protected override void Initialize(System.Web.Routing.RequestContext requestContext) { string ctrller = ""; base.Initialize(requestContext); zdkUser = (zdkUserModel)mp.GetUser(requestContext.HttpContext.User.Identity.Name, true); ctrller = requestContext.HttpContext.Request.RequestContext.RouteData.Values["Controller"].ToString(); //check for condition -- restricted to appropriate area switch (zdkUser.User.UserName) { case "fred": if ("Lock" != ctrller) { requestContext.HttpContext.Response.Redirect("/Home/NotAuthorized", true); } break; default: //internal user, restricted only by task break; } TaskModelDAL tmDal = new TaskModelDAL(); zdkUser.Tasks = tmDal.GetByUserId(zdkUser.User.UserId); ViewBag.HeaderToday = System.DateTime.Now.ToShortDateString(); ViewBag.zdkUser = zdkUser; }
public override void OnActionExecuting(ActionExecutingContext filterContext) { string ctrller = ""; string act = ""; string searchValue = ""; TaskModelDAL tmDal = new TaskModelDAL(); //UserModelDAL umDal = null; zdkMembershipProvider mp = new zdkMembershipProvider(); zdkUserModel zdkUser; zdkUser = (zdkUserModel)mp.GetUser(filterContext.HttpContext.User.Identity.Name, true); ctrller = filterContext.HttpContext.Request.RequestContext.RouteData.Values["Controller"].ToString(); act = filterContext.HttpContext.Request.RequestContext.RouteData.Values["Action"].ToString(); if (null != zdkUser.User) { zdkUser.Tasks = tmDal.GetByUserId(zdkUser.User.UserId); } //check to see if user has access to this controller searchValue = ctrller + "/" + act; TaskModel wt; wt = (from w in zdkUser.Tasks where w.Controller == ctrller & w.Action == act select w).FirstOrDefault(); if (null == wt) { filterContext.HttpContext.Response.Redirect("/Home/NotAuthorized", true); } }