Esempio n. 1
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (!base.AuthorizeCore(httpContext))
            {
                return(false);
            }

            LoginUser login_user = httpContext.Session[Constants.SSKEY_LOGIN_USER] as LoginUser;

            if (login_user == null || !login_user.IsStaff())
            {
                throw new HttpException(403, "Forbidden.");
            }

            return(true);
        }