActionID == (int)VacationsActionsEnum.Add) { VacationsActionsBLLList.Add(new VacationsActionsBLL() { VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName }); } else if (Privilage.Updating && (item.VacationActionID == (int)VacationsActionsEnum.Extend || item.VacationActionID == (int)VacationsActionsEnum.Break)) { VacationsActionsBLLList.Add(new VacationsActionsBLL() { VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName }); } else if (Privilage.Deleting && item.VacationActionID == (int)VacationsActionsEnum.Cancel) { VacationsActionsBLLList.Add(new VacationsActionsBLL() { VacationActionID = item.VacationActionID, VacationActionName = item.VacationActionName }); } } } } return(VacationsActionsBLLList); } catch (Exception) { throw; } }
public bool IsCreatePermission(string URL) { AuthenticationResult AuthenticationResult = (AuthenticationResult)System.Web.HttpContext.Current.Session["Authentication"]; if (AuthenticationResult.User.IsAdmin) { return(true); } string ControllerName = UIUtilities.GetControllerName(URL); string ActionName = UIUtilities.GetActionName(URL); GroupsObjects Privilage = AuthenticationResult.Privilages.FirstOrDefault(p => p.Object.ObjectURL.Equals("/" + ControllerName + "/" + ActionName)); if (Privilage != null) { return(Privilage.Creating); } return(false); }
//protected override bool AuthorizeCore(HttpContextBase httpContext) //{ //if (System.Web.HttpContext.Current.Session["UserID"] != null) // return IsAuthorize = true; //else // return IsAuthorize = false; //return base.AuthorizeCore(httpContext); //} /* * Old Code * * public override void OnAuthorization(AuthorizationContext filterContext) * { * if (System.Web.HttpContext.Current.Session["UserID"] == null) * { * RedirectToLogin(filterContext); * } * else * { * string ControllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; * string ActionName = filterContext.ActionDescriptor.ActionName; * AuthenticationResult AuthenticationResult = (AuthenticationResult)System.Web.HttpContext.Current.Session["Authentication"]; * if (ControllerName.Equals("Account")) // no need to authorize this controller. * { * // to do something * } * else if (!AuthenticationResult.User.IsAdmin) * { * int flag = 0; //this is for checking if this page was assigned to his groups or not * if (AuthenticationResult.Groups.Count > 0) // may be the user has authentication but does not have authorization * { * GroupsObjects GroupObject = null; * foreach (var item in AuthenticationResult.Groups) * { * if (!ActionName.Equals("Index") && !ActionName.Equals("Edit") && !ActionName.Equals("Delete") && !ActionName.Equals("Create") && !ActionName.Equals("Details")) * { * GroupObject = item.Group.Objects.SingleOrDefault(x => x.Object.ObjectURL.Equals("/" + ControllerName + "/" + ActionName)); * if (GroupObject != null) * { * flag = 0; * break; * } * else * flag += 1; * } * else * { * GroupObject = item.Group.Objects.FirstOrDefault(x => x.Object.ObjectURL.Equals("/" + ControllerName + "/Index")); * if (GroupObject != null) * { * if (ActionName.Equals("Index") || ActionName.Equals("Details")) // that is mean if the user has privilage on index , directly he has privilage on details also * { * if (GroupObject.Reading.Equals(false)) * RedirectToNotAuthorized(filterContext); * else * { * flag = 0; * break; * } * } * else if (ActionName.Equals("Edit")) * { * if (GroupObject.Updating.Equals(false)) * RedirectToNotAuthorized(filterContext); * else * { * flag = 0; * break; * } * } * else if (ActionName.Equals("Delete")) * { * if (GroupObject.Deleting.Equals(false)) * RedirectToNotAuthorized(filterContext); * else * { * flag = 0; * break; * } * } * else if (ActionName.Equals("Create")) * { * if (GroupObject.Creating.Equals(false)) * RedirectToNotAuthorized(filterContext); * else * { * flag = 0; * break; * } * } * else * RedirectToNotAuthorized(filterContext); * } * else * flag += 1; * } * } * } * else // that is mean the user does not have authorization * RedirectToNotAuthorized(filterContext); * * * if (flag > 0) // that's mean that this page was not assigned to his groups * RedirectToNotAuthorized(filterContext); * } * } * * // base.OnAuthorization(filterContext); * } * */ public override void OnAuthorization(AuthorizationContext filterContext) { if (System.Web.HttpContext.Current.Session["UserID"] == null || System.Web.HttpContext.Current.Session["UserID"].ToString() == "0") { RedirectToLogin(filterContext); } else { string ControllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; string ActionName = filterContext.ActionDescriptor.ActionName; AuthenticationResult AuthenticationResult = (AuthenticationResult)System.Web.HttpContext.Current.Session["Authentication"]; if (ControllerName.Equals("Account")) // no need to authorize this controller. { // to do something } else if (!AuthenticationResult.User.IsAdmin) { if (AuthenticationResult.Groups.Count > 0) // may be the user has authentication but does not have authorization { if (!ActionName.Equals("Index") && !ActionName.Equals("Edit") && !ActionName.Equals("Delete") && !ActionName.Equals("Create") && !ActionName.Equals("Details")) { GroupsObjects Privilage = AuthenticationResult.Privilages.FirstOrDefault(p => p.Object.ObjectURL.Equals("/" + ControllerName + "/" + ActionName)); if (Privilage != null) { // He has a permission } else { RedirectToNotAuthorized(filterContext); } } else { GroupsObjects Privilage = AuthenticationResult.Privilages.FirstOrDefault(p => p.Object.ObjectURL.Equals("/" + ControllerName + "/Index")); if (Privilage != null) { if (ActionName.Equals("Index") || ActionName.Equals("Details")) // that is mean if the user has privilage on index , directly he has privilage on details also { if (Privilage.Reading.Equals(false)) { RedirectToNotAuthorized(filterContext); } else { // He has a permission } } else if (ActionName.Equals("Edit")) { if (Privilage.Updating.Equals(false)) { RedirectToNotAuthorized(filterContext); } else { // He has a permission } } else if (ActionName.Equals("Delete")) { if (Privilage.Deleting.Equals(false)) { RedirectToNotAuthorized(filterContext); } else { // He has a permission } } else if (ActionName.Equals("Create")) { if (Privilage.Creating.Equals(false)) { RedirectToNotAuthorized(filterContext); } else { // He has a permission } } else { RedirectToNotAuthorized(filterContext); } } else { RedirectToNotAuthorized(filterContext); } } //} } else // that is mean the user does not have authorization { RedirectToNotAuthorized(filterContext); } } } // base.OnAuthorization(filterContext); }