public void DoWork() { if (PermissionManager.Can(user, "Permission1") != true) { throw new NotAllowedException(); } // do work }
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) { var can = PermissionManager.Can(httpContext.User, permission, group); if (can.HasValue) { return(can.Value); } return(base.AuthorizeCore(httpContext)); }