public void OnAuthorization(AuthorizationFilterContext context)
{
var userId = int.Parse(context.HttpContext.Request.Headers["userId"][0]);
// assume from the database for user with [userId]:
Models.InformationRequestDto informationRequestDto = new Models.InformationRequestDto()
{
AccessLevel = Enumerations.AccessLevel.Unknown,
StartTime = new DateTime(2000, 1, 1),
EndTime = new DateTime(3000, 12, 1), //or new DateTime(2000, 12, 1) for a different result
};
DateTime currentDate = DateTime.Now;
bool isEligibleDate = currentDate >= informationRequestDto.StartTime || currentDate <= informationRequestDto.EndTime;
var auth = int.Parse(context.HttpContext.Request.Headers["auth"][0]);
if (auth != (int)ApprovalStatus.Approved || !isEligibleDate)
{
context.Result = new JsonResult(
new
{
Message = "You do not have permissions/The admin doesn't yet approve your request/requests",
RequestsIds = new[] { 1, 4, 7 }, // assume from the database, after checking..
});
}
}
public void OnActionExecuted(ActionExecutedContext context)
{
// Do something after the action executes.
// assume from the database:
Models.InformationRequestDto informationRequestDto = new Models.InformationRequestDto()
{
AccessLevel = Enumerations.AccessLevel.Unknown,
StartTime = new DateTime(2000, 1, 1),
EndTime = new DateTime(2000, 12, 1), //or new DateTime(3000, 12, 1) for a different result
};
var myResult = (OkObjectResult)context.Result;
var doctorDtoList = (IEnumerable <DoctorDto>)myResult.Value;
var network = int.Parse(context.HttpContext.Request.Headers["network"][0]);
if (network == (int)NetworkType.Internal && informationRequestDto.AccessLevel != AccessLevel.Redacted)
{
foreach (var doctor in doctorDtoList)
{
doctor.DoctorName = "Redacted";
}
}
}
